One of the symptons was that Microsoft's Fixit kept saying DEP was disabled and it re-enabled it, but something kept immediately disabling it. Well now the rootkit is gone but Fixit still keeps finding/fixing the same problem.
So does anyone here have any ideas how to keep it enabled? I was thinking something in the registry must have gotten screwed up by the rootkit but I've run several registry fixes from CCleaner and others to no avail.
In case this helps anyone, the browser problems were such things as websites were taking way too long to load and the back button kept reloading the same current page without going back. Now, with that rootkit gone, websites load instantly and the back button works flawlessly. It was a Java exploit and it got in my computer before Sun issued a patch. I kept getting prompts from Sun to install the patch but when you clicked on it, the dialog box vanished so you didn't know if it worked or what. It also disabled Microsoft Security Essentials. When re-enabled MSE found dozens of "Exploit: Java/Blacole..." That's when I started running all the malware scanners and they found nothing, so you are led to believe your computer is clean, but it was in fact still hiding in there. Sneaky little bugger. It was only because IE9 was still screwy that I kept looking for it. It didn't help that most of the advice was from the IE haters saying to switch to Firefox, Chrome, etc, which would have left the rookit in place.
I'm not sure but I think I picked it up from downloading some PDF viewer, ExpertPDF or something like that. It was more adware than pdf viewer so I uninstalled it, (afterwards I discoved adobe reader no longer worked. Had to reinstall it). Also, one malware scanner called Exterminate-it said it found something but said I had to buy their $15 program to remove it. Uh, no thanks. I already know about such scams as this.
Edited by hamluis, 20 July 2012 - 07:53 PM.
Moved from Win 7 to Am I Infected - Hamluis.