Thank you. Vista 64.

I will try this when I get home. The infected computer is the only one I have so I can only read/reply here when I am using someone else's computer. Because of this please feel free to post further steps in case I can or can't because I have to go to someone else's house to read/reply to the forum.

Okay great. Quick question. How can i send the peek.txt to you guys if it always blocks my internet. Is it safe to put it on a keydrive and transfer it to another computer and post it here or will it infect the keydrive and the other computer as well?

oh and one more thing I already know that MBAM is being blocked and how would i get rkill on the computer... i would have to transfer it via a usbdrive huh

Okay. We have some huge problems. I tried running Rkill from the thumbdrive and when I do it just pops up with a vista home security 2012 firewall alert. It does the same thing if i try to install mbam from the thumbdrive or run mbam from the harddrive. I also pressed window + r to bring up the cmd and i put in the script you gave me for the peek.txt and the same thing happens a window that says "vista home security 2012 firewall alert" comes up with the option to activate or continue without it.

More bad news. I couldn't get the comp to run safe mode. I select safe mode and it never comes up. It will say safe mode in all 4 corners after loading processes then it just asks me which version of vista to run again. (for some reason when you start this comp up it always asks you if you want to launch windows vista or windows vista ultimate)

okay this is really strange. I couldnt run anything but i tried a second time. It's like the virus gave up I was able to run rkill and malwarebytes. I accidentally ran rkill twice and it found nothing. I ran the old version of malwarebytes on accident and it found a problem and killed it. I updated malwarebytes to the current version and it found a rootkit problem or something and killed it. The virus appears gone. The rkill log and both mbam logs are below.

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 12/09/2011 at 17:05:43.
Operating System: Windows (TM) Vista Ultimate

Processes terminated by Rkill or while it was running:

Processes terminated by Rkill or while it was running:

Rkill completed on 12/09/2011 at 17:05:45.

Rkill completed on 12/09/2011 at 17:05:52.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7622

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19154

12/9/2011 5:20:13 PM
mbam-log-2011-12-09 (17-20-13).txt

Scan type: Quick scan
Objects scanned: 268995
Time elapsed: 10 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Users\Joshua Sykora\AppData\Local\vvk.exe" -a "C:\Program Files (x86)\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully.

Folders Infected:
(Nomalicious items detected)

Files Infected:
(No malicious items detected)

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8344

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19154

12/9/2011 5:35:34 PM
mbam-log-2011-12-09 (17-35-29).txt

Scan type: Quick scan
Objects scanned: 273643
Time elapsed: 7 minute(s), 12 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\joshua sykora\AppData\Local\Temp\msimg32.dll (Rootkit.0Access) -> No action taken.

I think it's gone. Thanks so much. I have no clue why safe mode wouldn't start and why i had to run rkill like 5 times to get it to work or why malwarebytes took like 3 tries before it even ran.