Need help with preliminary clean-up steps.. thanks in advance!

I recently realized my system was infected when World of Warcraft began to lock up with crashes and over the course of an afternoon ceased to start up at all. I have many anti-spyware programs installed that revealed next to nothing about the problem, so I decided to uninstall them and follow your list of instructions (prior to posting a hijack log) to the letter.

I created a new folder in my C: drive entitled AntiSpyware and downloaded all the recommended to that folder as suggested, but the installation files seem to have been corrupted during the download. It is difficult for me to download anything, in fact, that is not corrupted upon completion. Further, the errors related to Warcraft mentioned the game files being corrupted.

I need to know what kind of virus I'm dealing with and how to get by the corrupted download issue. Otherwise I don't think I'll be able to get the tools I need to fix the problem. Thanks in advance for any response.

 

I booted up in Safe Mode w/ Networking and downloaded all the programs to my AntiSpyware folder. I installed them and still experienced some problems.

AdAware scanned and found nothing malignant save for a single tracking cookie.

CCleaner experienced "runtime error '0'" when I tried to run it; wouldn't work.

When I ran Spybot, it displayed the following message on startup: "This application has been changed since it was created. Since Spybot does not change itself, we recommend you check your system for malware and viruses immediately." The scan showed nothing malignant.

AVG Free found no viruses but showed a "Reading Error" on drive C:/.

Online scanners did not seem to be working.

 

Edit by chaslang: Inline log attached

 

No discernible disturbances during the scan. Ran it in normal mode.

 

I apologize for the mistake. Here is my log file, with all items activated on startup.

 

Also, I realized right after I made the new log that the instructions specificied to boot up in NORMAL mode, and I had started up in selective mode again, only w/ all startup items activated.

When I attempted to boot up in normal mode to make yet another new log, windows was completely locked up. My desktop background appeared but the tool bar never showed up. What I can only describe as green and purple streaks covered most of the screen, and Windows would not properly load. I am in Safe Mode now and will restart in selective startup mode which seemed to be at least somewhat workable before.

 

The first log I posted represents the way I normally use Windows, which is in Selective Startup with all startup items disabled. I don't know when I started booting up this way regularly, must have been at least a year ago when someone showed me I could stop annoying programs from running in the background that way.

The second log shows selective startup with all the startup items allowed to run. As for the stuff under SYSTEM.INI, BOOT.INI, and Services, all of it was checked both times and I guess that's the way my Windows normally is configured all the time. There is a whole slew of stuff under Services and I don't know what most of it does.

As for what I'm experiencing when I try to start up normally... Any idea what that could be?

 

Well, in any case, I cannot start up normally. As I described, Windows is completely FUBARed when I try now, and this is very discouraging. I didn't know my laptop had such serious problems, and this all comes after pouring $400 into repairs and maintenance three months ago.

The technician I paid said he took the files off my laptop, cleaned them, replaced my hard drive, and then restored the files. Everyone I talk to, though, says my problems look hard drive related. Does this make any sense?

Also: How do you remove items from the registry?

 

I am completely certain that all of the startup items were checked on that log. Under Services, when all Microsoft products are disabled, this is the list that remains:

(Manufacturer in parenthesis)

Ati HotKey Poller (Unknown)
AVG7 Alert Manager Server (GRISOFT)
AVG7 Update Service (GRISOFT)
InstallDriver Table Manager (Unknown)
iPodService (Apple Computer, Inc.)
SmartLinkService (Smart Link)

Think fixing some of the garbage on the Hijack log will allow me to start up normally again? Until then I'm on a laptop I borrowed from the Flintstones.

 

Here is the txt file. Thank you by the way, for all your help so far. I appreciate it.

 

Until you pointed it out to me, I didn't realize running in selective startup was just masking a problem that could've been fixed directly, so I always ran it that way before. Yes, I am now in Normal Startup (safe mode style).

The same normal startup that glitches my screen when I'm not in safe mode.

 

A successful bootup was not possible in any of those configurations. Even with all four options unchecked, the screen glitched when my desktop came up. :X

 

When my computer was running well, for all intents and purposes, I was starting up in Selective Startup with everything under the startup tab disabled.

Now even when I try to startup that way, it glitches.

I can say this: when my computer came back from the shop there were only two or three items under the startup tab, and now there are a ton. Originally I only remember AIM and Quicktime being there and I disabled them so they wouldn't start up automatically or run in the background every time I turned on the computer. As the list accumulated, I kept disabling everything cause I didn't know which item did what.

Something or many things in there have to be bad news cause now it looks like I can only boot up in safe mode.

 

And yes, the original BOOT.ini was selected. The other option is greyed out for me anyway.

 

The way that used to work does not work anymore.

The first time I ever experienced that weird glitch on my screen was the time you told me I was running in Selective Startup and asked me to restart in Normal mode. I did it, and the screen glitched. I booted up in Safe Mode at that point and opened up msconfig to try to reboot back into Selective Startup the way I usually had until that point, and it glitched anyway. It glitches every time now.

Doesn't make sense to me either. And I'm getting sick of the word "glitch".

 

No and No.

I do know that the programs on the startup tab launch, because when I startup my infected laptop in normal mode, I get that message from AIM on my backup computer telling me I have my screen name signed on at two computers at once. The UI is locked up though, nothing appears on my screen except the desktop background and the mess of purple and green lines streaking across the screen.