virus removal, help

hi guys, as requested ive posted a new malware problem
mcafee kept finding an ilomo trojan and would not allow it to be cleaned, deleted or quarantined
ive gone thru the steps in the 'read this first' post and have all of the logs apart from panda active scan, it didnt find anything so it wouldnt give me a log so i copies and pasted the text from the page
hang on second post coming up

 

here are the other attached files
i am presuming counterspy found the problem and quarantined it but i dont know
if anyone could help it would be much appreciated
thanx
carl

 

yesterday b4 mcafee updated i was havibg a major drain on processor, task manager showed regscan to be the culprit but since mcafee updated it was at first finding a buffer overrun by c\prog files\internet explorer\iexplore.exe
it said it was blocked but i closed the popup screen and it came str8 back
ive just had something else draining it but i cant remember the name if i find it ill let u know, but my faN keeps coming on and it runs at 100% for a bit

 

hi mate, thanx for the reply, just a few things first
i have just opened hjt and the first 2 entries were there, the 04 hkcu entry is not in the list
ive saved a report anyway which i have posted here, im going to delete the first 2 ones you suggested
and ill wait for a reply to do anything further with the registry ammendment incase it causes a problem coz its related to the missing one u asked me to delete/fix
sdat is a dos scanner mcafee advised me to download a few nights ago, its safe but if possible, id like to remove any trace of it, its a useless piece of c**p lol
carl

 

right ive ran hjt and search assistant and the other one are still present, see attached hjt.txt
while ive been away my mcafee had done a virus scan and found 7 cookies and 3 recent events where system guards have allowed a one time chance to my pc
2 of these were the iexplore.exe which i mentiones was hogging my system and one was msiexec.exe
after a restart im having the same problems
the system is overloaded, fan is killing itself slowly and there is a problem with the wireless icon in near the clock, says its not online but it really is
this usually happens as an early warning sign that the iexplore.exe is going to eat my memory,
strange i know but thats what happens
new logs attached
i will await your reply
cheers
carl

 

new logs attached
i will await your reply
cheers
carl

 

i only have mcafee running so ive turned it off before running the above scans, search assistant keeps reappearing as soon as its been fixed in hjt
im confused
carl

 

hi mate, right ive done that, i think its cured the search assistant thing
attached is the new hjt log and a shownew
im gonna restart and check how its running, ill reply back in about 10 mins and let u know
thanx
carl

 

right the last couple of days ive not been using the pc, only to look on here and doing whats been mentioned on here
when this first started going funny i noticed there was a problem with startup items by the clock, sometimes they loaded fine, sometimes they didnt
most of the time i would only get a windows wireless icon, a mcafee icon and a safely remove hardware icon
at the time i was assuming because i was having the buffer overrun problem and the virus it was draining the system on startup and they didnt get chance to load
now ive got them all loading up, even my netgear which surprised me, but for some reason i have a problem with the windows wireless connection icon
its stuck on 'acquiring network address'
the internet is working fine, im able to get on here to type this
the netgear is showing green which is good but usually the windows wireless icon comes on after the netgear has connected to show me that the internet is working
this is puzzling me now
is this part of the same problem or should i keep this to the back of my mind until weve sorted the other thing out
thanx
carl

 

here we go again
this is the problem which made me aware of the virus in the first place
after i wrote the last post, i restarted and i got all of the startup items by the clock apart from the windows wireless icon
i clicked internet explorer on the quick launch and it didnt open
i tried to print screen and open paint,
neither worked
i right clicked the task bar to open task manager to see if it was being drained again and that didnt work either
i pressed ctrl alt del to open task manager which did work
i tried to shut down some programs but nothing would shut down from task manager
i tried to restart from t manager and that didnt work either
nothing on the pc would respond, apart from tabs inside task manager
i could view the tabs but nothing else worked
i had to shut the pc down by the power button and as expected, the comp shut down then i started it up again and it did a disk check, found one error and supposedly fixed it
this was the error
'the size of the \windows\temp\mcafee_7vIruIn6cjnMhac entry is'
thats all i got in the pic, i had to take it on my cam
i presume it would have carried on to say
entry is not valid, the item will be truncated or whatever it usually says
i think this was an error being caused by improper shutdown,
or was it an error which had caused the pc to stop responding in the first place
either way, ive now restarted and im back to square 1
my pc still doesnt work properley
nnnnnnnnnnooooooooooooooooooooooooooooooooooooooooooo
its restarted and the icons are missing again
this is all i have there now pic below
which tells me something is running in front of them or causing them to be delayed in showing, or even stopped
heeeeeeeeeellllllpppppppppppppppppp

 

i dont have an xp disk, it came preinstalled from acer
what should i do
carl

 

no not even a restore cd
when i got the computer and set it up it asked me if i want to save a section of the hard drive for restoring,
i think it runs with an nti dvd maker add on
i think i can go thru it that way but it means losing a years worth of stuff if i can
i was hoping this was just a problem i could sort without a full restore
i hate full restores
ill lose loads and loads of programs
:cry:cry:cry:cry:cry

 

i think part of the virus removal procedure involved disabling system restore?
so all my restore points will be gone
i really dont know how long the virus has been there, i had a post a few months ago about svchost.exe running at 100% in task manager
i had problems then and since that date its never worked right
its been demoted to backup comp since then, its only a year old and its a shame that i dont get any use from it because its a much better spec then the laptop im using here
for the record, all my documents are stored in the d: drive which is a partition
i think a restore does not touch that part, that would quite possibly kill me if i lost that
:cry:cry:cry:cry:cry
its only programs i have stored on c:
if i use another xp cd i will lose all the bundled software that came with it
i use most of it too
if i can avoid restoring then i would be a really happy guy

carl

 

i need to get a hold of a xp home disk then, ive got pro, but not home
will the repair from pro work on it?
im just putting the disk in and clicking repair right?
carl

 

ive read that, very informative, ive seen that option before when reformatting lol
im running xp home on the pc thats rubber ducked
when you said yes above
did you mean that yes i will need a xp home disk
or did you mean yes i can use the repair from a pro disk
thanx
carl

 

ok cool ill try to sort one out, do u know anyone who sells them? cheap?
i dont need the key its still on the case
im gonna contact acer, see if they will send me one out
carl

 

The cheapest you'll most likely find a WinXP disc is around $80-$100 because your paying mainly for the liscense.

Microsoft Windows XP Home With SP2B 1 Pack - OEM