This virus sounds similar to another virus I encountered called antivirus live. Antivirus live also gets into the registry and is very difficult to get rid of but it can be done. If you cannot find anything about how to get rid of your particular virus then you might try some of the fixes that are listed online to get rid of antivirus live which involves manually going into the registry and deleting some things yourself.

Antivirus live also protected itself. You would think you were rid of it and it seemed to somehow miraculously regenerate. I'll tell you these people making viruses today are some real a-holes, and they keep making these viruses harder and harder to get rid of.

 

Yeah I heard of that antivirus live, didn't have that one at least.
Its like that fraud windows protection suite, which I did have, very insidious code.
It pops up looking like a legit program, doing virus/malware scans, warning you of problems, and urging you to upgrade to the full version.
Very slick, I can see how it must fool alot of folks, I was at first relieved to see it doing scans ... But the push to upgrade, and balloons popping up all over from it with warnings and urges to upgrade, made me realize that this wasn't a Microsoft app and was a scam.

I think Microsoft itself could cure alot of these types. These programs rely on making spurious registry entries to take over, and especially to wipe out system restore.
With an intact system restore, you could be right back where you were the day before the virus in minutes, and was in fact the first thing I tried once I realized I had a serious problem.
No joy, the virus took care of that, my only restore point the virus itself made, and was of course for the day I got it ,,, And you would think Microsoft would come out with a patch so it wouldn't be so simple to wipe out this critical function, at least requiring a password to access or make changes to it.
Maybe theres legit tech reasons why it hasn't been done ,, But yeah, new malicious code is the worse, as no effective countermeasures are in place.

 

Never got the impression you were knockin me, you seem to chose you words well, and express yourself with very little sarcasm, unlike some others, perhaps including me.

I see your point, for me and most folks, its not a job, its personal.
Over weeks, months and years people spend hours customizing & personalizing computers, and to just wipe it clean is a bit much, if theres other possible options.

I had other options for a while, when they were reduced to 0, I threw in the towel.
No other choice, I bowed to harsh reality.
Might go back to my 6 years in the USMC, and/or 10+ years spent on union construction jobs, but its not in my nature to give up easily - I'll apply that to a truck, a lady I'm after, problem on the job or a computer issue.
I'm a bulldog, and tend to get fixated on things that spark my interest, and I have a major dislike of any kind of malfunction or irregularity.
For real, in the professions I have chosen, I learned early on if you ever say "I can't do it, it can't be done", they'll simply find someone who can, and not bother to ask you again.
"Theres always a way" are words I live by and, by and large, there is *almost* always a way.
Gotta allow yourself a slim margin for impossibilities, which of course do exist all over.

I have the feeling the mods at Kaspersky were very interested in this, we exchanged alot of info & files in private. They were surprised it resisted all those countermeasures, especially the custom script, and wanted to find a solution, perhaps to incorporate it into their software.
This thing just wasn't supposed to carry on after I executed that custom script.
In that sense, maybe I was somewhat of a guinea pig, but a very willing one, and didn't fancy myself as having much to lose by taking it to the bitter end.

 

Yep, an image is a must. I got the drive, I got the programs to do it, just going to wait a couple weeks or so to make the first one.

Things have come a long way, I remember the days when the only storage options for backing files up were floppy discs.
A 6gb hard drive was considered a monster, 64mb of memory was alot, and rewritable CD's were still a few years away.

 

Crazy, I got the same issue on my laptop. I'm working on fixing it here this weekend. I'm going to try and reformat my C drive and re install the op system. But before I do that I went to dell.com and got all the drivers I needed or think I should need.

 

Are your google searches acrually what you searched for? The search I do the links look good, but then I'm redirected somewhere and while it does that my comp freezes.

 

Google wouldn't let me connect period, it sensed the redirection attempts and whatnot being made by the malware, and refused connection.

I used yahoo for searches, apparently they aren't as stringent as google.
But yeah gotta watch those redirections, some of those links look legit ,,, But in my browser at least [Seamonkey], I was told I was being redirected, and closed it down before it could connect.

Might try reading through the attempt the cure my problem here
http://forum.kaspersky.com/index.php...&#entry1308599
And some of that may work for you, tho I don't think you would want to execute that custom script.
Everyone recommends running malwarebytes, good option if you're able.

But if you are just going to save what you can and reformat, guess you wouldn't need to look around much for a cure.