Help With Malware not very technical

[JAGUARD77]

I had Avast for about a year without any issues but it seems that I got infected with a malware or something. It started to what appear to be a virus protection update but it was not from Avast. It then goes into IE automatically and I am not able to go into any website at ALL. I tried the msconfig but it says cans msconfig.exe is infected and it says the same for everything that I try to open. I do not even know what file is infected or anything. I cannot even go into safemode, does anyone have some information that can help me. I am really desperate at this point and any help will be greatly appreciated. I do not know if I put all the information for anyone to give me addditional assistance but if I did not please let me know what else is need it.

[DavidR]

Scum/scam/scareware, rogue security program usually issuing fake security warnings so you will buy...

If you haven't already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).

• 1.  MalwareBytes Anti-Malware, On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later.
• 2. SUPERantispyware On-Demand only in free version.

Don't worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.

[Pondus]

Dr.Web® LiveCD

Emergency System Recovery Disk http://www.freedrweb.com/livecd/?lng=en
How does it work? http://www.freedrweb.com/livecd/how_it_works/

you probably have to download and make the cd on a clean computer

[JAGUARD77]

I tried both of the advises but I can't run either of them. Is there a way to install these in safe mode. I am really frustated because this is the first time this happens to me.

[DavidR]

Why can't you install them, what errors are you getting ?

[Tarq57]

You will need access to a clean computer with a disk burner to use these CD's.
Basically, you are downloading a file to burn to a CD and then boot the sick computer from that CD. It is often the only way to fix an infected computer showing the symptoms you describe, because you are not able to access anything from within the OS.

Read the instructions for burning and running the CD carefully.

[JAGUARD77]

Well, I finally got it fixed. I was able to set the reboot sequence to start with the cd drive first and that is how it finally worked. Thanks for giving me hand, I really learned a lot from this site.

[Pondus]

was it the Dr.Web CD that fixed it?
what was found?

[JAGUARD77]

Well I spoke too soon. After I though everything was fixed i upgraded to Avast Internet security, i was able to install it in two of my computers but the infected one will not let me update, upgrade of put up my firewall. Recently my internet stoped working and it says that it has a slow connection and does not allow me to troubleshoot it. I installed and ran Malware bytes and found ceveral infected files and it says they were deleted but still no success running Avast Internet Suiet or connecting to the internet. I will take another laptop to work to try and copy the malware bytes log file because I am able to connect other laptops via wireless just not the infected one. I really do hope there is a fix for this.

[Tarq57]

Did you try burning/running the CD's linked to above?
Or just running MBAM?

If the answer to the first question is "no", the recommended course of action should be fairly obvious.
Let us know if you need any help with that.

[JAGUARD77]

It looks like I am still going to need more hlep guys. I ran Malwarebytes and found several threats but for some reason I can't save the log file into a cd to upload it on my good computer. I reinstalled Avast Internet security because the firewall was not turning on; that has been fixed. I also ran Hitman Pro3.5 and also found some malware. The computer seems to be running fine but I cannot connect to the internet now, it ways it has a connection but I press the Internet Explorer and nothing happens. Before restarting the computer it says ieexplorer.exe in not responding and I have to press "end now" to continue. All virus scanners and malware software have been saved into a cd and I then insert the cd in the infected computer and run it.
Any Ideas? Please consider that I am not very technical with software and programs but I can follow step by step instructions pretty good. I have over 2 weeks with this issues and I am very tempted to call a technician and spend money I don't have, please help.

[JAGUARD77]

Correction:

this is the window pop ups I get when restarting:

ImApp.exe
iexplore.exe

both not responding.

[essexboy]

OK lets try the following from normal mode

To ensure that I get all the information this log will need to be attached (instructions at the end) if it is to large to attach then upload to Mediafire and post the sharing link.

Download OTS  to your Desktop

• Close ALL OTHER PROGRAMS.
  
• Double-click on OTS.exe to start the program.
  
• Check the box that says Scan All Users
  
• Under Additional Scans check the following:
• Reg - Shell Spawning
• File - Lop Check
• File - Purity Scan
• Evnt - EvtViewer (last 10)

• Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav

• Now click the Run Scan button on the toolbar.
  
• Let it run unhindered until it finishes.
• When the scan is complete Notepad will open with the report file loaded in it.
  
• Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
  

Please attach the log in your next post.

[JAGUARD77]

Thank you, OTS is scanning right now. Hopefully I can get the result in today; I really want to get it over with, it has been a nightmare.

[JAGUARD77]

Here is the OTS log file,I hope it helps. Thanks for everyone's help.