I was infected last week with the PC Recovery Virus (which I believe was executed from visiting a link a WP plugin that was being installed using the admin… or this was timed with a recent update to a bunch of WinXP SP3 updates).
Attempts to get rid of it havent worked -- I managed to clear out the original issue and unhide everything. A day later (last week) the browser started the Google Redirect virus which upon further investigation may be a nice rootkit of the TDL4 nature as I am showing an infected volsnap.sys file on a RootKitBuster, GMER, and RootKitRevealer scan
In Running Task Manager I also see iexplorer active (where IE creates a bunch of files and the computer slows). All said, I have downloaded several anti virus, spyware, malware etc programs (online and local) but cannot get rid of this pest. I am aware of the warnings surrounding running Combofix but have ran it – it hangs and will not complete. Even leaving it for 6 hours, it hangs where I believe the steps should be building (it passes the creating the restore point, etc.). There are warnings about AVG but I have removed AVG first with their program, then with their uninstaller. It is not there from what I can tell.
Attempting to running TDSSKiller also doesnt seem to work even with a different file name on the exe. I need your help and have taken this as far as I can on my own (yikes!)
Attached are the logs as requested for DDS.txt, attach.txt (as zip) and GMER.txt will be added in a moment to the next post
Attached the GMER file
Attached is the finished GMER file (there were a few hidden objects at the bottom) I missed.
Edited by rigel, 22 June 2011 - 06:18 PM.