Posted 23 November 2009 - 06:47 PM
I have already posted this message on malwarebytes.org, so I apologize if this constitutes repeat posting. I am submitting the message from a clean machine, so I have not posted any logs.
The Antivirus System Pro malware landed on my laptop on Saturday night, and I had to use a friend's machine to save Combofix onto a CD. I loaded it onto my laptop, and everything was solved without a problem in just a few minutes.
On my office PC, I seem to have a different version of the malware, that virtually disabled everything, or slowed it to worse than a crawl. I therefore renamed Combofix as one site suggested, and then ran it on my PC while in Safe Mode, and although nothing happened for more than an hour, it eventually completed 50 stages, and then began deleting files and folders. It deleted the following three folders (C:\data, C:\WINDOWS\system32\Cache and C:\WINDOWS\system32\images), but has then done nothing for more than three hours. Should I leave the PC running, in the hope that something will eventually happen, or should I unplug the computer and risk leaving the cleanup in an incomplete state that could cause more problems?