Malware infection in XP. Can't see Taskbar. How to solve this?

Greetings.

My Windows XP boots fine until the screen for the selection of the User account. When I select an account (doesn't matter which), the Taskbar/Desktop icons never appear.
But things seem to be working, though, as sometimes, some alerts from Panda Antivirus appear (but just advertisement. They don't reference any virus).

I can start the Windows Task Manager (via Ctrl+Alt+Delete) and I see that I have some malware processes running (e.g. 9129837.exe, xccef090131). I terminate them. I've also found that in the folder Windows/system32 there were some malware executables. I've also deleted them.

However, when I restart the computer, those malware processes/executables are created again.

I've also seen some messages saying that "msas2009.exe" and the application Utool has found some errors. These are also known malware.


Things I've tried: running Malwarebytes, but I can't install it. I go to Windows Task Bar -> File -> New Task (Run...) and try to run the setup for Malwarebytes, but nothing happens.
But, some executables I can run: I run the Command Prompt without any problems (via the same system).

I've also tried to terminate the explorer.exe process and re-running it. Still, no Taskbar appears.

Finally, I've run a full system scan with Panda Antivirus 2009... Nothing was found...

Anyone knows how I can remove this malware. Maybe by seeing the programs that are being run as Windows starts and eliminating some?

Help me, please.

NOTE: The same thing happens when I launch XP in Security Mode (by holding F8 at start-up).

 

Download Malwarebytes and run it.

Lets see what happens.

Also,download this and run it.

Paste the log here.

Cheers.

 

I think I remember having a Virus like this in my old Laptop. I believe I finally god rid of it, by running Hijack this, and searching for "I think it is called Dr. Webb", but I ran it, and it cleaned it.

Sorry I can't be more specific, was a LONG time ago.

Edit: Yes, I was right. The name of it is Dr. Web Anti Virus. I remember having to run it in Safe Mode.

 

When you've downloaded the MBAM installer, rename it to ABC.exe, then install ABC(MBAM).exe.
Don't update the program yet but close it. Go to the MBAM folder and rename MBAM.exe to ABCD.exe, then run ABCD(MBAM).exe, update the program first and then do a full scan in safe mode.
Cheers.

 

Baserk, just curious, why do you have to rename the .exe? Is it because the malware/virus will prevent you from running it and renaming it is to a get around?

 

Yep.
Some malware will try to block installing AV/AS programs, some try to block updating virus/malware signatures and some will block running antimalware programs.

 

You were right. Renaming the executable, solved the problem. Thanks.

I'm running Malwarebytes right now. It will take a few hours, though. I'll keep y'all updated.

 

You should have done a quick scan first but no biggie .

 

Malwarebytes reported 53 infected files. I've removed them. Now (after rebooting), it can't find any more infected files, however, nothing seems to have changed (still no Taskbar/desktop icons).

HijackThis's log is:

 

You still have malware on it.

Try removing this in safemode.



some info on the problem....


http://www.norman.com/Virus/Virus_descriptions/49634/en?show=additional

 

Thanks for the info.


What about running super antispyware, I've noticed that sometimes it picks up stuff that malwarebytes doesn't.

 

My computer was infected with Virus.Win32.Virut.ce.
The computer used to have Panda Antivirus installed. But since it proved inefficient and since Kaspersky recognized Virut (and could disinfect files infected by it), I uninstalled Panda and installed Kaspersky 2009. The installation went fine until I rebooted my computer.

Besides only seeing the desktop. I couldn't access the Windows Task Manager. I couldn't run any program.

So I ended up using a bootable CD to copy the files I wanted and reinstalled Windows.
All is well now.