Malware Causing Windows to be Unactivated?

Please go back to step 2 of the READ & RUN ME and do it properly. Then continue on to the below.


Run this Virtumonde aka Trojan Vundo Removal and do not attach the requested log right away. Run it multiple times until it comes up clean and then attach the final log.



Now attach the below new logs.

1. GetRunKey
2. ShowNew
3. HJT

 

There are multiple options to set there. You still did not do them. You did not enable viewing of system files nor did you unselect hiding of extentions for know file types. You need to do this or you will not be able to find the files I will list further down that you need to delete.

Probably it is. You may have to get it re-validated. This however is not a topic for this forum especially since your copy of windows may not be legit. I see this installed: Activation Remover



Run HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O2 - BHO: (no name) - {748E6C81-DC7D-4974-BE84-016C7A71A0D2} - C:\WINDOWS\system32\rqrrsrq.dll (file missing)
O2 - BHO: (no name) - {7EE56B2F-E64B-440D-B527-E05DBC5715F5} - C:\WINDOWS\system32\sstqn.dll (file missing)
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll
After clicking Fix, exit HJT.

Now reboot in normal mode
Now Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Now run Windows Explorer and use it to delete the below files:
C:\WINDOWS\system32\antiwpa.dll
C:\WINDOWS\system32\nqtss.bak1
C:\WINDOWS\system32\nqtss.bak2
C:\WINDOWS\system32\bpqmuouo.ini
C:\WINDOWS\system32\nqtss.ini
C:\WINDOWS\system32\ysslenbj.ini

Now run Ccleaner.
Now attach the below new logs and tell me how the above steps went.

1. GetRunKey
2. ShowNew
3. HJT

Make sure you tell me how things are working now!