ComboFix Wont run, Browser Hijacks, Slow Computer

Due to a very slow computer I recently did a reinstall of XP from my Acer Laptop Restore Disks. I did the same thing about a year ago and everything went well and computer speed was great. That restore was full of browser hijacks and the inability to update XP. I did another restore but with the same bad results. I have an Acer Travel Mate 290 laptop with a Pentium M 1,30ghz processor and 512 mb of ram, running Windows XP SP3 and IE7. (the system disks are SP2 and I had previously downloaded SP3 to use with this reinstall.
I am continually getting an error "Generic Host Process for Win32 Services had a problem and must close" The computer runs slowly and it seems that 100% of the cpu is being used with no special programs running. Ctrl, Alt, Del shows that Svchost for the system is using most of the memory and the cpu.
Since the reload of XP I have been unable to access the Windows Update site for updates and a little badge in my tray tells me that it is trying to download updates but nothing is ever downloaded. I am continually getting browser hijacks ending up on search sites I have never heard of or on porn sites I don't wish to visit. Pop-ups are also common from "freegivawayoffers.com" informing me of the $1000 I have won at
WalMart.
I have tried to follow your written instructions on your site but, SuoerAnti Spyware reports no problems, Malwarebytes finds nothing, and ComboFix informs me that my MBR is infected, runs for a while, performs no tests, produces no results and eventually freezes with no disk activity going on. I have waited up to 1.5 hrs for it to move along but nothing. I have had a similar freezing reaction from MGTools - program freezes but I did get a log from MGTools..
I do have logs from SAS, Malbytes, MGTools and 1 other to attach.

 

Neither Combofix nor MGTools will run to completion and both stop and freeze my system causing me to power off by holding down the power button. My computer does not like that method.
I have tried renaming them and get the same result, and same result in the safe mode.
Combofix starts, backs up the registry, warns me that my MBR is infected and after 30 or 40 minutes of inactivity it freezes my system. Virtually the same with MGTools - starts, gives a few messages and after a long period of time it locks up my computer.
TDSSKiller, on the other hand, found a virus - Rootkit.Win32.TDSS.TdL4 and after a restart said it had been removed! Hurray!
MGTools does produce a log but it might not be useful.
Attached are the TDSSKiller log and the MGTools zipped logs.
Where to go next?

 

I had some luck and some not-so-luck.
This morning, after TDSSKiller finally found something, my system was much more well behaved - no browser hijacking, no lengthy disk accesses using up CPU and memory.
I performed your requests and all but the final command in the DOS window worked - the final command, "GetRunKey" didn't do so well. "Running scan with getrunkeys.bat....by Chaslang. Ignore any error messages about not finding registry keys - Just wait for the program to finish" the cursor went down a line and continued to blink but went no where after 20 minutes. I couldn't get it to move along and found when I touched the screen with my mouse pointer the system froze-up and the only way to do anything else was to manually shut it off (I hate doing that).
But, the other programs, for the most part, ran well and the logs are attached. (the black screen with information, after running MBRCheck, would not take a right click/select all option but I found a file on my desktop never the less.
Thanks, so far...

 

Hopefully you wanted the MGlogs prepared about 2 days ago. It is attached. If you want one from today let me know.

 

Sorry for probably responding too soon but I figured you wanted an MGTools log run after TDSSKiller found a rootkit virus yesterday so I ran one and, like every time I run that program it crashes my system after stalling for 25 to 30 minutes causung me to use the power button to reboot. However, it does seem to produce a .zip log, attached from about an hour ago.

 

Thank you for your help. This infection was fascinating to me. Conventional scanners did not see it. I use Malwarebytes about once a week. I scan with my anti-virus program (Microsoft Security Essentials) atleast once per week and it is always active. Occassionally I scan with Spybot. Windows and the virus program are always updated. Windows and my D-Link router supply a firewall.

Where does the Master Boot Record reside and what is its function?
If I can't find it how can a piece of malware find it and embed itselt in it? This computer travels with me and my teenager has no access to it. Very little had been downloaded to it. A little bit of Email, Facebook, a little internet surfing.

I did a total Windows XP restore with my Acer restore disks and, from what I thought, formatted the drive and reloaded Windows with a fresh install. Is it possible that my SP3 update (downloaded from the internet) disk was infected? Does a reinstall even touch the MBR?

I turned off my wireless so that nothing could infect the system while I reinstalled Windows. I did the SP3 upgrade and installed the anti-virus with the wireless turned off. When I turned the wireless back on and used IE7 I was immediately hijacked.

Fascinating.
Thanks.