[Non-curable - Virut] Unable to acces Microsoft.com or vaildate vista

That wasnt the problem , it just was saying that it couldn't find any problems to fix and i should trying removing any recently added hardware like portable media players and stuff like that.

Good news at last , i got normal mode to start and work. ill scan and post logs soon.

What i did :
- msconfig
- disabled all unneeded services plus i disabled a few Microsoft services
- disabled all startup expect for av and spybot
- restarted and it allowed me to get windows to work normally

 

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/19/2009 at 08:15 AM

Application Version : 4.26.1002

Core Rules Database Version : 3895
Trace Rules Database Version: 1843

Scan type : Complete Scan
Total Scan Time : 00:41:15

Memory items scanned : 509
Memory threats detected : 0
Registry items scanned : 7999
Registry threats detected : 0
File items scanned : 24813
File threats detected : 19

BearShare File Sharing Client
C:\PROGRAM FILES\BEARSHARE APPLICATIONS\BEARSHARE\BEARSHARE.EXE

Adware.Tracking Cookie
C:\Users\Adam2\AppData\Roaming\Microsoft\Windows\Cookies\adam2@serving-sys[2].txt
C:\Users\Adam2\AppData\Roaming\Microsoft\Windows\Cookies\adam2@doubleclick[2].txt
C:\Users\Adam2\AppData\Roaming\Microsoft\Windows\Cookies\adam2@ad.yieldmanager[2].txt
C:\Users\Adam2\AppData\Roaming\Microsoft\Windows\Cookies\adam2@ads.infinisource[1].txt
C:\Users\Adam2\AppData\Roaming\Microsoft\Windows\Cookies\adam2@bs.serving-sys[1].txt
C:\Users\Adam2\AppData\Roaming\Microsoft\Windows\Cookies\adam2@tribalfusion[1].txt

Trojan.Unknown Origin
C:\WINDOWS\TEMP\VRT1D40.TMP
C:\WINDOWS\TEMP\VRT3AFC.TMP
C:\WINDOWS\TEMP\VRT3DE9.TMP
C:\WINDOWS\TEMP\VRT3E66.TMP
C:\WINDOWS\TEMP\VRT429A.TMP
C:\WINDOWS\TEMP\VRT46CF.TMP
C:\WINDOWS\TEMP\VRT4DA2.TMP
C:\WINDOWS\TEMP\VRT557E.TMP
C:\WINDOWS\TEMP\VRT57DF.TMP
C:\WINDOWS\TEMP\VRT624A.TMP
C:\WINDOWS\TEMP\VRT6AA4.TMP
C:\WINDOWS\TEMP\VRT6AC3.TMP

 

Malwarebytes' Anti-Malware 1.36
Database version: 1945
Windows 6.0.6000

19/05/2009 9:55:40 AM
mbam-log-2009-05-19 (09-55-40).txt

Scan type: Full Scan (C:\|)
Objects scanned: 174798
Time elapsed: 1 hour(s), 32 minute(s), 53 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:56:46 AM, on 19/05/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxpers.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Adam\Desktop\Programs\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://au.rd.yahoo.com/customize/ycomp/defaults/sp/*http://au.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.da-forums.org/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.au.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://au.rd.yahoo.com/customize/ycomp/defaults/su/*http://au.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-1275490929-3834731154-2838317729-1000\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe (file missing)
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe (file missing)
O23 - Service: CyberLink Media Library Service - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe (file missing)
O23 - Service: eDataSecurity Service - Unknown owner - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (file missing)
O23 - Service: eLock Service (eLockService) - Unknown owner - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (file missing)
O23 - Service: eNet Service - Unknown owner - C:\Acer\Empowering Technology\eNet\eNet Service.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Unknown owner - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (file missing)
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (file missing)
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
O23 - Service: ePower Service (WMIService) - Unknown owner - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio.exe (file missing)

--
End of file - 7144 bytes

 

computer is doing fine now , i typed in microsoft.com and it worked for once! so ill start windows update now and see if there is any that ill need and see how i go.

fixed - Toolbar: BearShare MediaBar with HJT

 

i tried to validate my windows via the microsft site but its says it cant due to a unauthorized change or Software Licensing service needs a restart .

I follow their steps to restart the service but i get a error message saying that its not responding.

Steps i followed

Still have no control panel and windows update doesn't work at all.
Also i am getting a popup now , occasionally ill get a web page that opens up at start and randomly while the computer is on.

 

combofix doesn't start it comes up with this error message

that is the exact error message i get from either of the combofix's from the links that u have said to use.

 

Couldnt access the software from the website u supplied due to the fact that i cant access that website so i google around and found it here : http://download.cnet.com/Dr-Web-CureIt/3000-2239_4-128071.html?tag=mncol

I got a Blue screen a few seconds into the full scan .

Rebooted and now when i log in i am faced with this error message from windows.

 

I got a blue screen when i went to save report list after the full scan. I did find a Cureit.log but its huge so i don't think that was what u were asking for.
I would attach it to this i dont know how

 

Sorry about this huge delay in the process , i have been fighting of a small flood in my house. Just uploading the 50mb notepad file now.

 

there is the link to the CureIt.log
http://www.filedropper.com/cureit

 

ooo dam well could u point me a direction of guide to format hard drive , ill have to go out and buy windows install cd as my laptop didnt come with one just a windows license , dam cheap acer grrr.

Thanks for all the time and effort u have put into helping me , i thank you for ur fast replies and lam sorry for my slow ones.