[*]Restart the computer and press F8 repeatedly until the Advanced Options Menu appears.
[*]Select Repair your computer.
[*]Select Language and click Next
[*]Enter password (if necessary) and click OK, you should now see the screen below …
[*]Select the Command Prompt option.
[*]A command window will open.
[*]Type notepad then hit Enter.
[]Notepad will open.
[list]
[*]Click File > Open then select Computer.
[*]Note down the drive letter for your USB Drive.
[]Close Notepad.[/list]
[*]Back in the command window …
[*]Type e:/frst.exe
(or type e:/frst64.exeIf you download the FRST for 64-bit windows) and hit Enter
(where e: is replaced by the drive letter for your USB drive)
[*]FRST will start to run.
[list]
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]When finished scanning it will make a log FRST.txt on the flash drive.[/list]
[*]Next
[*]Type explorer.exe;winlogon.exe into the Search: field in FRST then click the Search File(s) button.
[*]FRST will search your computer for files and when finished it will produce a log Search.txt on the flash drive.
[*]Exit FRST.
[*]Close the command window.
[*]Boot back into normal mode and post me the FRST.txt and Search.txt logs please.
Adid, this malware is extremely agrressive. In order to remove it you need to follow his directions. That is the quickest way. The other longer way is you boot into Safe Mode w/ Command Prompt and start modifying Reg Keys, which is extremely dangerous to be doing. Please follow his directions.
Type explorer.exe;winlogon.exe into the Search: field in FRST then click the Search File(s) button.
FRST will search your computer for files and when finished it will produce a log Search.txt on the flash drive.
Exit FRST.
Close the command window.
Boot back into normal mode and post me the FRST.txt and Search.txt logs please.