My machine became infected with the fake anti-virus virus and also the goolge redirects about a month ago. I decided to reformat the hard drive and start from scratch with a new install of xp pro sp3. Reinstalled my applications and moved my documents back onto the computer. To my great dismay, I now have the redirect virus again. I can only guess I copied back onto my machine when moving stuff from the documents and settings folder.
I had installed MS Defender on the system first thing after the OS and it never detected anything and continues to detect nothing.
I since have installed McAfee, Malware Bytes, SpyBot, and Kaperski's TDSS removal tool to no avail. All of them said my computer was clean except the Kaperski tool said it detected a possible infection and I did tell it to delete the files.
I also ran combofix and can post the log if you like.
It still has the virus. Combofix did do a reboot at the start as it stated it detected root kit activity.
The only other curious thing that ocurred at the same time as the virus showing up was that my registration for sync2 software was deleted (had to re-register), and my itunes profile went away (program acted as though I was running it for the first time). I believe this all happened 2 days ago when the computer bogged down with a whole bunch of hard drive activity ocurring for no legitiate reason. Following that svchost started consuming huge amounts of memory and processor activity requiring a reboot. Since the full install I have visited a limited number of websites and am not aware of any risky behavior on my part.
Also, Hitman Pro states that it has detected a possible variant of the TDL3 (alias Alureon) rootkit.
Thanks for your time.
Edited by lou apo, 14 August 2010 - 04:14 PM.