MalwareBytes finds it as Backdoor.Bot:
First off it changes IP Address to a 172.x.x.x, even if 192.168.1.XXX is set to static.
It also changes Default Gateway to 0.0.0.0
I have to change to remove the 172.x.x.x from IP table and then commandline: ROUTE DELETE 0.0.0.0
It finds a hidden- C:\Decrypt\decrypt.exe and C:\Program Data\local\ .... with 4 files it finds and deletes.
After a full scan (in safe mode) it removes the malware and prompts for reboot.
After ALL that, it goes right back to the same infections.
I have MSConfiged everything out. If I CTRL+ALT+DEL I can start a TaskMan, but its still hidden by the splash screen... I cannot ALT+TAB or ALT+F4, passed the screen.
Attached is the SCreenShot of the SplashScreen... Literally with a Camera as I cannot get passed the Splash...
I am BEGGING for help... Kasp wont even detect it and I am down now.