I can't believe how smart this Antivirus-Pro 2009 malware/trojan/virus is. It's incredible how pervasive and comprehensive its strategies are. I'd like to strangle those came up with it, maliciously destroying so many computers, all just for a near zero chance that they can get a few sales out of it. The symptoms I was having: Constant warnings about spyware and other security compromises Red x in taskbar that gave warnings Background of Windows changed to be a big flashing warning about security being compromised! Constantly being redirected to the Antivirus-Pro 2009 web page Searches being hijacked and redirected Task Manager disabled CPU Performance compromised and long startups even though none of the processes that people talked about seem to be running My Documents being opened randomly on its own. Some of this stuff even occurred in safe mode. Unable to turn on windows security stuff on any more. It almost seemed like the security control panel was a fake. Windows installer may have been compromised. Anyway, I ran malware and virus checkers a few times. I thought I had it removed before, but it kept coming back. So, I just went through all 8 steps very carefully. I also ran ComboFix, Microsoft Windows Malicious Software Removal tool and installed a HOST file that was supposed to block most malware sites, all recommendations I found here in various threads. Can you guys please look at the log and see if I need to do anything with HijackThis or another program to make sure this thing is finally gone? The exact steps I took are: McAfee Virus Scan in normal mode while fully infected: nothing found Malware scan in normal mode: blue screen Malware scan in safe mode a few times (logs attached in next post) Ran Windows Update and it installed SP3. McAfee Virus Scan in safe mode. It found a Generic Rootkit.d.!rootkit NTOSKRNL-HOOK and removed it. CCleaner full in normal mode SDFix (log attached) Replaced my host file with the recommended malware/adware blocking one Microsoft Windows Malicious Software Removal Tool, quick then full scan. (log attached) Combofix (log attached) Malware scan in safe mode (logs attached in next post) SuperAntiSpyware (log attached) Checked Java version and it was current. HijackThis (log attached) I also have a question. Are my passwords possibly compromised if I never actually entered them while I was infected? Is it possible they got them simply from the cookies and saved password info that Firefox has? Thank you in advance for spending your valuable time helping me with this problem!