dangerous to myself and my system

Hello ladies and gents of MAJORGEEKS,
I finally did it. I joined in desperation. I downloaded and clicked install instead of delete on program that had a nasty in it. It has chewwed through my system so it won't even boot my Windows XP sp3. it will boot live linux cd though. it was a trojan that I thought I got rid of and I even deleted all files I could find for that date and checked regedit. so here are the specs in hardware. intel core2quad6600; abit fatality fp-in9; 2 maxtor sata 160gb drives(no raid setup); 2 2gb ddr2 patriot memory @pc6400; 2evga geforce 7600gs w/256mb in sli; and 2 samsung dvd-rw's
software of importance windows xp home w/sp 3 ,AVG antivirus(although I tried several other free ones from zdnet when things started to go south on this system),nvidia firewall,spybotsearch and destroy, a couple other things one like HJT and a taskman re enabler(trojan wasnt letting me acces it or my C drive in MY COMPUTER or regedit after awhile).
It took out my profile and admin as well as several other profiles and it was redirecting web traffic to other pages so i'm usung old laptop to send this.
I know it may be asking much,but I really need some documents and access to a couple of other things, so if there' s a way to do that before we reach formatting I would appreciate the help. thanks in advance.

 

I have tried all options after using F8 key (safe,safe w/network,safe w/cmd prompt). a couple of times I got as far as start of safemode screen (safe mode in corners but screen is black) mouse pointer moves (no icons) and keyboard disabled(no Num lock even though enabled it in bios). usually hang there, HD light will flicker every 1-2 seconds. if it doesnt get that far it gives list of system32\drivers and hangs at windows\system32\drivers\Mup.sys. Is there another way to safe mode??

 

no safe mode at all and no normal modes

 

I am in safe mode thanks to you and system restore... had to do a lot of repair in system32 to get there. before I proceed to kill all malware I need to know if I should get back deleted admin profiles so I can get my lost files(documents andsettings) and is there an easy way to undelete them enmasse? the files appear to be there (I managed to install Restoration version 2.5.14).

 

I have tried to go through the read and runme 1st. windows installer says unable to install SAS.exe. ( tried it in safe mode as admin. and says"the system administrator has set policies to prevent this installation"). ran all others... do you want logs or wait 'til you help me run SAS??

 

Iam trying to send logs but keep getting popup (even after disabling blocker)
Thoughts???

 

Sorry , I mis-typed. let me clarify... when trying to attach logs I hit manage attachment then brouse. I get a message (apparently from popup blocker) that popup has been blocked(yada yada). I checked settings and turned off popup blocker(checked settings and it has line asking if I want to turn popup blocker on). is there another way to get the logs to you (Idon't think you want a cut/paste from possible infected system)

 

sorry again Ihavent gotten much sleep trying to fix this( i should have finished reading last part of your post). files will not attach on affected or backup(laptop) systems. files appear to upload(flashing lights on router for that connection) the I get message from majorgeek site: Your submission could not be processed because a security token was missing.

If this occurred unexpectedly, please inform the administrator and describe the action you performed before you received this error.
I assume you have admin. priv. and can explain/fix/help
all I was doing was uploading logs and mgtoolszip

 

same message when using firefox(and apears to upload as well)

 

here is hijackthis.log

 

here is combofix.txt

 

not sure what you need from mglogs.zip so here it is(all)

*****************************************************************************

Sorry this is so long and thanks for the patience BTW windows installer not working (maybe why I cant install SAS.exe)

 

Got them.....
___________________________________________

 

registry modification a success:-D