Major virus issue, can't get beyond log in screen

[uberT]

My daughter's R60e has been hit real bad by a virus (Internet Security 2010) and multiple trojan horses. I've been working on it with multiple anti-virus scrubbers, etc. I've manually deleted the suggested keys from the registry. Problem is, this virus attack has been extraordinarly resistent to removing it and correcting things. It's disabled regedit, the ability to boot to Safe Mode and more. I thought I was at the point of having things corrected, but it's left me one final surprise. Whenever I logging in at the Windows screen with the password, I get the normal desktop for only a fraction of a second and then the machine logs off all on its own. I cannot log in as a guest either. I cannot get into Safe Mode, it cleverly produces the BSOD every time. At this moment, the machine's net worth is pretty low. I'd appreciate any suggestions apart from re-formatting as I've got many hours into this now. Thanks.

[uberT]

I can still run Rescue & Recovery.

I'm running BartPE right now to see if I can check a registry entry.

[RealBlackStuff]

Take the HD out and put it in a USB enclosure, or get an adapter like this Apricorn:
http://www.newegg.com/Product/Product.a ... -_-Product
Then connect to another PC or laptop, and do the viruscheck from there.
Get Malwarebytes and/or Superantispyware (free on the web) and install/update those first in that other machine.

[uberT]

RBS, thanks. I elected to cut my losses and ended up re-formatting mid-day. I was so close to having it resolved, yet so far away I believe I got all the trojans and the program removed, yet something caused a problem as I finalized my last scan. Truly disappointing when I thought I was home-free.

I found many other comments on the identical problem I was having, yet the fixes did not work on this machine. I used BartPE to grab critical data from the machine and parked that on a standalone hard drive. I'm at the point where I'm performing hundreds of updates on the machine now. This process takes forever.

I've scanned the re-formatted machine, it appears w/o viruses. I scanned the hard drive where the data is parked and it found one instance and took care of it.

I've dealt with a few minor infections in the past...nothing could compare to this. It was very well-done and disabled Malwarebytes and my anti-virus program. Pretty amazing. It also disabled Ctrl-Alt-Del and, as noted, I could not boot to safe mode. These people put a lot of effort into this little problem. We're not certain how it go onto the machine, but I was hit by it last week and immediately terminated my internet connection and did a System Restore. That was successful on that machine, the System Restore strategy did not work on this R60e.

I've since installed the SuperAntiSpyware program on my other machines.

[harvester]

Rescue and reformatting is the safest solution as well as the quickest in most cases (and if one always prepares for it).

I download all I can offline and burn to DVD, which I then have available for rapid updates.

http://www.windowsupdatesdownloader.com/Default.aspx

http://www.wsusoffline.net/

Making an image backup to restore computers that are often hit with is a good idea.

http://download.cnet.com/DriveImage-XML ... 43230.html

can also run from a PE live CD.

http://www.tipsfor.us/ghost-windows-xp- ... eparation/