I had my parents ship me their netbook. They too have this insidious virus on it also. It originally manifested itself as one of those fake security center viruses. I've killed that. However, there is an ADS file in the windows directory that keeps running a service that I can't touch. If you look at the running processes, there's one called 3416somethingsomething:something.exe Any attempt made by a program to fix that server (Housecall, Hijackthis, MBM, etc etc) won't work. The program gets terminated and then gives the above error listed by jmh. The file CAN be access if you share the hard drive and execute it from another PC. I ran a scan against the netbook from another PC and it showed clean. The problem is this ADS file can't get removed. I used hijack this' ADS remover and when I clicked to remove, I got a question box with blank options. I hit what I thought was "yes", rebooted but the process is back. I keep killing any reference to it in the registry but nothing works. If I reinstall Hijack this, it will work again up until the point where you have it "touch" this ADS file.
The service will even run in safe mode (this is an XP home netbook). End process/end process tree do nothing. If you try to set the priority level, you get access denied.
Also, something similar to this thread http://www.bleepingcomputer.com/forums/topic418311.html
is occurring. If you run a search in IE or FF on google, most links, when clicked on, give an error that the URL can't be loaded. If you right click the link and pick open in a new tab, it works. The hosts file had a ton of weird misdirects to a 69. IP address but I have changed it back to a normal hosts file.
Edited by NapalmDawn, 11 September 2011 - 12:25 AM.