Laptop in Serious Trouble...

Recently My Laptop (Vista, Service Pack 2) has been Getting a Screen Which Just has a Small Proportion of the screen Repeated to fill the entire Screen. At First i Thought it was Just Overheated But Avast! and Panda Cloud Stopped Working (Could not Start Modules etc.)I Downloaded Malwarebytes to find 24 Infections but then to Get the Screen Which I mentioned Above.

Windows Defender (Very Outdated Version, Would not let me update) Had a Fake ECard Trojan in the Vault so I Deleted that to no avail.
I Cannot Get the Screen or the Logs of Malwarebytes as it had not Finished.

I Have also Run TDSS Killer and GMER (Didn’t Finish, it came up the screen)

Any Help Would Be Appreciated.

many Thanks,
SgtSimpson

P.S I Know its Not Overheating as it only happens when Running Security programs.
PP.S The Screen Only happens when running Firefox, Chrome or Security Programs (However it does not effect Windows Defender.)
PPP.S None of the Safe Modes work

Anyone?
This Is VeryUrgent!

Follow this guide from our expert malware remover Essexboy
http://forum.avast.com/index.php?topic=53253.0
( post the logs here in this topic and not in the guide )

To avoid using multiple post with copy and paste you have to attach the log`s
Lower left corner: Additional Options > Attach ( Malwarebytes log / OTS log ) save OTS log as ANSI

Essexboy will look at the logs when posted

Thanks for the Reply!
I’ll Put the OTS Log As Soon As It’s Finished.
I Just Want to Update my Post Saying that SuperAntiSpyware Found Mywebsearch and a few other Pieces of adware before crashing. It Also Found a Unknown Piece of Something with an Unknown Origin. I Would give you the log except the laptop Crashed.
OTS Log Uploaded and Attached.

Start OTS. Copy/Paste the information in the quotebox below into the panel where it says “Paste fix here” and then click the Run Fix button.

 
[Unregister Dlls]
[Win32 Services - Safe List]
YN -> (CLTNetCnService) Symantec Lic NetConnect service [Auto | Stopped] -> 
[Registry - Safe List]
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YN -> {02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
YN -> "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> WebBrowser\\"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> WebBrowser\\"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
[Empty Temp Folders]
[EmptyFlash]
[CreateRestorePoint]

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here

I will review the information when it comes back in.

Depending on what the fix contains, this process may take some time and your desktop icons might disappear or other uncommon behavior may occur.

This is no sign of malfunction, do not panic!

THEN

Download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

[]Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
[
]Double click on ComboFix.exe & follow the prompts.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Here is the OTS Fix Log

Ill Upload the Combofix log as soon as I Can!

Many Thanks For Helping me!

EDIT: ComboFix wont finish. Ive Left it for an Hour but it’s stuck at like 99%. Ive tried this on administrator as well.
Any Ideas?

I Don’t Mind Upgrading to Windows 7 as I Dont have any important files.

On the following programme I am more interested in the analysis scan - so if the AV scan fails then just run the analysis part. As the log is a zip file and the forum does not allow that type of attachment then upload to Mediafire and post the sharing link.

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan
On the first tab select all elements down to Computer and then select start scan
Once it has finished select report and post that.

http://i1224.photobucket.com/albums/ee362/Essexboy3/avpfront-1.jpg

Do not close AVPTool or it will self uninstall, if it does uninstall - then just rerun the setup file on your desktop

Now an analysis scan
Select the Manual Disinfection tab
Press the Gather System Information button
Once done Open the last report saved folder then attach the zip file to your next post zip
The file is located at C:\Users[i]your name[/i]\Desktop\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip

http://i1224.photobucket.com/albums/ee362/Essexboy3/avpmanual.jpg

I had Already Beat you to the Scan!
It Showed i had a Generic malware 32: Hack tool in my recovery Call Wiz.exe

Here is the System Info From The Program:
http://www.mediafire.com/?fo8nkea4idia2j3

On completion of this run can you check safe mode, if it is available then retry Combofix please

[*]Re-run AVPTool
[*]Select the Manual Disinfection tab
[*]Where it states Step 3 paste in the following disinfection script and press execute

begin
SetAVZPMStatus(True);
SetAVZGuardStatus(True);
SearchRootkit(true, true);
 RegKeyDel('HKLM','SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}');
 DeleteFile('F:\autorun.inf');
 BC_DeleteFile('F:\autorun.inf');
BC_ImportDeletedList;
ExecuteSysClean;
ExecuteRepair(10);
BC_Activate;
RebootWindows(true);
end.

[]Your system will reboot on completion, if it does not please do so yourself
[
]On completion please run another analysis scan and attach the zip file

http://i1224.photobucket.com/albums/ee362/Essexboy3/avpmanual.jpg

http://www.mediafire.com/?gcm3rb3w7rvcm8v
Here is the Zip Again. After the Fix was Done.
Ill Get the combofix now if it works

Sorry about the long time to reply!

Question: Comboxfix is saying that panda and Avast are still active despite being stopped from Task manager. Do I Continue?

Yes continue but do not let them quarantine any files… Right click the Avast orange blob select shield control and disable for one hour

Avast or panda Are not Even On. No Exe’s for them. Nothing. Like i Said I Stopped the Service in Task manager. So I’m Green to Go Then?

Yep run away ;D

Ok Then!
Thank you For Helping me This Far!
It’s On Stage 3 At the Moment.

Here it is:
Note: I have had this laptop for 2 Years now just Watching movies. So Whats Here isnt mine.

OK could you now test out your laptop (including safe mode) and let me know of any residual problems

Still Seems Slow (Could be Vista), Explorer Keeps Freezing (Yet Again, Could be Vista), Can’t Turn Avast! Web Shield on (Need to Update First, So I Don’t Know About This), Malwarebytes Stll Comes up with Runtime Error 0 and 440. However Apart from That Everything seems Fine. Panda Cloud Reports as clean and Working.
Running a SuperantiSpyware Scan as I type.

Many Thanks!
I Don’t Know What the People of Avast! Would be without you Helping us!

Yet Again, Many Thanks!

OK lets tackle these one at a time ;D

Explorer (known vista problem)

From the Start menu, select all programmes, accessories
then right click the command prompt and run as administrator
In the Open field, type sfc /scannow (Note: There is a space between sfc and /scannow)
Select the OK button.
Follow the prompts throughout the System File Checker process.
Reboot the computer when System File Checker completes.

For Avast it sounds like a repair is needed
Go to control panel - programs and features
Select Avast
Several options will appear select repair

Malwarebytes uninstall via programs and features
Run this tool http://www.malwarebytes.org/mbam-clean.exe
Then download and install a fresh copy
http://img233.imageshack.us/img233/7729/mbamicontw5.gif
from Here.

Sorry for the Long Reply but…
I Did the System File checker and it found no bugs or errors.
Avast! is still not working. Still has the “please make sure avastsvc (Or Something along the lines of that) is not blocked by your personal firewall.” Which its Not. Avast! is a trusted program with all it’s .exe files, Trusted.
What Do I Do Now then?

What firewall are you running - or were running ?