I have spent almost 24 hours on this PIA. The file names are changing and NOTHING on my computer (other than the fake EULA pop up on start up) read as “Antivirus XP 2008.” This thing is actively changing to make removal more difficult.
After much reading on support sites, I copied to disk the Malware Removal software from bleepingcomputer.com and then ran it on my computer.
The virus appears to be eliminated. I can use IM programs, ping websites from command prompt, BUT I CAN NO LONGER OPEN INTERNET EXPLORER! Before I used the Malware removal software, I was able to use explorer.
The hourglass spins for a moment, but then nothing happens, and internet explorer is not active in task manager.
I think the Malware removal deleted a registry key I need to operate internet explorer.
Can anyone help me recreate the registry key? Or do I need to reformat and reinstall the OS?
The registry keys I think I may need for it to work are all:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet(either 001,002 or 003)\Services\sysrest.sys
and the log file in the Malware removal software indicated they were “Rootkit.Agent”
Any help would be appreciated.
No comments:
Post a Comment