TechSpot

It all started with Antivirus Pro 2009

By aingalls12
Nov 20, 2008
  1. About three days ago I received the Antivirus Pro 2009 pop up bubble on my task bar. Things have gone downhill from there.

    Luckily, I found this forum fairly early on, which has been a great help. I obviously didn't "purchase" the license, but my browser has been redirected from just about any website that could help (although viewing cached sites from google was a workaround).

    I've spent the last couple of nights trying to complete the 8-step virus removal instructions; but had a LOT of difficulty downloading, installing, updating and running both MBAM and SAS. I've had a lot of the same issues I've seen on other posts and ended up having to run the "FIXIT" EXE to break the log jam.

    I'm just now to the point where I've been able to run updates to MBAM and SAS and get them working. I'm about ready to finish up my first run through of the 8 steps (hopefully, within the next couple of hours).

    As I've said, this site has been extremely helpful, Is there anyone available to take a look at the logs when I can post them? I'm pretty much a novice at all of this and I don't think I'll be able to decipher the HJT report.

    Although I haven't seen the Antivirus Pro 2009 pop up in a couple of days, I desperately want to make sure I get rid of this whole thing because the browser redirect seems to reinstall itself after I reboot.

    Thanks in advance for any help!
     
  2. aingalls12

    aingalls12 TS Rookie Topic Starter

    Here are my logs from this evening. Any suggestions would be greatly appreciated.
     
  3. Kazi

    Kazi TS Enthusiast Posts: 121

    Tell me whats happening with your comp

    Remove these form HJT

    Someone confirm these

     
  4. aingalls12

    aingalls12 TS Rookie Topic Starter

    Thanks for the reply!

    Well, at first things seem to work a little better after I run SAS and MBAM (I can access websites, the browsers aren't as slow, etc.); however, once the system reboots the symptoms reappear.

    Whatever is causing the problem seems to block certain websites (ie malware bytes, norton, etc), and also redirects google searches for a lot of other ones too. Additionally, my browser is running slower and I can't seem to update to the newest Java.

    I'll try removing the first four files you suggested; should I hold off on the last two?
     
  5. aingalls12

    aingalls12 TS Rookie Topic Starter

    OK, I removed the first four files. After a reboot, I'm still having the same issues.

    I ran a quick scan with SAS, which found only cookies. Should I run another MBAM or go ahead and remove the last two files identified above?
     
  6. aingalls12

    aingalls12 TS Rookie Topic Starter

    Well, I still seem to be having the same issue. When I run an MBAM scan it identifies and removes:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata

    and

    HKEY_LOCAL_MACHINE\SOFTWARE\tdss

    Things run better for a while, but every time I reboot after running an MBAM, these two files seem to reinstall themselves.

    I still haven't removed:

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll

    I wanted to hold off on removing these via HJT until I hear back on whether it would be a good idea.

    Any suggestions?
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...