I'll try to be as detailed as possible and break down my post into two sections to explain the problem:
Yesterday my computer was infected with the MS Antivirus Virus. I discovered the problem after I came home from work, all the popups "Warning you have a virus" crap and the little red "X" virus warning near the clock. The whole 9 yards. I traced it back to a video played from some Polish site by a family member earlier in the day...
. If they had to clean this crap up it'd sure fix the yearning to muck about on shady sites.
WHAT I HAVE DONE SO FAR:
1. I ran an AVG scan. Removed the suggested files. When I rebooted the problem still existed.
2. Ran Superantispyware. Found a couple threats, possibly unrelated. Rebooted, problem still existed.
3. Traced down the time stamp of one of the infected files found in AVG and did a manual search for all files created at that exact minute. I found about 4 more suspect files mostly numbered .exe files (4179.exe, 19473.exe, etc). I deleted those files. Also, this is where I discovered the Polish site connection in a cookie, not that it really mattered other than to trace the virus to the guilty family member's actions.
4. I read a forum post mentioning Malwarebytes, so I downloaded it and ran a scan. Rebooted. This program smoked out many symptoms of the virus (ie the red "X" near the clock, certain popups). In fact, I was certain the virus was gone. Then 5 minutes later I had a popup. I suppose each .exe was responsible for a specific popup, because it was now only the same one again and again. I went to task manager to see what process called it up: userinit.exe. My earlier manual search (from step 3) did reveal that my userinit.exe was among those files created/modified at the same time stamp the virus hit. But I read that this was a necessary system file so I didn't delete it at that time.
5. I ran Malwarebytes again, and viola, Trojan agent at C:\winnt\system32\userinit.exe
6. Hit the sack in frustration...
That is where I am at now. Infected system files are new territory for me in my virus fighting battles. I don't want to crash my system with my usual method of trial and error I employ when the stakes are not so high.
So what is the best angle to approach cleaning up my userinit.exe?