infested laptop - many system functions hijacked

dear friends,

we hv a laptop, which my son uses - almost exclusively to play games. not using it over the net. but he downloads/copies games from friends.

it is running without an AV or firewall.

so, lot of viruses have creeped in and taken over.

few symptoms that are noticed:

1. some files cannot be deleted (message - 'in use' or similar)
2. doesnot allow pendrive/USB sticks to be 'safely remove-d' and disconnected (message - 'in use')
3. task manager, when clicked open, shuts off and collapses on its own.
4. didnot allow to open the website of an antivirus (quick heal) i wanted to use for online scanning - i had to use a proxy server to get to the site.
5. when i downloaded a trial version of the above AV, and tried to run it, the console was automatically switched off and collapsed - in the same way as happens with task manager.

and found this yesterday as i followed this sites "Malware Removal Procedure"

1. changes back the 'folder view options', after i select "show hidden folders", back to "don't show hidden folders"
2. after i ran SAS the first time - following the "Windows XP Malware Removal/Cleaning Procedure" - i found the installed SAS got infected, and it wouldn't run the second time (i tried this because i found out about point 1 above). the message read - "floating point support not loaded".
3. Combofix didnot run. the message was something like - "combofix file is infested with 'virut'. download again and try". i tried it thrice. same results.

i am presuming that i donot need to write about my hardware and Operating system, as it would be reflected in the logs i attach. right?

what i encountered during/after the "Windows XP Malware Removal/Cleaning Procedure"

1. SAS run went ok. log was prepared. but i found the folder view options had changed back to "donot show hidden folders". so i had to rinstall SAS (since the original didnot run because of the runtime error). more threats were detected. and cleaned. this was the second log - should i post it? (i will do it only when someone amongst you asks me to)
2. MBAM run went ok. log prepared. (though i found the same problem - as above - again, i let it go)
3. Combofix could not run as it said it was an infested file. left this after trying 3 times.
4. rootrpeal - the moment i clicked the .exe, a message box (AND a log window) popped up which had this message: "Error - invalid PE image found!".
5. but the scan went on after i clicked "ok". a scan log was generated.
6. MGtools seemed to run without any unusual message.

so, i am attaching the following 4 logs only, since combofix didnot run.

1. SASlog.txt log from SuperAntiSpyware.
2. Malwarebytes Anti-Malware log
3. RRlog.txt (from RootRepeal)
4. MGlogs.zip - C:\MGlogs.zip

since i am new and green, i am a bit anxious that i may hv unwittingly broken some said/unsaid rules or decorums. i apologise for that slip-up in advance, and request you to please let me know. it would help me to make it easier for you to help me.

waiting for your help - with a question running in my head: "would it be better to reformat the whole darn thing?"

warm regards
biren

 

thank you kestrel...

i am attaching both the reports - of MBR check and TDSSK.
both were ok. (tdss found suspicious items but no malicious items)

i hope this is what you want me to do.

thank you once again, kestrel.


warm regards
biren

 

thank you kestrel...

does it mean i will have to reformat the whole thingy?


here is something that could give you further info about my (laptop) infestations.
they are reports generated by my AV (Quick Heal), installed on my desktop (which i used to download all files suggested here in the malware removal process - taking them to the laptop through a USB stick/pendrive)... showing the viruses that got lodged in my USB stick from my laptop.

i hope this helps - even though you hv not asked for it.

on second thought... i think i will rather go in for a complete re-install.
where should i post for help with this - as i don't have CDs for all programs installed on my laptop - except, maybe the OS winXP...