Antivirus XP 08, Rootkit, Trojan.gaslide. PC infested.

there is nothing much just removing malware last thing he tried to run was combofix. But he could not run it so he rebooted and the loops started to happen first thought was he corupted the reg but he cant even get into the recovery console so that points me to bad hardware

Yep

I'd say HardDrive
Best to backup (externally to another computer, mounted as a slave)
Then install Windows clean
Why?
Because this will eliminate Hardware

how do i backup using another computer?
also, i have an external hardrive i use for my laptop, not sure if that helps any, but i figured i should say it...

You need to physically remove your existing (possible faulty) HardDrive
Then go to a Desktop computer
Unplug the Slave ( being the CD/DVD drive)
Plug in your HardDrive

Boot from the Desktop normally
But in "My Computer" the Desktop will now have 2 Drives (C drive, and yours)
You can then "back up" your drive

do i have to worry about the hardrive giving the other computer any of the malware that infected the first one?
also, can i just reinstall windows without backing it up? i realize i would lose everything stored on the hd, but i might be able to convince my father (its his pc) to do it....i don't think he had anything vital on it, he just wanted to avoid the hassle...

yes you can just reinstall windows at this point it would be the best and easiest way. Use your system recovery disc

reinstalled windows, and everything appears fine.
however, i downloaded spyware doctor, and it found 4 infections of trojan.virtumonde. ??????? how is that possible? shouldn't reinstalling have wiped everything clean?

also, what should i have on the pc to prevent this from happening again? he originally had AVG, and i now have spyware doctor, should i have something else?

should i download HJT and post a log? I have disconnected it from the internet since i ran the Spyware doctor scan and found the virtumonde. Is it possible that something was left behind when i reinstalled XP? I immediately downloaded all the windows/java updates i was told to, and the only sites i have gone to are the emachines page, because it was the default homepage, and pc tools.com to download Spyware doc....

You know how you "re-installed" Windows (from restore discs)

Was this a clean install (new formatted install)
Or just a repair install?

I can only think that you must have Trojans in the restore discs, or spyware doctor itself is giving false positives, or is in fact corrupted, itself.
Do you have extra drives installed, maybe?

i did the "destructive" install, using "emachines Microsoft Windows XP media center edition 2005 system recovery CD/DVD"
i had used the same disc on another identical pc before, about a year ago, with no problems...
i have none of the same symptoms, just 4 infections showed up in the scan. i scanned again, and found nothing. the 4 are currently quarantined.

what do you mean by extra drives installed?

Any extra Partitions (Hidden?) in My Computer
You can use Gparted live CD to see any hidden partitions

not exactly sure what this means, but this is what Gparted is showing me

partition filesystem size used unused flags

/dev/dha2 fat32 4.21GiB 3.21GiB 1016.36MiB

/dev/dha1 ntfs 182.1 GiB 7.28GiB 174.82GiB boot

Ah Huh!
We found a hidden partition! About 4 Gig in size

What's this other Partition? It's probably the small recovery partition for Windows (Xp or Vista?)

How do you access this partition?
Well usually there is a prompt (like F10) or something, when you turn on the computer. Selecting this prompt will allow you to restore your entire computer back to when it was delivered.
But...
If you format, or install Windows clean using a Windows CD, the prompt will also be removed (very annoying I know) mind you, it also contains Trojans!

Now what to do with this new found partition (I don't like removing them basically)
You could contact the computer manufacture support page, and actually get this prompt back (usually a small boot config program to load up)
But...
The Trojans!!!
And scanning it, may remove important system files from being restored one day
???
Thinking again

What are your thoughts on this?

so you're saying i cant just delete it? and if i access it, it releases the trojans?
great...
so was this partition already there, and the trojans infiltrated it? or did they actually create it?

Reboot safe mode pressing F8 in windows boot and scan with malwarebytes that you can find here http://www.besttechie.net/mbam/mbam-setup.exe

MBAM found absolutely nothing.

Well if you want to remove the Hidden Partition, that will be OK (using Gparted)
Basically, I thought, well if you have the discs anyway
I can't see how or if any Trojans got in there, but I also can't work out where they have come from, after a format
Removing the Hidden partition will not hurt your Main Drive or data or Windows or anything, but Backup first, just in case you remove the wrong one, or Windows stops booting (it is possible)

I deleted the partition, and everything seems fine.
Is there any way I can be sure that the PC is safe to use, or have i pretty much done that?
and thanks for helping me with this