Indeed, I would like to see the log from Blacklight, but that may not be necessary - I think I have enough information to try to work up a fix for you. The main reason I wanted you to run those last two scans was to verify the presence of the rootkit driver on your system and the ISeeYou log shows it:

CHECKING RECENTLY ADDED DRIVERS:
--------------------------------------------------------------------------

C:\WINDOWS\system32\drivers
12/12/2006 05:28 PM 29,184 wsfit32.sys

Also, if you are interested, this blog details the removal procedure we will attempt (at least I think it does - I don't read Chinese )
http://blog.yesky.com/41/storm_L/1595041.shtml
I do see that they used a tool similar to Blacklight called IceSword - You may want to try that scan and post the results, but I'm just going to go with a "blanket fix" that targets all known components of this baddie, so further scans aren't really necessary.

I will put together something similar for you - Hopefully by tonight (EST).

Quote Originally Posted by greenfish View Post
Again, I really appreciate of your help. If the information I provided is still not enought for you to figure out where the problem is, that's fine. Maybe I should reinstall the whole system in my computer.
Normally, a clean install is what I would recommend in cases where rootkits are involved! Because of their nature, it is often impossible to verify whether all components have been removed.
But, no harm in trying to clean it first!

I'll post a fix as soon as I get home this evening.

Cheers
PP