Unable to enter "safe mode"

I have a problem with garbage that I found with Spybot - Search and Destroy, but I am unable to delete. Zone Alarm is also notifying me about "head24.exe" attempting to access the internet and I have something hijacking my browser.

However, before asking for help, I have gone as far as I can with your begining recommendations: "Run and Read me first" http://forums.majorgeeks.com/showthread.php?t=35407

Step 0: Nothing odd found with Add/Remove on the control panel
Step 1: Read it, didn't disable System Restore.
Step 2: Viewing is enabled for all hidden files
Step 3: I'm only using AVG antivirus
Step 4: All tools downloaded, updated, and ready per instructions.
Step 5: **Problem** I'm unable to enter "safe mode". I go to the msconfig and there is no BOOT.INI tab. Pressing F8 during startup sequence does nothing. I'm not sure how to correctly proceed from here.

When I was at the msconfig on the "General" tab I selected "Diagnostic Startup", however it gave a pop up message that I didn't have sufficient authority. I confirmed that I do have Administrator access. I restarted the computer, ran through all steps listed in Step 6 of your trouble shooting guide, but I was unable to reconnect to the internet. (AVG did find some viruses, Spybot did find problems with my registry and said it deleted them) I went back to msconfig and reselected "Normal Startup". Same browser hijacking, head24.exe is still trying to access the internet. I opened the registry editor and confirmed that the files Spybot found were not removed. They are:

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\SECURITYCENTER\UPDATES\AntivirusDisableNotify
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\SECURITYCENTER\UPDATES\AntivirusOverride
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\SECURITYCENTER\UPDATES\FirewallDisableNotify
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\SECURITYCENTER\UPDATES\FirewallOverride
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\SECURITYCENTER\UPDATES\UpdatesDisableNotify

Any suggestions would be greatly appreciated.

 

If you are unable to do the steps in Safe Mode, then do them in Normal Windows boot.

Then, please attach the requested logs.

-- -- Also, please go here ---> http://virusscan.jotti.org/ and use the Browse Button at the top of the page to navigate to head24.exe (likely in System32 folder) and Upload it for analysis. Please submit the results along with the requested logs from the Read& Run when you post back and I'm sure somebody will be along to assist you in a timely manner.

Best Luck
PP

 

Thanks, PhilliePhan.

I'm unable to locate "head24.exe" on either drive. I did find 4 dat files (gimmygames1, winsysupd51, drsmartload2 and myupdates1) that had supposedly been identified and removed by Spybot S&D. I attempted to scan them at http://virusscan.jotti.org and in each case response was "The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file"

I started over with Read&Run, BitDefender Online Scanner is running right now. I'll update with all information in another post.