Moved from AII to MRL after OP edit added logs ~ Hamluis
I have an Assured Computing Tech (ACT POS) with Microsoft XP and Windows Embedded POS Ready 2009 for my small business, and it is infected with "Exploit Blackhole Exploit Kit (type 1889)." I found other people had received help with the same virus, but in my case I have also lost spoolsv.exe (and who knows what else), which has wiped out my printers.
AVG popped up and with a warning last night stating that it had blocked the virus, but apparently it did not. Neither Malwarebytes nor AVG have caught the virus after running scans. ComboFix is installed from an earlier problem, but I have not run it.
I did a system restore this morning before figuring out that my computer was infected. Other symptoms include Google redirect, I could not sign into this site using Firefox, and the computer is lethargic. I was going to include the log files, but not sure where to find them.
Any help would be greatly appreciated!
Edit: I have saved the log files (I found the instructions, sorry) but the editor will not allow me to attach them. Also, GMER shows "TDL4@MBR code has been found."
Update: Malwarebyte's removed five infected files, two of which were hdgfsh.exe and fsfwnnrv.exe, but I am still having problems. Also, I tried to disable/remove AVG in case I need to use Combofix but I cannot uninstall AVG 9.0.
Edited by SOLUser, 08 February 2012 - 04:01 PM.
Moved from XP to Am I Infected.