I was on the NYTimes early Tuesday and clicked on a news article link and was redirected to a chinese website with a page about Chinese sex_museum.
I then got the AntiSpy ware 2009 pop-up that started simulating a scan of my machine and finding all of these viruses.
See attached image.
Virus infection appears to be in the registry and a couple of files:
3. Registry Entry: Winlogon/Notify/awhckpqo
4. Registry Entry: Internet Explorer/Browser Helper Object
Actions that I have taken:
1. My PC has Norton and it's up to date, it identified a bloodhound virus that it quarantined and then deleted.
2. Ran Norton Scan several times
3. Uninstalled from the control panel: Internet Explorer v7.0.8
4. Ran Malware AntiBytes several times it just quarantines the dlls and registry entries, but when I delete it comes right back.
5. Rebooted my machine in diagnostic mode and tried to delete the two dlls but still got access denied
6. Defraged harddrive, don't ask me why I did it, I was desperate.
7. Tried to rename the files, copy the files then delete, etc, don't ask why .... desperate.
8. Downloaded and ran the ComboFix utility .... Have not submitted the log for a script.
Results of action above:
1. The dll Toqztgo.dll does not show up as a running task nor does a few other viruses
2. The dlls above are still on my machine
3. I switched temporarily to using Firefox for now, but can't work as I have to VPN to my company network remotely and can't do it with this virus hanging around.
Any assistance would be appreciated.
Original Posting with screenshot
Edited by jctbmw, 17 April 2009 - 10:45 AM.