Help!!!

Welcome to Major Geeks!

Please follow the instructions in the below link and attach the requested logs when you finish these instructions. If something does not run, write down the info to explain to us later but keep on going. Do not assume that because one step does not work that they all will not.

READ & RUN ME FIRST. Malware Removal Guide


Note: If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode. You can running steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

 

Assuming that it didn't corrupt your registry...you can try doing a system restore if you have the xp cd. You will need that no matter which way we try to go.

Do you have the cd?

Code:

Here is the 12-step process:

      1. Boot the Recovery Console from the Windows XP installation CD.

      2. When you're at the Recovery Console command prompt, change into the root directory of the system drive with the cd command (i.e., cd \).

      3. Change into the System Volume Information directory by typing cd system~1 on most machines, or cd "System Volume Information."

      (The filenames with ~1 are generated by default to provide backwards compatibility with programs that only recognize 8.3-format filenames. It's possible to disable 8.3 filename generation on NTFS volumes to gain some speed, but the speed gained by doing this is generally pretty small and it can have the unintended consequence of making it impossible to use 8.3 filenames in contexts like this. If you can't use 8.3 filenames to navigate, 8.3 name generation might be disabled. See Microsoft's support document called How to Disable the 8.3 Name Creation on NTFS Partitions.

      4. The System Volume Information directory contains a folder name _restore followed by a GUID in curly braces. Change into it by typing cd _resto~1; if that doesn't work you'll have to type cd "_restore{GUID_STRING}", with the full GUID string in place of GUID_STRING.

      5. In the _restore directory are a group of subdirectories starting with the letters RP and followed by a number. These are the different restore points available for that volume.

      6. Check the date on each directory and look for one that corresponds to a date before you began experiencing problems.

      7. Change into the appropriate directory. If the directory is named RP74, for instance, change into it by typing RP74.

      8. Inside that directory will be a subdirectory named snapshot; change into that directory as well (cd snapshot)

      9. The snapshot directory holds backup copies of the SOFTWARE and SYSTEM Registry hives, named _REGISTRY_MACHINE_SOFTWARE and _REGISTRY_MACHINE_SYSTEM, respectively.

      10. The target directory for these files is \Windows\System32\Config, and the hives there are named SOFTWARE and SYSTEM. Rather than overwrite those files entirely, you can rename them to something else. Typing ren \windows\system32\config\software \windows\system32\config\software.bak and ren \windows\system32\config\system \windows\system32\config\system.bak will rename them to software.bak and system.bak, respectively.

      11. Copy in the backup hives: copy _REGISTRY_MACHINE_SOFTWARE \windows\system32\config\software and copy _REGISTRY_MACHINE_SYSTEM \windows\system32\config\system.

      12. Type exit to leave the Recovery Console and restart the computer.