Did all five steps, to no avail

Welcome to Major Geesk!

I'm sorry for the delay but you should have read the info you received in the email you were sent when you signed up. Also when you rean the READ & RUN RUN ME FIRST. Both of these gave you the below link to read:

Don't Bump! It Only Hurts You!!!

Your 2nd and 3rd messages cost you 3 to 4 days of additional delay by moving you back to the end of the queue each time.

What is your current status?

1. Can you boot in normal mode?
2. Can you boot in safe mode in any of the below modes?
   • safe mode with networking
   • safe mode without networking
   • safe mode with command prompt

You have a bunch more malware to remove but you need to be able to boot in order to remove it completely.

You logs show you had Windows problems in the past since I see C:\windows.new is where you have Windows installed now. It looks like this folder is from Aug 19, 2009. Did you just reinstall Windows and get it infected almost immediately?

Also did you or someone else change the Userinit registry entry to run Windows Explorer rather that userinit.exe on startup? What I saw was the below:

And it should be the following:

I will give you a fix to try below which you can run in either safe boot mode or normal boot mode if you can boot at all.

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

Now download The Avenger by Swandog46, and save it to your Desktop.

• Extract avenger.exe from the Zip file and save it to your desktop
• Run avenger.exe by double-clicking on it.
• Do not change any check box options!!
• Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

• Now click the Execute button.
• Click Yes to the prompt to confirm you want to execute.
• Click Yes to the Reboot now? question that will appear when Avenger finishes running.
• Your PC should reboot, if not, reboot it yourself.
• A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

Now run Ccleaner. Only use the Run Cleaner button. Do not run anything else on any other forms.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• C:\avenger.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

You need to attach the logs!

 

You were attaching the same old logs. You need to follow the instructions I gave to create a new log and then attach. I need new logs not the same ones that was previously attached. Also need the avenger.txt log

 

Ah that's different. You did not mention this previously. Now that you have I took a deeper look into your logs and I can see the Virut infection.

Sorry to give you the bad news but you will have to do a total clean reinstall.

Your logs show that your Windows Operating system files have become infected by the Virut infection and there is no known reliable fix for this. In addition there are probably many many other executable files infected Virut. We could spend a lot of time trying to remove this infection, but odds are that it will not work because the nature of the infection has so many executable system files infected that as soon as we fix one file, other files that are infected will almost immediately or upon the next reboot, just reinfect the files. In addition, your PC would still basically be unreliable/untrustworthy even if we manage to fix the infected files that we can see since there could be many more that we are not seeing.

The safest thing for you to do is backup your personal data immediately since your PC could possibly become unbootable at any point in time. Do not back up any executable files. This includes programs that you have downloaded since any of them could be infected. Anything you may have already backed up that is an executable type file (things you downloaded to install programs....etc) are most likely infected and will cause you to be reinfected if you reuse these files.

Once you backup, you need to format partitions and reinstall Windows and all other software especially your protection software. Then install all updates for all software. DO NOT reinstall from any executable file backups you made while this PC was infected or you will just be reinstalling the infection.

 

You're welcome. Make sure you work thru the below now:

• How to Protect yourself from malware!