Hello, this is my first post to this forum as I have usually had good luck with removing most malware on my own. This one has me stumped, however, so I would appreciate any help I can get. Up front, I will say I am experienced with computers (or at least the software side of things) though I'm certainly no expert. Here is some key information:
OS: XP Pro, Service Pack 3
Anti-Virus: AVG (newest software version as far as I can remember)
Anti-Malware Programs: Ad-Aware Anniversary Edition
Spybot S&D (With TeaTimer, though I already read on your list of info to disable it for now)
*I am aware that you recommend two other programs (SuperSpyware and some other). I am willing to switch to those if recommended, but for now I do not have the option to as you will see.
Here is my problem. I got one of those annoying popup programs that pretends to be anti-virus claiming I had lots of infections and to buy their software. I knew I had at least one infection, namely that program popup. I ran Ad-aware immediately, it found 2 Trojan items, which I selected to remove. It informed me that to finish the removal process I needed to reboot. I did so, immediately. Upon startup, the normal XP login splash screen with user icons was replaced by a simple login box (with my username already filled in to the top box, with a blank password box below). I logged in.
Before anything popped up, I got the blank background and mouse, and then it told me that Data Execution Prevention blocked "Userinit Logon Application." I click close message. Nothing else loads. I hit alt-ctrl-del, Data Execution Prevention stops that. Finally, clicking ACD multiple times I get task manager. Depending on the bootup (I have restarted my computer now multiple times trying different fixes to no avail), I'll have about 6-7 copies of svchost.exe, lsass.exe, services.exe, winlogon.exe, csrss.exe, smss.exe, wuauclt.exe, System, System Idle.
I try to run explorer from task manager to get my desktop. Sometimes nothing happens to the processes box of task manager, and sometimes dumprep.exe shows up before Data Execution Prevention kills explorer. For this reason I have been unable to run any of my anti-malware programs again (running ad-aware from task manager fails, though the services show up in processes the application never actually launches; similiar problems with spybot and avg).
Hijackthis, being a simple program, seems to launch no problem however. I have included a log with this post, though to be sure it does not seem to point to any particular problem (I'm still a newb when it comes to reading hijackthis logs, though I have used to to some success from time to time removing obviously malicious stuff).
EDIT: One more thing. I have started the computer in safe mode without networking as well, but even there NOTHING loads and task manager attempts to run explorer.exe result in the exact same problems.
EDIT2: So I killed the dumprep.exe program right as it started, and it never got a chance to kill explorer.exe. I got that running, opened up my Ad-Aware and started a full scan. I'll let you know what it turns up when it finishes.
As an added note, my internet does not work. Though I am connected to my local wireless network, when I open IE7 it says loading proxy settings, then no matter where I try to point the browser it redirects me to
http://browser-security.microsoft.com/block.php?r=6.16I hope editing doesn't bump, because I am really not trying to do that.
Any help would be appreciated, and if you have any other questions I'll be here to answer them. Thank you so much in advance for any help!!
[attachment deleted by admin]