Computer only starts in safe-mode

I clicked on the AIM instant message that downlaods the virus then sends out the links to everyone on the buddy list. After getting it i managed to run spy-bot, adware, and symantec antivirus. I dont remmember if i did it in safe mode or in the regular mode. But my problem now is that I've run the programs in safe-mode and they dont show anything on my computer, but when i turn on my computer it starts normally goes to the windows xp page then flashes a blue page for about a second then restarts. Then it goes to the page where i can select: Safe-mode, Safe-mode with network, Safe-mode with command prompt, restart with last known good configuration. So i was hoping that you guys could help me figure out how i can get it so that it will start up normally again, thanks a lot for the help.

 

Please follow the steps below:

- Run ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

Make sure you check version numbers and get all updates.

- Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps below:

- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).

 

I ran all of the scans, when I ran the online BitDefender scan it came up with TrojanDownloader.CZR and deleted it, and it found Win32.worm.Oscarbot.B and deleted it. CWShredder found VX2.look2me it removed it, and CWS.ms.config and removed it. The other scans didn’t find anything. And here is the hijackthis log.

 

Make sure you have done the following:
How to view hidden, system files & folders!
Searching for Hidden Files on WinXP

In HJT Choose Open the Misc Tools Section choose Process Manager, Highlight:

Choose Kill Process

Now scan and have HJT Fix the following:

REBOOT to Safe Mode

Open Windows Explorer and navigate to C:\WINDOWS\System32 and DELETE windir32.exe.

REBOOT to Normal Mode. Run HijackThis and Post a fresh log as an attachment.

 

When i do this step

In HJT Choose Open the Misc Tools Section choose Process Manager

I see:

C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsas.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\program Files\Internet Explorer\iexplore.exe
C:\Spyware Tools\hijackthis\HijackThis.exe

I don't see windir32.exe

should i just proceed with the other steps?

 

If it's not there then just proceed with the rest of the steps.

 

I went through the last step and fixed everything you told me to. Then restarted in safe-mode and searched for the file in the C:\WINDOWS\System32 folder but i couldnt find it, i ran a search for it and found this :WINDIR32.EXE.17f8AEA6.pf in C:\Windows\Preftech
After that i tried to restart in normal mode and it still failed.
And heres the newest hijackthis log.

 

Alright i took care of: O4 - HKLM\..\RunServices: [Microsoft Windows DLL Services Configuration] windir32.exe

I still cant find windir32.exe in the folder c:\windows\system32

I disabled CWShredder and deleted it with hijack this. And did not reboot.

 

It didnt reboot normally but heres the new log.

 

Aorry about this, but what do you mean by "load the bellow file"?

 

Here it is, I think, and I must say I'm very impressed with how your taking care of several people simultaneously.

[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

 

When the computer boots up it gets to the XP Screen with the black background and the green dots that move across the screen uner the XP symbol, before it reaches the accounts, and then it flashes a blue page with white writing on it real fast and then restarts at the motherboards screen. I don’t have my bootable WinXP CD, I'm at college and ill have to go home to get it.

 

Its from about a year and a half ago, so I dont think that its a WinXPSP2 CD. I'll take a look at that thread and make a posting in the software section with a link to this thread. Thanks a lot for the help in getting all the help up till now I really appreciate it.