I've run mbam and tdss killer and some other tools as well. I found lots of various infections and malwarebytes removed all the infections. TDSS killer found a rootkit and cleaned it successfully. Nothing weird spiking the CPU, and no suspicious processes in taskmgr. Seems all the dll and app files were removed. I've checked DNS settings and TCP/IP settings and all is well. However, I'm getting lots of google search redirects, I have an idea that's it's all in host file, but hosts is well hidden. HOSTS file does not appear in the drivers/ect dir at all, and yes I have show hidden files and OS files ticked. I've tried searching for in in WINPe environment to no avail. It seems like it's hidden from the Windows file system or something. I'm running WINXP Pro SP3 fyi. Anyone see this before?? The key is how to find the HOSTS file. Once I get there I'm sure I'll find 100+ entries that I can remove and save myself an image restore on this dirty box.
any feedback would be most excellent.