|Anti-virus and Anti-malware programs may prevent the tools we need to use from fixing an infected system. Please disable (temporarily) any Anti-virus and Anti-malware programs you have running: right click the program's Taskbar icon, or access each program through Start - Programs to disable.|
Next, please download TDSSKiller from the following link:
Save it to the Desktop.
If you cannot download the file, the malware may be blocking the attempt. You need to download the file to a clean computer and then transfer it to the infected one using a USB flash drive, or external media (an external drive or a CD) .
Once the file is on the Desktop, right-click on the TDSSKiller.exe icon and select: Rename.
Name it a random name with a .com extension. For example: jaws.com
Now, double-click on the renamed file to launch it. If you receive a warning from Publisher: Kaspersky Lab asking if you want to run the file, click on the Run button to allow TDSSKiller to run.
When TDSSKiller starts, it displays the welcome screen.
Click on the Start Scan button.
When the scan finishes it displays a results screen stating whether or not the infection was found on your computer.
To remove the infection, click on the Continue button. If it does not say Cure on the results screen, leave it at the default action of Skip, and press the Continue button. Do not change to Delete or Quarantine as it may delete infected files that are required for Windows to operate properly.
When TDSSKiller finishes cleaning the infection, a report stating whether or not it was successful is shown.
If TDSSKiller requires a reboot to finish the cleaning process, click on: Reboot Now
Next, start the computer in Safe Mode with Networking by tapping the F8 key while it boots, and selecting this option
Maybe you will have better luck with Rkill if you do this:
Download one of these files: iExplore.exe or eXplorer.exe These files are renamed copies of RKill:
Save the file selected to the Desktop, and double-click on it. (For Vista/Windows 7, select: Run as Administrator)
Ignore any messages, and allow the file to run until the command window closes.
Without a reboot, download Malwarebytes’ Anti-Malware (black button with green and white icon) Save to the Desktop:
Double-click mbam-setup.exe and follow the prompts to install the program. (For Vista/Windows 7, select: Run as Administrator)
Run Malwarfebytes’ AntiMalware and update the program.
Once updated, select Perform Full Scan and click the scan button.
When the scan finishes, click OK in the message box, and you will see the results of the scan.
Click the Remove Selected button to get rid of the malware.
When Malwarebytes finishes, you may be prompted to reboot. If so, reboot.
>>Please post the TDSSKiller and the Malwarebytes logs in your reply so we can see where we are at, and plan any additional removal strategy, if necessary.<<