Can't run ANY programs even in safe mode

I have been through the read 'n run list and unfortunately I cannot run any of the programs or provide logs, for the reasons I am about to state.


I've been having issues with some kind of browser hijacker I can't seem to get rid of. Yesterday it downloaded what is apparently the mother of all viruses- it immediately restarted my computer, whereupon I could not run ANY programs at all. I tried restarting in safe mode and in safe mode w networking- no dice. I tried system restore- appeared to work, but the virus was still there. (In retrospect I realize this was a bad idea, I didn't realize at the time that the virus may have screwed up my restore points.)

I cannot run any programs, either from the hard drive or from a usb flash drive. When I try, the process comes up briefly in task manager, and then it's almost immediately killed. Either "svchost. exe *32 (winrscmde in the description column)" or the windows error manager pops up before the process is killed, not sure if that's connected.

When I boot into safe mode, the following processes are running: csrss.exe, ctfmon.exe, explorer.exe, lsass.exe, lsm.exe, services.exe, smss.exe, about six copies of svchost.exe, system, system idle process, taskmgr.exe, wininit.lexe, winlogon.exe

At one point I was miraculously able to get firefox open in safe mode with networking, I was able to download avg and to run malwarebytes- it detected the svchost trojan and deleted it, but when I restarted the computer again (big mistake) the whole mess was just the same.

I strongly suspect a rootkit but I have no idea how to go about fixing this, since I can't run any programs at all, even in safe mode. I downloaded avg's boot disc (the usb version) but I'm not sure what to do with it, I just have the rar sitting on my usb drive- the computer I am using now doesn't have a program that can open rar, and it's a networked pc where I don't have admin privileges so I can't install a program to extract the rar. I did not make a recovery disc when I got this laptop. I currently have internet access through a work computer- I can use it to download programs to my usb drive and transfer them to the infected laptop.

I would greatly appreciate any help you can give me.

 

I am running Windows 7. I was running Malwarebytes and Adaware, but not antivirus- I downloaded AVG at the one point during infection where the virus let me run files in safe mode, but I didn't get to do anything with it. That was my first big mistake- second was not putting the hours into rooting out the persistent browser hijacker that kept directing me to pages that would sometimes download more malware.

Having read about an extremely similar problem which turned out to be a corrupted MBR, that's what I now suspect- a rootkit that dug in deep enough to damage the MBR.

I actually got desperate enough last night to pursue the nuclear option- got myself into system recovery during the boot and set my computer all the way back to factory settings. This seems to have worked. On restart I was able to open programs normally and the first thing I downloaded was AVG free- AVG said I was clean, so I ran the rootkit tool, which was reporting an irp hook in atapi. Malwarebytes reported svchost infection. Knowing that AVG can sometimes give false positives for rootkits, I downloaded TDSSkiller, which told me that I was infected with pihar. After I cleaned and restarted, AVG rootkit and Malwarebytes both came back clean.

I believe I am now malware-free. If you have any further advice about any checks/scans I should run to make sure, I'd appreciate the advice. But otherwise I thank you for your time, and I believe we can consider the problem solved.