Cant run Malware remover or virus protection and system restore!!!! INFECTED HELP!!!

[michaelmmqz]

I have a HP mini 110-1150NR with 2gig ram and 1.60mhz processor. The OS is Xp home edition 32bit. It started when I have always had the virus protection AVG and a few weeks ago a friend told me to try Norton 360 cause it has always been good for his computers. Well I download a trial version and erased my AVG and what a mistake that was!! After my trial was over instead of it still protecting my computer it just made my computer very vulnerable and when I went to download a new virus protection (which was AVAST) I had to restart my computer for changes to be made and when I did that I was infected with a hellasious virus and I am stressed out and frustrated cause I have been trying to get help for 3 days now and have not received any help!! I have spent over 30hrs on researching the problem and I am to afraid to do anything without the professional help of someone that knows what they are doing. I cant run any malware scans, virus scans, system restores, and some of my documents. When my computer starts up I get a .dll error and when I run my system restore it says "system restore will not protect you computer and to restart and try again". I have done that in safe mode and regular and nothing happens and I get the same error message. I cant install microsoft security essentials and anyother security softwares. When I pull up my task manager all of my processes have an .exe behind them and some things are on there I have never really noticed. There are schost.exe and a few of them running. I know some about computers and I have no clue about stuff like this. I have ran tdskiller and rkill and combofix and will attach the logs for someone to review and help me!! I really hope that this forum I can finally get someone to help me solve this problem and get my computer running the way it should. I also do not have a recovery disc for this computer, cause it never came with one. My computer only has usb ports and no disc drive. PLEASE CONTACT ME ASAP so I can quite stressing about this situation every day and every hour. Thank you for reading my post and I will be more then thankful for the help!!!http://b.tsgstatic.com/smilies/confused.gifhttp://b.tsgstatic.com/smilies/confused.gifhttp://b.tsgstatic.com/smilies/confused.gifhttp://b.tsgstatic.com/smilies/mad.gifhttp://b.tsgstatic.com/smilies/mad.gif[ATTACH]592.vB5-legacyid=1270[/ATTACH][ATTACH]593.vB5-legacyid=1271[/ATTACH]

ComboFix.txt

TDSSKiller.2.6.14.0_29.10.2011_00.09.32_log.txt

[KenB]

Hi Michael and welcome to ExTS

 

One of our security experts will get to you soon.

Please be a little patient as they are very busy people.

[etavares]

Hello, michaelmmqz.

My name is etavares and I will be helping you with this log.

 

 

Here are some guidelines to ensure we are able to get your machine back under your control.

 

 

• Please do not run any unsupervised scans, fixes, etc. We can work against each other and end up in a worse place.
  
• Please subscribe to this topic if you have not already done so. Please check back just in case, as the email system can fail at times.
  
• Just because your machine is running better does not mean it is completely cleaned. Please wait for the 'all clear' from me to say when we are done.
  
• Please reply within 3 days to be fair to other people asking for help.
  
• When in doubt, please stop and ask first. There's no harm in asking questions!
  

 

 

 

 

 

 

Step 1

 

 

 

 

First, please provide as much specifics as possible.:

 

 

When my computer starts up I get a .dll error

 

 

What exactly does it say? What dll file?

 

 

when I did that I was infected with a hellasious virus

 

 

Do you know what virus? What were the symptoms? Did you antivirus detect it? That will change how we approach it.

 

 

 

 

Also, I see you have posted at Tech Support and the MBAM forums. If they reply, please let them know you are already getting help and can close the thread. The worst thing that can happen is that multiple helpers are giving you different instructions...it can create havoc.

 

 

I see that TDSSKiller quarantined a lot of files...they do appear to be legitimate. Do you have a Windows CD? THat will make our lives much easier.

 

 

 

 

 

 

 

 

 

 

Step 2

 

 

 

 

Let's see if we can get these two scans to work.

 

 

We need to create an OTL report,

• Please download OTL from this link.
  
• (If that link doesn't work, try this alternate link
  
• Save it to your desktop.
  
• Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/OTL/otlDesktopIcon.png icon on your desktop.
  
• Click the "Scan All Users" checkbox.
  
• Select "Use Safelist" under "Extra Registry"
  
• Under the Custom Scan box paste this in:
  
  netsvcs
  msconfig
  %SYSTEMDRIVE%\*.*
  %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.sys /90
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job /lockedfiles
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\system32\*.exe /lockedfiles
  %systemroot%\System32\config\*.sav
  %PROGRAMFILES%\*
  %USERPROFILE%\..|smtmp;true;true;true /FP
  HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
  hklm\software\clients\startmenuinternet|command /rs
  hklm\software\clients\startmenuinternet|command /64 /rs
  CREATERESTOREPOINT
   
   
   
   
  
• Click the Quick Scan button.
  
• The scan should take a few minutes.
  
• Please copy and paste both logs in your reply. If they are too big to paste in one reply, please split them into separate posts.
  

 

 

 

 

 

 

Step 3

 

 

Please download aswMBR ( 511KB ) to your desktop.

• Double click the aswMBR.exe icon to run it
  
• It gives you the option to add the latest Avast definitions and recommends you do so. Ignore it and click No as it may crash your system or hang up and we don't need that info.
  
• Click the Scan button to start the scan
  
• On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.
  

 

 

Note: aswMBR will save MBR.dat to your desktop. Do NOT delete it until I tell you your computer is clean. It is a backup of your MBR that we may need later.

 

 

etavares