Got a bad RootKit! Help!

[SkynetCore]

Thanks again essexboy!  


I suspect I should leave the Microsoft Windows Recovery Console line as it is,
just before the XP one.

Is this what it should look like?

----------------------------------------------------------------------

[boot loader]
timeout=10
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional"
/fastdetect

----------------------------------------------------------------------



EDIT:

Now we're getting somewhere!

Successfully rebooted (well, still had to F8...) and the system feels better now... (faster.)


I'm still heavily infected I think, but this felt like
a step in the right direction!

The boot.ini was the same after boot and I had to change to an
admin account to access it. Which is good!

[essexboy]

OK that is now cleared so lets hit the next problem... Did you reset boot.ini under the admin credentials 

What do you want to fix now ?

[SkynetCore]

Yep, boot.ini under admin rights.


I would like to clean my system down among the hardware, well aware that's not easy...


I read up on TDL3 a bit and Panda seemed to have a potent tool, but the trouble with
that is I still can't boot from any CD drive, not even a brand new external one.

Means I can never reinstall XP or boot from a cd...



Will Windows Recovery Console mess with a boot from a CD?

I tried to boot from a Panda Safe Disc, but WRC and XP just took over and the
CD never got a chance to get interrupted by the virus... 
 

[essexboy]

http://support.microsoft.com/mats/cd_dvd_drive_problems/en-us  this link has a fixit for cd problems, give it a run and let me know if it succeeds

Will Windows Recovery Console mess with a boot from a CD?

No

I would like to clean my system down among the hardware, well aware that's not easy...

Could you expand on what you want to achieve with this

[SkynetCore]

Okay, a very late addition, but I want to ask here as the history of
what's happened to my computer is in the thread.


Here's what my C partition (running XP Pro) looks like today:

     


A question for the experts:

Are there any files here that I can safely remove in order to
make it less cluttered?


I now use the Windows Recovery Console and I suspect the Qoobox Folder
comes from the ComboFix install and should'nt mbe messed with...


Any suggestions?
     

[essexboy]

Remove ComboFix

• Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  
• In the Run box, type in ComboFix /Uninstall (Notice the space between the "x" and "/") then click OK
  
  
• Follow the prompts on the screen
• A message should appear confirming that ComboFix was uninstalled

CMDCONS is your recovery console so you need to keep that

The remainder are system files and should be left

Does the CD now work ?

What problems remain ?