I am in the process of cleaning up an infected computer.
It originally had Malware Doctor, rouge AV.
I booted to safemode installed MBAM, updated, and preformed a full scan.
It cleaned up 86 files and forced me to reboot.
I did I then ran ccleaner to clean temp files.
I ran hijack this and cleaned up what I could.
I then ran TDSS killer and it found a tdss 4 rootkit.
I cleaned up the rootkit and rebooted the comp.
I had a problem getting online so I had to uninstall/reinstall the tcp/ip settings within my network card properties window. This allowed me online after I removed the proxy server as well.
I also realized that i had no host file what so ever, so i had to create one in its place.
But I was still getting redirected every other link I would click.
So I ran hitman Pro and it found 5 tracking cookies and 3 malware pieces.
After a reboot I was still getting redirected. So I ran GMER rootkit remover and it found nothing.
I then ran combofix and it told me that I was infected with the rootkit.Zeroaccess! so combofix completed and rebooted BUT IM STILL GETTING redirected!
Also one thing to mention is that SOMETIMES when I go to execute an EXE like processexplorer or gmer it tells me that I do not have access or permissions to that file. (But this is because of the rootkit infection, or so I've read)
I've updated and re run MBAM as well as TDSS killer with both end results coming up "clean".
I am so frustrated and am about to format this machine, any help would be greatly appreciated.
My apologies here is the DDS logs
EDIT: Posts merged ~Budapest
Edited by Budapest, 28 July 2011 - 05:03 PM.