- Bitdefender (uninstalled now due to horrible corruption from rootkit, useless anyway, did not detect anything wrong even though files submitted to their db came back postitive)
- MBAM (cleaned some things up, now I get clean scans)
- Vundofix (cleaned off most vundo crap, Combofix got more)
- GMER (originally detected rootkit activity, managed to disable the file causing it)
- HijackThis (looked at logs, I'm no pro but didn't see anything off in here after cleanups with the above and below, will include a log if asked)
- ComboFix (read explanation below)
I have attached a Combofix log (I know, not supposed to run unless asked, but I had tried just about everything and Combofix was the only one that seemed to remove anything, though problems persist after reboot). If needed I can provide logs as needed.
The file that's the biggest pain has been C:\Windows\System32\magnstat.dll, it is definitely an executable virus that likes to grab hold of many programs that are run, especially Combofix, which it will only let run once renamed and will cause it to run *very* slow.
Thanks in advance
** EDIT: I also disabled all programs from starting at startup, to make life a little easier.
** EDIT2: Attaching HJT log. It did complain about some error on a file being accessed, so unsure if it's complete.
** EDIT3: SDFix finished, log attached.
** EDIT4: Ran Combofix again, I hand deleted a file C:/WINDOWS/System32/drivers/xxumds.sys we'll see if that was it. Wasn't locked but combofix did not see, Virustotal said it was IEBOOOT with like 32 hits. Will attach new combofix log in a few.
** EDIT5: I think I got all of it, I won't know until I go back tommorow to finish the job. Will post a request to close this if that's the case.
Edited by joecool1029, 22 June 2010 - 07:26 PM.