Help please with Malware removal

WinXP Pro SP3 build 2600, Intel Celeron 2.53HGz, 2 gig RAM, Biostar U8668D mb, Phoenix-Award Bios v 6.00pg

This computer was removed from service simply to replace with a newer computer. It was used to run a billing application.
I was doing normal testing and maintenance on the computer when I noticed Malwarebytes would not run. That was the only symptom that got my attention.

Current status:
I can run Spyware S&D with no results.

I cannot run HijackThis. It does not even begin to open.

I uninstalled Malware bytes then downloaded a new install program, renamed the install to Bam.exe. It installed OK but upon initial launch it closes immediately. When Malwarebytes is run from icon, it opens to desktop and closes quickly.

I could not install Windows Defender. On the first attempt to install I got the message’Windows Installer is not running.’ I started Windows Installer manually and Defender installed. I cannot get Defender updates but get ‘error code 0x80240022.’
I can scan with Defender but no problems are reported.

I ran SmitFraudFix and got a scan report that these were detected and to use a Rootkit scanner: xpdx xpdt huy32 pe386 lzx32 msguard
I located xpdx huy32 in HK_CU/Microsoft/Search Assistant/ACMru/5603 and deleted both .

I finally decided to use the MajorGeeks detailed instructions beginning with ‘Getting Started’ and followed each step of downloading programs then running per the instructions under ‘Windows XP Cleaning Procedure’.

The results are these files: MGLogs.zip rootrepeal.txt and ComboFix.txt
SUPERAntiSpyware did not detect anything and did not create a log file.
I cannot run MalwaBytes to create a log file.

I appreciate your help in interpreting the logs to track the varmint.

 

Thanks TimW for such a quick reply.

I have logged in as Coahoma Electric - I successfully got MalwareBytes updates and am running a scan now. I will run SAS as well. I know I tried both users yesterday with the same results because I was following the directions. But I did not try to run Malwarebytes today as Coahoma after completing all of the steps. I just sent the log files. I will do more thorough testing now as both users and post the results - hopefully tomorrow morning.

We have a Sonicwall firewall with client AV services. Do you recommend having an AV installed on each computer as well as having the firewall AV client services?

I very much appreciate the assistance.

 

I ran Malwarebytes and SAS successfully as both users, Michael & Coahoma with no threats found.

I then ran MGTools as each user and have attached both log files.
MGLogs.zip as Coahoma and MGLogs Michael.zip

It appears some malware lurker was removed during the initial process of running through the complete process.
It was a really good learning experience.
Now, I will be alert to testing each user on a computer.

Re: Server AV, I am checking with Sonicwall to make verify the client side of the server AV is configured.

Many thanks for your time.

 

TimW

No issues to pursue. Just a good ole standard WinXP box which can be safely put back in service.

Thank you for the detailed instructions to complete the process. I will do so immediately.

It has been a pleasure working with you.

We can close this thread. ( if there is something I need to do to close the thread let me know.)

Michael