Hi all!
Two days ago as i was downloading a subtitle for a movie, my desktop suddenly changed and an advert saying that my computer have been infected popped up and became my new desktop background. tried to change the background yet there was no place to click. my web searching gave me many options and finally i managed to get successfully solve the problems. then came a new problem! i cannot access www.symantec.com, windows update, many antivirus plus online virus scanners. even some websites where i could get help could not be accessed. i downloaded spydoctor yet couldn't update it. i worked around it by using google's pack. i have used fixwaresout.exe , hijackthis, regcure (it keeps opening every time i start my computer), cleaned the HOST file and there was nothing in the log except this "127.0.0.1 localhost". even the hijackthis log could not open in notepad(seems to be malfunctioning too) but only with wordpad. initially norton 360 was launching at startup yet it isn't lauching in anyway. i have followed a number if not tens of solutions yet i still cannot access antivirus/spyware/malware etc... related sites or even forums. it was by sheer lucky that this websites opened. shuffled the DNS yet the problem persists. checked with the rootkit revealer, failed to reach a solution. i tried lauching anchorfree hotshield same story: couldn't. before this i could. i really do not want to re-install xp because there are too many valuable things in my computer. system restore doesn't work. it says on but when i want to back up my data, there is a prompt which requires me to turn on the system restore, yet the computer shows its on. i am very confused as of now. please help!.

Can you try the steps HERE?.
Especially the Malwarebytes program. Have it fix everything found.
Ignore the DSS scanner program in that sticky for now, it is not available.
See if you can get us a scan with HiJackThis too

thanks for a quick prompt.
I have tried the suggestions in the read before posting:
system restore as i said before has a problem. sometimes, only sometimes works in safe mode.
atf-cleaner cannot be accessed.
microsoft malicious removal tool.... can be accessed to the downloading part and then stops. try the other link... not able to access.
option 9 for the online scanning... all of them cannot be accessed.!
i have been trying to post the HJT log with no success.... i will keep on trying

tried to zip it:

Don't worry about the System Restore part...you don't need to do anything with that until we are sure the system is clean.
When you say ATF-Cleaner cannot be accessed do you mean you cannot download it or you have downloaded it but cannot run it?
If nothing else try the built-in disk clean up program on the computer. If you can't do that either don't worry about it.
A key program would be the Malwarebytes program. Have you been able to download and install it?
The main thing is do what you can.
What is happening when you are trying to post the HJT log?

Was the zip file the only way to post it? You can either copy/paste or attach as a .txt file.

tried to copy it.. i couldn't. let me try to attach it as txt file. i have downloaded the Malwarebytes and it is scanning now. i will post its log when it has finished.

several attempt to copy and paste it failed... changed to text file also failed to upload....

Post the malwarebytes log as soon as it is complete. Be sure to have it fix what it finds.
After that I want you to download ComboFix
Click on the Save button and then when it asks you where to save it, make sure you save it directly to your Windows Desktop
Close all open Windows including this one.
Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix.

Double Click the Combofix icon on the desktop.
Please note, that once you start ComboFix you should not click anywhere on the ComboFix window as it can cause the program to stall. In fact, when ComboFix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.
Windows may issue a prompt because ComboFix does not have a digital signature. This is perfectly normal and safe and you can click on the Run button to continue.
When the program begins to run you will be offered a disclaimer. To agree to run the program you must press 1. Please do so.
Then ComboFix will create a System Restore point so that if any problems occur while using the program you can restore back to your previous configuration. When ComboFix has finished creating the restore point, it will then backup your Windows Registry.

Once the Windows Registry has finished being backed up, ComboFix will disconnect your computer from the Internet. Therefore, do not be surprised or concerned if you receive any warnings stating that you are no longer on the Internet as your connection will be completely restored at a later stage in the program.

ComboFix will now start scanning your computer for known infections. This procedure can take some time, so please be patient.
While the program is scanning your computer, it will change your clock format, so do not be concerned when you see this happen. When ComboFix is finished it will restore your clock settings to what they were previously. You will also see the text in the ComboFix window being updated as it goes through the various stages of its scan.

When ComboFix has finished running, you will see a screen stating that it is preparing the log report.
This can take a while, so please be patient. If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.
When ComboFix has finished, it will automatically close the program and change your clock back to its original format. It will then display the log file automatically for you.
Post back here with that log.
NOTE* Do NOT TOUCH the computer while Combofix is running as this could cause the program to stall or fail.

wow! thanks a lot! after using the malwarebytes my computer got 95% fixed! i mean all those websites i couldn't access i can now access. the only isssue left is the norton 360 lauch and system restore malfunctions. i am going to send some logs, (ah! the notepad now works fine and i think i can copy and paste with no problem!). thank you so much!
after sending those logs i will start with the combofix.

malwarebytes log:

Malwarebytes' Anti-Malware 1.25
Database version: 1092
Windows 5.1.2600 Service Pack 2

10:44:19 AM 8/29/2008
mbam-log-08-29-2008 (10-44-19).txt

Scan type: Full Scan (C:\|E:\|)
Objects scanned: 142580
Time elapsed: 44 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 9

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\User\Desktop\all in\Unused Desktop Shortcuts\WinRar_v3.51_Crack_by_Bokiv\WinRar_v3.51_Crack_by_Bokiv.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssadw.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssl.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssserf.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssmain.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdsslog.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\tdssserv.sys (Trojan.Agent) -> Delete on reboot.