Hello all. I am a newbie who needs help. My have an ACER 4420-5963 running XP sp3. Yesterday my wife opened IE (default page is www.titantv.com) and was hit with a virus. AVAST said it was N.EXN and Win32-Rootkit-gen. After spending all day yesterday on your sight I was successful in removing (I thought) everything. Last night I had no problems surfing the net. This morning I opened IE (default page is www.titantv.com). When I went to change the schedule time on the titantv sight the AVAST alarm went off with N.EXN again. I immediately took precautions following the 8 steps again. I have the laptop running again. However before opening IE again I'd like someone to look at the logs and tell me if there are pieces of N.EXN left on the system. I did some research this morning and found the N.EXN can use IE vulnerabilities to launch. Or is there something going on between titantv.com and my PC that is getting compromised. Anyway I appreciate a sight like this being willing to help. Thanks There are two mbam logs. The first one (11-34-32) I ran in safe mode and the other in normal mode.