I have gotten a very similar-sounding virus: Google searches show redirected links in the results, although the result descriptions look legit (like one result might show text from a wikipedia entry, but the link goes to a completely different site and a visible IP address for the URL on the redirected link... starting with 74.x.x.x). No other symptoms that I can tell of: nothing out of ordinary running in list of processes, no extra bookmarks added to my browser, no extra pop up windows.
Anyway, I am running Windows XP sp3, with the latest version of AVG anti-virus and Microsoft Windows Defender in the background. Whatever it is, it snuck in somehow without tripping off alarms.
The only thing I've found that could get rid of it was Malwarebytes Anti-Malware http://www.malwarebytes.org/mbam.php
I hope this doesn't come across as a spam post for them, but if anyone is getting stumped by this virus, might give them a shot (they have a freebie-personal use version). I did a search for 'rootkit' and 'sysaudio.sys' and stumbled onto this thread here, which is what the name of the virus was listed as by that program. (a Trojan with the name of Rootkit that had infected the file called sysaudio.sys).
I don't run this program full-time, but I was hoping my antivirus program would keep this from getting in. I haven't found what can prevent it appearently, as I got my 2nd infection in a month.
Edited by dlsimon, 30 November 2008 - 10:47 PM.