Unable to run malware removal procedures

I am trying to heal a laptop running XP (SP3) with 2GB RAM. Before booting, I get an error message that CMOS settings are wrong/CMOS date/time not set. I'm instructed to press F1 to run setup, but it does not respond. F2 loads default values and continues the bootup. Though the machine will boot to Windows, I can not get anything to run, not even the start button.

I am able to boot in safe mode, and began the "read & run me first" procedures. In safe mode the computer is so slow that it is almost disabled, but I was able to open and launch CCleaner. However, it has been running for some 4 hours now, and is still showing that it is 0% complete, though it has moved through a number of IE temp internet files.

I have downloaded SuperAntiSpyware onto a flash drive using a functioning computer, but the sick laptop does not recognize the USB drive. It recognizes the flash drive as "new hardware," but not as drive with files.

Any advice would be appreciated.

 

Thanks. The very first thing I did, before posting here, was to change the CMOS battery, but it didn't make a difference.

Here's a summary of my status, all done in safe mode. I've given full details in hopes that there is something that will help you figure out what I should do:

1. Downloaded all of the tools to CD and transferred to the sick laptop.
2. Could not install SAS. It will not install under safe mode, as I experienced and as confirmed at
http://www.superantispyware.com/supportfaqdisplay.html?faq=50. The computer will not run in normal mode.
3. Mistakenly installed MB without renaming. Have tried to delete the program using Control Panel, but without success. It did install and created a shortcut on the desktop.
3. Tried to reinstall MB renaming from MBAM to MB. Could not install MB. Error message said "unable to create a temporary file. Setup aborted. Error 23: Data error (cyclic redundancy check)."
4. Tried to run MBAM. Failed. Error message" Malwarebytes' Anti-Malware has encountered a problem and needs to close. We are sorry..." The details indicate an "Error signature. EventType: InPageError P1: c000009c P2: 0000003"
5. Followed instructions to install ComboFix. Double clicked on icon, but the process did not follow the one in the tutorial. It opened a very small window with a progress bar, which finished. Then the "open with" window opened, asking me what program I want to use to open a file named "nircmd.cfxxe" Unsure what to do, I chose combofix.exe as the program to use.

5.b It again opened the very window mentioned above, and the sequence repeated. This time, however, I did get the "disclaimer of warranty" screen, clicked "yes," but then the program closed.

5.c Ever persistent, I tried a third time, double-clicking on the ComboFix.exe icon. During the third installation, two blue screens appeared, one with a message "The process cannot access the file because it is being used by another process" and the second with the message "A subdirectory or file C:\Qoobox\LastRun already exists." When the third small ComboFix window/progress bar closed, a "date error" message appeared saying "Date Error: 2002-01-01. check your settings." At this point I abandoned ComboFix.

6. Ran RootRepeal.exe. It opened, and after it initialized, it showed "C:\32788R22FWJFW\" but then froze and did not finish. I repeated it but with the same abortive result.

7. Ran MGtools. Got Registry editor error: Cannot export c:\MGtools\tmpUnKey.txt: Error opening the file. There may be a disk or file system error " and another "Cannot experot C:\MGTools\temp\xlmsysccsa.txt"
Logs were saved as expected as MGlogs.zip but despite repeated efforts I've not been able to copy them to a CD or USB so I can send them from a working computer. I will continue to try and will attach if I am successful. An online search suggests that what I've found in step 6 above may be virut. I'll await your advice.

 

I'm stymied. I've succeeded in running several of the processes (details follow), but cannot get the logs from the sick computer onto something so I can move them to my healthy computer to attach them here. I can put the files onto a CD, but cannot succeed in writing them to the CD. The computer does not recognize a flash drive (it sees it as new hardware, starts the new hardware wizard, but there is no software driver for the hardware...)

Here, for what it's worth are the details of what worked and what didn't.

1. AVPFind.bat ran and saved its log to the desktop. I don't believe it finished, however, as the avplog.txt files doesn't contain any info beyond the OS and a message "Finding copies of eventlog.dll... Please be patient."
2. Rkill.exe ran successfully.
3. exeHelper ran successfully.
4. MB failed.
5. SAS failed.
6. MGtools ran and saved its log in the C: drive, but again I can't attach it.

Your advice appreciated.

 

Tim,

I can boot to safe mode with networking, but cannot get get a browser to open (tried both Firefox and IE) and so cannot get to my email. Is there any thing else I can try?

 

I have not yet run the Dr Web Cureit, but have retrieved the MG log, AVPFinder log, and Exehelper log. They are attached.

 

Thanks for all your help, but Dr. Web wouldn't run either. I decided to proceed with a reformat and clean install of Windows. The extremely slow response continues. After nearly 12 hours overnight, the reformat is only 12% done. (It does not appear to have stalled--it has made some progress since I checked it first thing this morning.) Can this be due to malware?

 

Thanks for all your help. The hard drive failed, and I've now replaced it.