Antivirus soft malware

Hi there and thanks in advance. I'm not a computer genious but neither am i a novice and i thought i'd fixed the problem myself using your guide but still am having major issues.
im using an acer aspire laptop, windows xp pro
internet explorer / alternate firefox

EDIT:

I'm reading where a lot of ppl are having the same problem with the same malware. i found a thread (http://www.bleepingcomputer.com/forums/topic291498.html) with some steps to take and am going to go thru the steps advised (updating and running mbam and downloading and running atf and sas). i should be ble to do it in regular boot mode unless my comp goes haywire again. i will post results at the very end of post.
am i on the right track? if someone has other advice on some of the other issues below, in case they're not related, or im barking up the wrong tree, please let me know. thanks :D now on with the original message...

END OF EDIT.


after realising i had the antivirus malware i was able to get online with my alternate browser and followed your guide. the following problems occured.

i was able to download and run rkil but it found nothing in safe mode. i had to boot normally and run it before antivirus soft initiated startup. it found the similar files that you listed in your guide and i was able to remove them with killbox, but when i ran malwarebytes-anti malware, it found none of the files, no infections, nothing.

here are the files found by rkill.

C:\WINDOWS\system32\igfxsrvc.exe,
C:\WINDOWS\system32\ntvdm.exe,
C:\DOCUME~1\user\LOCALS~1\Temp\RtkBtMnt.exe
C:\DOCUME~1\USER\MYDOCU~1\RKILL.COM
(this last one is the rkill program itself, correct? is this normal?)

One of my questions is, are these files related to antivirus soft? if so can i delete them safely with killbox?

my computer is freezing up constantly, mouse function frozen (yes i've made sure it was turned on), can't do control alt delete/escape, only hard boot works. sometimes the boot gets stuck in a loop and at the desktop (sometimes after about a minute or so after destop loads, sometimes right away) a blue screen full of writing appears and it goes back into reboot. the screen only flashes so i can't read anything but the top line which says something to the effect that a problem has been detected..
sometimes after beginning to boot, it just goes to a black screen.
ive had it freeze up loading in safe mode also when all the info is still running across the screen, just locks up right in the middle of it all.
it freezes all the time in various ways you see
after rebooting several times it will usually work for awhile before freezing up again. it seems to do it more often than not if i leave it sitting idle for even a minute or two. im not movig the machine around alot or bumping it, but it does move somewhat.. it is a laptop.

also 9 times out of 10 my wireless conection is showing an issue, so i try and repair the connnection (right click on repair on toolbar icon) and it says it was unable to, but then it will start working again on its own. not sure if its related to my problem.

please help

RESULTS: ran updated mbam, atf, and sas in regular boot mode. mbam found 1 trojan, the others found several issues, all were repaired or deleted.
so far laptop is not freezing so i haven't had any reboot issues because i haven't had to reboot. i'm still skeptical tho. rkill is still finding the files listed below.

C:\WINDOWS\system32\ntvdm.exe,
C:\DOCUME~1\user\LOCALS~1\Temp\RtkBtMnt.exe
C:\DOCUME~1\USER\MYDOCU~1\RKILL.COM

additional problem: when doing a browser search (google, yahoo, bing), instead of pop-ups, my browser redirects to different kinds of advertisements or offers (full pages). sometimes when hitting the back button, it won't let me navigate away from the page, and sometime it goes to the originally intended search page, so there's obviously still a problem, so I still need help.

Edited by angicx, 10 February 2010 - 05:01 PM.

I suggest that you follow the instructions I give you and submit a DDS log
If you use any type of CD emulator like Daemon Tools, you need to uninstall it for the time being
Start at step



Please read the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log". If you cannot complete a step, then skip it and continue with the next. In Step 6 there are instructions for downloading and running DDS which will create a Pseudo HJT Report as part of its log.


When you have done that, post your log in the HijackThis Logs and Malware Removal forum, NOT here, for assistance by the HJT Team Experts. A member of the Team will walk you through, step by step, on how to clean your computer. If you post your log back in this thread, the response from the HJT Team will be delayed because your post will have to be moved. This means it will fall in line behind any others posted that same day.

The HJT team is very busy and it will take awhile to get to your post
Please be patient and good luck

Mark is it? Thank you so much for your reply and advice, I will try and get to it asap... or as soon as my 2 year old allows it
Haha, thanks again!
Angi

still having redirect issues with browser and freeze ups.
cannot open the link "windows xp backup made easy" online (page just stays blank very time i try to access link and i've tried clicking on link, and typing it in directly, and with different search engines...also while holding down control alt to bypass popup blocker. i guess it's an issue with ths virus or malware?)
i can get to an explanation of how to back up directly thru microsoft website, but can't get it to work for me.
the wizard takes me thru the beginning but when i get to backup type, destination, and name, i get this error window and msg every time, and i've tried different names and locations...

Backup Utility
the backup file name could not be used
"d:\backup.bkf"
please ensure the path is valid and that you have sufficient access.

it will let me back up to c drive (i think) but doesn't that defeat the purpose if that's my main drive? i let it run like that anyway but am not sure if it's going to be helpful or just take up more unneccessary space..

here's the save file from that backup. it says "back up of c", so i may have been succesful and just don't realise it because I have no idea where it actually backed up to, and if that's the case, let me apologise in advance for this post.

Backup Status
Operation: Backup
Active backup destination: File
Media name: "backup.bkf created 2/11/2010 at 2:51 PM"

Backup (via shadow copy) of "C: "
Backup set #1 on media #1
Backup description: "Set created 2/11/2010 at 2:51 PM"
Media name: "backup.bkf created 2/11/2010 at 2:51 PM"

Backup Type: Normal

Backup started on 2/11/2010 at 2:52 PM.
Backup completed on 2/11/2010 at 3:02 PM.
Directories: 783
Files: 8990
Bytes: 1,677,619,351
Time: 10 minutes and 39 seconds

----------------------


i wanted to back up to a hard disk (will dvd-r work by any lucky chance?) but it doesn't give me that option at all, only c and d drives show up...

what the heck?

Edited by angicx, 11 February 2010 - 04:07 PM.

I have never used the Windows back-up utility. I use Acronis that makes weekly incremental back-ups
You might post your question in the XP forum

ok thanks