UKASH for 3rd time

This is a longshot, but, at this stage, if it works...

With the computer/laptop powered off, turn on the machine. Wait for the Windows logo to appear, and immediately shut down pressing the power button. Don't let go of the power button until the laptop is off.

Turn the machine back on. Hopefully, a message appears telling you Windows failed to start properly.
Answer Yes if it asks whether you want to attempt to fix the problem.

Wait a few minutes, and Windows should ask if you want to return to a previous Restore point. Answer Yes.

Wait a while for the restore to complete. With any luck, Windows will reboot to your normal Desktop.

If it does...

Right after, please Malwarebytes Anti-Malware Download
Save to the Desktop
Double-click the downloaded MBAM file to run it.

When the installation begins, follow the prompts in the setup process.
DO NOT make any changes to default settings, and when the program has finished installing, make sure only the following options are checked:
>Update Malwarebytes’ Anti-Malware
>Launch Malwarebytes’ Anti-Malware
Uncheck:
>Enable free trial of Malwarebytes Anti-Malware PRO

Click on the Finish button.

If an update is found, the program automatically updates itself.
At the program console, on the Scanner tab, and select: Perform Quick Scan

Next, click on the Scan button.

When the Malwarebytes scan is completed, click on: Show Results

When presented with a screen showing the malware detected, make sure everything is Checked, and click on: Remove Selected

When removal is completed, a report opens in Notepad.
Please copy/paste the entire contents of the MBAM report in your reply.

Note: If MBAM encounters a file that is difficult to remove, you are asked to reboot the computer so MBAM can proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) prevents MBAM from removing all the malware.


If no luck with the above, then, do the following:

Please plug a USB flash drive into a clean computer.
Go to Start > Computer
Double-click Computer, and select the flash drive.
Right-click and select: Format
Press Start on the Format prompt.
Remove when done.

You may want to print these instructions so you can have access to follow
Also, you may want to read them once before you apply them.

Go to the Farbar Recovery Scan Tool Download
Select the download that applies to the infected system.
Save the program to the >> USB flash drive.

Next, plug the flash drive into the problem computer.

Start the computer.

As soon as the BIOS is loaded begin tapping the F8 key until the Advanced Boot Options menu appears.
Use the arrow keys to select the Repair your computer menu item.
Select your language settings, and click: Next
Select your User account and click: OK (If you did not set a password, leave blank.)

On the System Recovery Options menu you get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Scan your computer's memory for errors
Command Prompt

Select: Command Prompt

In the Command window, at the blinking cursor type notepad and press: Enter
In Notepad, under the File menu select: Open
Double-click Computer, find the flash drive letter, remember what letter it is, click on it, and press: Open
Close out of Notepad.

Click the Command Prompt window
Type x:\frst64.exe, and press: Enter
Note: Replace the drive letter x with the drive letter of your flash drive!

The tool starts and prepares to run. Follow the prompts.
Click Yes to the disclaimer.
Press: Scan

When done, the program saves the FRST.txt report, on the flash drive.

Close Notepad, then, click the Command Prompt window, and type exit, and press: Enter

Back at the System Recovery Options, press: ShutDown

Remove the USB flash drive from the infected computer, and plug it into the good computer.

Please provide the FRST.txt report, located on the USB flash drive, in your reply

Also, the first time the tool is run, it also makes another log: Addition.txt
Also post the: Addition.txt in your reply.

@Pauly,

Thank you for the link. Was not aware of it...have only been here since January and there are enough tutorials here to sink a ship.

Have used Puppy Linux, more than a year ago, but, would have to refresh my memory on what was done.
That is probably similar to Peppermint.


@darrenj1471,

Go with Post #12, and the Farbar Recovery Scan Tool.

If that does not pull you out of this mess, you may be looking at a Windows install, and recovering data.

Pressing on with FRST...

In the good computer, please open Notepad (Start > All Programs > Accessories > Notepad)
Copy the entire contents of the code box below to it
Save it on the pen drive, and name it: fixlist.txt

Code:

start
HKU\darren\...\Run: [AdobeBridge] - [x]
HKU\darren\...\Winlogon: [Shell] explorer.exe,C:\Users\darren\AppData\Roaming\data.dat [53760 2013-08-01] () <==== ATTENTION 
C:\Users\darren\AppData\Roaming\data.dat
C:\Users\darren\AppData\Roaming\settings.ini
C:\Users\darren\AppData\Roaming\i.ini
C:\Users\darren\AppData\Local\Temp\b34btbztdb0vavaw.exe
end

Note: This script is written specifically for use only on this computer.
Running this on another computer may cause damage to the Operating System!!

Run FRST, like you did in Post #12
Check the Addition.txt option
Press the Fix button, just once, and wait.

The tool creates a report on the pen drive called: Fixlog.txt
Please post the Fixlog.txt in your reply.

Restart the computer.
Are you back into Windows?

Let's get the results from this program, and take it from there.

Also, are you running an External disc drive, or plug a pen drive in systems other than yours?