Restart the computer and immediately start pressing the F8 key, once per second, till it loads a selection screen. Once there, use the up/down arrow keys to select "Last Known Good Configuration", then press the "Enter" key. Follow the prompts to let Windows select the last known good restore point and restart the computer.. If things start correctly, then follow the steps below to clean out the malware from your machine.. If the steps above don't allow you to start the computer correctly, then you'll need to use your recovery discs, or the recovery partition on your computer to wipe the hard drive, then reinstall everything back to its factory condition.
If you can download the tools below on your current computer, and get
them to work, then fine, but frequently the problem malware prevents the
programs from running correctly. If that's the case, then download ALL
of the tools below on a friend or family member's, CLEAN computer and
copy them to a CD or flash drive, then transfer them to the problem
machine and use them while in Safe Mode.
After transferring it to the problem machine, and after starting the computer in "Safe Mode with Networking", run the following tool to help allow the removal programs below to run. (courtesy of Grinler at
BleepingComputer.com) There are 3 different versions. If one of them
won't run then try to run the other one. Be patient.... as a black
window should open, then close after finding all the background
programs.Vista and Win7 users need to right click and choose Run as AdminYou only need to get one of them to run, not all of them.
IMMEDIATELY after running the "Rkill" tool above, run/install the Malwarebytes and
SuperAntispyware installer and update files from the links below which
you've also copied to a CD or flash drive, and transfered to the problem
machine. Do NOT restart the computer after running Rkill.Once
downloaded and before transferring Malwarebytes and SuperAntispyware to
the problem machine, rename the program installer "mbam-setup.exe" file
to something else like "Gogetum.exe", then copy the installer file and
the update file to a CD or flash drive.. Transfer the file to the
problem machine, then install the "Gogetum.exe" file, then run the
update to get the program current.. After that, run a full system scan
and delete anything it finds.
Malwarebytes Installer Download Link (Clicking on the links below will immediately start the download dialogue window.)
Malwarebytes Manual Updater link
Next, install and run a full system scan with the SuperAntispyware program
and the manual updater from the links below. As before, you may need to
rename the installer file to get the program to install.:
In a few situations, in order for the program to run, it was also
necessary to rename the main "mbam.exe" file also after installing it..
It resides in the C:\Programs Files\Malwarebytes Antimalware folder....
And after that, if everything's fine but you can't connect to the internet,
then follow the procedures below to check your network "proxy" settings
again.Open Internet Explorer and go to Tools-Internet
Options-Connection Tab. Click on the LAN settings button. IF there is a
check mark next to "Use a proxy server for your LAN", uncheck it. Click
OK. Then OK, again.
For the specific instructions by BleepingComputer, see the link below and note after following the steps above to clean out the primary infected files, download and run the "hosts-perm.bat" file to fix the HOSTS file permissions issue.:
Hope this helps.