Hopefully this will help someone:
We had the malware on a desktop. Symptoms were the same as others...
Bogus "security tool" pops up, reports a large number of bogus files infected, suggests to go to their website and pay to get their software to fix it.
Desktop icons were hidden, only thing showing on screen generally was the "security tool" screen
Could not get into safe mode on reboot, would get blue screen of death
Could not run regedit, it would immediately shut down on startup
Could not run Malwarebytes' Anti-malware program
SAV would report one file infected, would suggest a reboot, file would come back infected each time, never removed
Could not get into task manager, it would immediately shut down on startup
Tried all of the above.
Tried a vbs script to delete the S.T. registry entries, no luck
Tried to rename Malwarebytes mbam.exe to winlogon.exe, no luck
Tried a SAV full system scan, no luck, only turned up file it initially reported (had latest copy of data)
Tried RegAssassin from Malwarebytes, no luck
When I tried RegAssassin over and over there was a long enough delay in the PC to where I could open up task manager for running processes. Once I did that I found a rogue .exe with a string of numbers.
Once I killed that, all .exe's were allowed to run. Got into regedit and deleted entries listed in Symantec link. Also went into \documents and settings\<my user>\Application Data\nnnnnn folder and deleted it (it was the same number as the rogue .exe program, a random string of numbers.
Also, went into start->run->msconfig startup tab just to be sure.
Rebooted, S.T. didnt show up, could then run full SAV scan and Malwarebytes against PC, all appears clean. Hope this helps.............