I can't believe how smart this Antivirus-Pro 2009 malware/trojan/virus is. It's incredible how pervasive and comprehensive its strategies are. I'd like to strangle those came up with it, maliciously destroying so many computers, all just for a near zero chance that they can get a few sales out of it.
The symptoms I was having:
Anyway, I ran malware and virus checkers a few times. I thought I had it removed before, but it kept coming back. So, I just went through all 8 steps very carefully. I also ran ComboFix, Microsoft Windows Malicious Software Removal tool and installed a HOST file that was supposed to block most malware sites, all recommendations I found here in various threads. Can you guys please look at the log and see if I need to do anything with HijackThis or another program to make sure this thing is finally gone?
The exact steps I took are:
Thank you in advance for spending your valuable time helping me with this problem!
The symptoms I was having:
- Constant warnings about spyware and other security compromises
- Red x in taskbar that gave warnings
- Background of Windows changed to be a big flashing warning about security being compromised!
- Constantly being redirected to the Antivirus-Pro 2009 web page
- Searches being hijacked and redirected
- Task Manager disabled
- CPU Performance compromised and long startups even though none of the processes that people talked about seem to be running
- My Documents being opened randomly on its own.
- Some of this stuff even occurred in safe mode.
- Unable to turn on windows security stuff on any more. It almost seemed like the security control panel was a fake.
- Windows installer may have been compromised.
Anyway, I ran malware and virus checkers a few times. I thought I had it removed before, but it kept coming back. So, I just went through all 8 steps very carefully. I also ran ComboFix, Microsoft Windows Malicious Software Removal tool and installed a HOST file that was supposed to block most malware sites, all recommendations I found here in various threads. Can you guys please look at the log and see if I need to do anything with HijackThis or another program to make sure this thing is finally gone?
The exact steps I took are:
- McAfee Virus Scan in normal mode while fully infected: nothing found
- Malware scan in normal mode: blue screen
- Malware scan in safe mode a few times (logs attached in next post)
- Ran Windows Update and it installed SP3.
- McAfee Virus Scan in safe mode. It found a Generic Rootkit.d.!rootkit NTOSKRNL-HOOK and removed it.
- CCleaner full in normal mode
- SDFix (log attached)
- Replaced my host file with the recommended malware/adware blocking one
- Microsoft Windows Malicious Software Removal Tool, quick then full scan. (log attached)
- Combofix (log attached)
- Malware scan in safe mode (logs attached in next post)
- SuperAntiSpyware (log attached)
- Checked Java version and it was current.
- HijackThis (log attached)
Thank you in advance for spending your valuable time helping me with this problem!