What I've done:
1. Ran RKill Successfully (had to paste code into the "Run" box under Start button), no more fake system popups.
2. Unhide folders, but programs under start menu are empty. Can only run explorer, firefox, and symantec atm. (I think others will run under the command/run thing in the start menu, but I'm not totally sure how to use this).
3. Already had Malwarebytes installed. Did a search in explorer and tried to run mbam.exe, but got this error:
malwarebytes error 53 file not found mbamcore.
4. Downloaded a malwarebytes again, tried to install but it says that "the installation/removal of a previous program was not complete. You need to restart your computer first and then MWB will run...". Guide says not to restart because windows recovery will bootup again, should I restart or not?
5. Tried removing the old MWB from the program list. Didn't work/needs restart.
6. Ran a renamed version of tdsskiller. It didn't find anything.
7. Ran a semantic full scan. Found "Backdoor.Tidserv" and deleted it. Semantic logged two "Bloodhound.malPE" files but cleaning was unsuccessful. I checked the application data folder and Windows Recovery .exe's are still there.
Any help is appreciated. Would a safe mode restart work or not?
EDITS: Are updates to the Semantic scan
Edited by kenrob1, 31 May 2011 - 11:36 PM.