Malware? svchost Rootkit infection? Hourglass on Taskbar

[johnsongary22]

Hi there,

I have received help in the Windows XP category with a problem I am having with my computer (http://www.computerhope.com/forum/index.php/topic,109452.0.html). Basically, out of the blue, upon bootup, the system keeps idling, with an hourglass when hovered over any part of the taskbar, with no functionality of any kind.

Based on me posting a list of the running Processes in the Task Manager (ctrl+alt+del), someone mentioned that svchost.exe running in my local service, network service, system, and network storage could be a rootkit infection.

I then went through the steps on the Computer Hope Malware Removal Guide.

The one problem encountered during these steps was in updating my JAVA. I did find that my version of JAVA was outdated and downloaded the newest version, however when running the installation as an Administrator, the system says that JAVA can not be installed in Safe Mode. Unfortunately, this is the only way that I can do anything, as Normal Mode I cannot access any programs or do anything at all.

The HijackThis log, Malwarebytes log, and SuperAntiSpyware log are attached.

Please let me know if there is any other information I can provide to help you guys get me some advice. I really hope to not have to take this into a specialist.

Thanks to everyone in advance

 

[recovering disk space - old attachment deleted by admin]

[SuperDave]

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer. I am working under the guidance of one of the specialist of this forum so it may take a bit longer to process your logs.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

We are going to be using a Windows Recovery Environment to help disinfect the system so it may boot again.

Download the OTLPE Standard REATOGO Windows Recovery Environment.

Place a blank CD-R disc in to your CD burning drive.Download

OTLPEStd.exe and double-click on it to burn to a CD using the ISO Burner.Reboot your system using the boot CD you just created.

Note : If you do not know how to set your computer to boot from CD follow the steps here
Your system should now display a REATOGO-X-PE desktop.
Double-click on the OTLPE icon.
When asked "Do you wish to load the remote registry", select Yes
When asked "Do you wish to load remote user profile(s) for scanning", select Yes
Ensure the box "Automatically Load All Remaining Users" is checked and press OK
OTL should now start. Change the following settings

• Change Drivers to Non-Microsoft
  Press Run Scan to start the scan.
  When finished, the file will be saved  in drive C:\_OTL\MovedFiles
  Copy this file to your USB drive if you do not have internet connection on this system
  Please post the contents of the OTL.txt file in your reply.

[/list]

[johnsongary22]

I followed your instructions. When booting the computer from the OTLPEStd disk, there was an error, and now the computer won't boot up at all. It used to work fine in safe mode, and now it wont boot from safe mode at all. It stops when loading windows\system32\config\system.log

Am so lost now. Any help?

[SuperDave]

Hello Jason. Do you have your OS disk?