Win2000 infected TOUGH BUG, please help

Hello,

I clicked a ((wrong)) forum link yesterday and immediately obvious virus infection occurred.

I'm running win2000 sp4. Norton Corp that apparently stopped updating. Forgive I don't use this machine much and was just preparing to install Avast on it...argh.

It's not letting me get far at all, denying access and ability to install SOS.exe. or other AV tools/progs, or update Adaware etc.
Denies access to Norton protect/recycle and system volume folders in safe mode. I have now uninstalled Norton btw, and this sys in not connected
I did manage to install/run CCleaner. I have current/updated Avast on another (clean) machine and ran a full drive scan on it via USB drive chassis.

Apologies for posting Avast findings below, I'm just not getting far on normal READ & RUN list. Possible you may be able to spot offending item I can get at to open the path to proceed. I notice in safe mode a process running dvldr32.exe that ought not be there I am sure.

Please if you have any recommendations, with many thanks!

Fishead

Avast Log attached

 

Hello again,

I did manage to push through on the READ & RUN ME FIRST list.
Below are my (appropriate) logs.
Many thanks in advance for your feedback!

Fishead

 

TimW,

Thanks for looking at logs and your help!
Attached a new MGTools log.

I tried to follow the instructions of your reply, but...
A. I could find none of the listed files to delete within WINNT\System32\ ..not one of them. Note: I ran the Avast scan from a separate system using a USB drive chassis, hence the E: drive letter.
B. I cannot find System Restore to toggle it...it seems to be missing/removed.

When I ran MGTools I had an error screen interrupt with the following message and would not continue until I clicked "ok":
The dynamic link library mscore.dll could not be found in specified path C;\MGTools;,C:\WINNT\System32,C:\WINNT\System32,C:\WINNT\System32,C:\WINNT\System32,C:\WINNT\System32\wbem:C:\PROGRA~1\COMMON~1|AUTODE~1.

As mentioned before, I see process dvldrv32.exe running and if I attempt to end process I get "access denied" message.

Also if I attempt to update AdAware definitions, it fails and displays:
Cannot connect to update server. Server Busy

Oh, almost forgot System Volume Information is also "Access Denied"

Hopeful you can ID culprit by some of these clues and details found in logs.

Many thanks for your help!
Fishead