Got Hit by "Avanish" malware, missed by W10 security

Rickerz · 05 Sep 2019

In the past some folks came hard on me for pointing out the deadly security
ineffectiveness of W10. Here is a proof.

A malware by the name "Avinash" brought the speed of my PC to a crawl
WINDOWS SECURITY ran twice and declared the system sound safe.

I was not satisfied so I initiated my own Malware Software protection namely
HITMAN PRO, in minutes it detected and quarantined the Malware AVANISH
and its roots to include an EXE file : "Anachronism.ksee".

At this point I was happy , but noticed the Malware still showing up in my startup list ,
though I have disabled them ( Nine of the same name Avinash), still showing up in my task list , Hitman Pro announced they are disabled.

My questions for the guru that I wish can help are:

1. Is there a way to remove the malware name from the "startup list".
2. How to stop/eliminate the ,Malware (Avinash) in/from the process list.
3. How to search and delete any hidden traces even inactive
4. Did Anyone (MS included ) raise a flag about this Malware threat?

The following are the remnant names of the malware "Avinash":

Avinash

buaqIjva ( it could be a capital "I" or a lower case "L")

Anachronism .. and others that got rid by Hitman Pro .

I did Google "Avinash".. but there was no mention to any Malware, but revealed a
SW security researcher by the name "Avinash" .

skcusime · 05 Sep 2019

It's either AVANISH or AVINASH. You refer to both, but neither come up in a Google search (except this thread) suggesting you must be the only person to be afflicted with this.

kuyenmotdivad · 05 Sep 2019

I would suggest using another antivirus to see if that gets shut of the malware from startup, try malwarebyte there pretty good or sophos which if I’m right is the developer of hitman pro.

thomaseg1 · 05 Sep 2019

Glary utilities has a startup remover
Before you do can we have a pic of your start up list?

A number of viruses have different names so I wouldn't discount it just because it can't
be found on the web under that name.

as for antiviral nothing is 100% . I use Norton backed up by Malwarebytes.

Take Screenshot in Windows 10

simrick · 05 Sep 2019

Hi.
Not familiar with that infection, sorry.
You could try running ADWCleaner - scan then clean.
Post the logs here for us to have a look at.

Here's another good one to try:
https://support.kaspersky.com/5350
TDSSKiller

Jacee · 05 Sep 2019

Using "Anachronism.ksee" in my search, this is what I found: https://www.hybrid-analysis.com/samp...ironmentId=120

See what Eset (free online scannner) pulls up: Free Virus Scan | Online Virus Scan from ESET | ESET

Rickerz · 05 Sep 2019

skcusime said:

It's either AVANISH or AVINASH. You refer to both, but neither come up in a Google search (except this thread) suggesting you must be the only person to be afflicted with this.

You are correct, i mixed up the name: It's " Avinash" as it shows in my startup list. Perhaps you are right, I am the first one, but I am certain will not be the only one for long. The threat is TRUE and I took me a dire time to rid off.

- - - Updated - - -

thomaseg1 said:

Glary utilities has a startup remover
Before you do can we have a pic of your start up list?

A number of viruses have different names so I wouldn't discount it just because it can't
be found on the web under that name.

as for antiviral nothing is 100% . I use Norton backed up by Malwarebytes.

Take Screenshot in Windows 10

Here it is my good man : Attachment 245938

- - - Updated - - -

thomaseg1 said:

Glary utilities has a startup remover
Before you do can we have a pic of your start up list?

A number of viruses have different names so I wouldn't discount it just because it can't
be found on the web under that name.

as for antiviral nothing is 100% . I use Norton backed up by Malwarebytes.

Take Screenshot in Windows 10

Got Hit by "Avanish" malware, missed by W10 security-avinash.jpg

- - - Updated - - -

The Attachment 245940 in the startup list :

joeandmarg0 · 05 Sep 2019

Given the extent of the infection,if you have a backup,e.g. Macrium,then wipe the drive using DBAN and clean install.

Rickerz · 06 Sep 2019

kuyenmotdivad said:

I would suggest using another antivirus to see if that gets shut of the malware from startup, try malwarebyte there pretty good or sophos which if I’m right is the developer of hitman pro.

Hitman Pro Anti malware did effectively shot down and stopped it from messing up with the system's speed , trouble is, it left its remnant in the startup list which I manually disabled, but could not delete from the list.

- - - Updated - - -

thomaseg1 said:

Glary utilities has a startup remover
Before you do can we have a pic of your start up list?

A number of viruses have different names so I wouldn't discount it just because it can't
be found on the web under that name.

as for antiviral nothing is 100% . I use Norton backed up by Malwarebytes.

Take Screenshot in Windows 10

sorry man, i did post the screenshot , but it seems not in your reply... you can see it still. I hope.

- - - Updated - - -

Jacee said:

Using "Anachronism.ksee" in my search, this is what I found: https://www.hybrid-analysis.com/samp...ironmentId=120

See what Eset (free online scannner) pulls up: Free Virus Scan | Online Virus Scan from ESET | ESET

Thanks, I may just do that in the absence of any other remedy.

thomaseg1 · 06 Sep 2019

Rickerz said:

Hitman Pro Anti malware did effectively shot down and stopped it from messing up with the system's speed , trouble is, it left its remnant in the startup list which I manually disabled, but could not delete from the list.

- - - Updated - - -

sorry man, i did post the screenshot , but it seems not in your reply... you can see it still. I hope.

Thanks ,Glary utilities does have a n start up control from which you can delete them.
Attachment 245943
Attachment 245944

Glary Utilities - Download | Glarysoft