Hi there gregsmit62!
I am
Gabethebabe and I will be helping you with this issue. Before we start some general remarks/rules:
- Whilst I´m helping you, please follow my instructions carefully and do not experiment on your own or accept help from other persons.
- Feel free to ask questions! Especially if my instructions are not clear. I´m here to help, not confuse you.
- I will try and respond quickly, but please understand I do have a real life (job, wife, 3 kids, kinky hobbies).
- Stick with me till the end. If your computer starts running better, doesn´t mean it is clean yet!
====================What do you mean - cannot access Windows. Bluescreens of death or windows halting or is it just that vista antivirus 2012 is not allowing you to run any program?
If this is the case, try this:
Please download
RKill by
Grinler from Download Mirror #1 and save it to your
desktop.
Download Mirror #1 (rkill.exe)Download Mirror #2 (rkill.scr)Download Mirror #3 (rkill.com)Download Mirror #4 (WiNlOgOn.exe)Download Mirror #5 (uSeRiNiT.exe)Download Mirror #6 (iExplore.exe)Download Mirror #7 (eXplorer.exe)- Double click the RKill desktop icon (rightclick > Run as Administrator for Vista/WIN7).
- A black screen will briefly flash indicating a successful run.
- If this does not occur please delete that application and try using Mirror #2
- Continue process until the tool runs.
- Important: RKill only temporarily disables the malware. If you reboot the computer, it will be active again. So do not reboot until we kill the infection.
====================Please download
OTL by
OldTimer from
here and save it to your
desktop.
- Close all windows and double click OTL.exe.
- The Extra Registry setting should be Use Safelist
- Copy and paste the following text into the Custom Scans/Fixes box:
Code:
%APPDATA%\Microsoft\*.*
%systemroot%\system32\config\systemprofile\*.dat /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\winn32\*.*
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%PROGRAMFILES%\Mozilla Firefox\*.exe
%ProgramFiles%\TinyProxy.
%systemroot%\system32\*.* /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.* /lockedfiles
%PROGRAMFILES%\*.
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
/md5start
netlogon.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
disk.sys
explorer.exe
userinit.exe
winlogon.exe
/md5stop
CREATERESTOREPOINT
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
- Click the Run Scan button and allow it to run.
- It will produce two logs for you, OTL.txt and Extras.txt. Please post both logs in this thread.
- You may need multiple posts to get it all.