roshanroshan, Welcome to TechSpot. I'll help with the malware. We can do a bit with the HijackThis log as it shows that your hosts files have been Hijacked by a rogue program named
SecurityAntivirus.
Before we can do anything we must first end the processes that belong to
Security Antivirus so that it does not interfere with the cleaning procedure. To do this, download the following file to your desktop.
rkill.com Download Link
- Double-click on the rkill.com to automatically attempt to stop any processes associated with Security Antivirus and other Rogue programs.
- Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step.
- If you get a message that rkill is an infection, ignore it: This message is just a fake warning given by Security Antivirus when it terminates programs that may potentially remove it.
- If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. This allows you to bypass the malware trying to protect itself so that rkill can terminate Security Antivirus .
- Please try running Rkill until the malware is no longer running. You will then be able to proceed with the rest of the guide. (If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.)
Do not reboot your computer after running rkill as the malware programs will start again.
Please download
Malwarebytes' Anti-Malware and Save to the desktop
- Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware.
- Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform full scan option and then click on the Scan
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
When completed, a log will open in Notepad. Please paste this log into your next reply and we will then go on to the next steps.
Please do not use any other cleaning or antispyware programs while I am helping you. Don't use a Registry Cleaner. Don't do a System Restore.
We will reset the hosts files when the above step has been completed.
EDIT: Be sure your antivirus program is running at this point. I didn't see the AVG entries except for a 'file missing' Service.