Virus and malware? Having trouble removing anything

[breez]

Hello - I allowed my 13 year old sister to use my computer, and now it is completely infected with a tonne of things. When I start in normal mode, 90% of the time my computer BSOD's, and the other 10% I get into windows for about 3 minutes before crashing.

I am thankfully able to boot in Safe Mode.

I have read many threads so far, but I am completely stuck. I've tried doing the 8-step malware program, but I get stuck because some programs won't open!

I've downloaded AVG anti-virus and managed to run it, and it actually ran and found a few viruses. I have downloaded and ran CCleaner, which worked fine. However, I cannot get Avira Anti-Virus, MalwareBytes, SuperAntiSpyware, ComboFix, or SDFix to run at all. I get a little hourglass and then nothing. Also, my System restore is completely turned off (and my computer crashees if I try to turn it back on).

I am really stuck as to what I should do, I have run HijackThis and I have a log th at I will attach, hopefully someone can help me.

Thanks.

 

[touch]

Hello breez

Remove BitComet from add/remove programs, in controlpanel.

Download the Norton Removal Tool (SymNRT) to your Desktop.
Norton Removal Tool
Once downloaded please close ALL open browsers, also save any work because this may require a restart.

Go to your desktop and double click on the removal tool and then click Setup.
Once open Click Next
Accept the license agreement and click Next
Type in the letters/numbers that you see into the text box then click Next.
Then click Next and the tool will start running.
Once finished restart the PC and run the tool again to ensure everything has been removed.

Delete Nortonremoval tool from your Desktop.

Please download OTCleanIt.exe
Save it to desktop.
Double-click OTCleanIt.exe. Click CleanUp. Say Yes to the "Begin cleanup Process?"
When asked if you want to proceed with the cleanup process, click Yes. Restart your computer when prompted.

Then attach new hijackthis log, and tell if there are any improvements ?

 

[breez]

Hello - I removed BitComet from my computer. I downloaded and ran the Norton removal tool - and I have also ran the "CleanIt" program.

I will attach the new log.

Thanks so much for your help - this is my work computer, and my boss might just kill me!

 

[touch]

Ok.

Please download combofix here ->
ComboFix
Before Saving it to Desktop, please rename it to 123.com to stop malware from disabling it.

Now, please make sure no other programs are running, close all other windows.

Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall.
It may take a while to complete scanning and this is normal.

You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after
scanning has completed.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post

 

[breez]

Ok, i'm actually booted up without safemode! Woo! I think my computer did a Chkdisc or something similar in the midst of booting up after ComboFix ran the first time, and it gave me a log upon boot up which I will attach along with the ComboFix log.

Thanks so much so far

 

[touch]

That´s good news

Open notepad and copy/paste the text in the quotebox below into it:
Name the file as CFScript
and Save it on the desktop

Killall::
Snapshot::
File::
c:\windows\system32\net.net
c:\windows\system32\VundoFixSVC.exe
c:\windows\TEMP\TMP0000004A7D72CBD8385F7970 524288
Driver::
VundoFixSvc
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"net"=-

http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif

Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall