I am attempting to repair a computer that has been infected with 'Windows Recovery' and the search engine redirect malware. After reading some forum posts, I have tried the following attempts to clean the computer. Initially, Avira AntiVir alerted the following: Virus or unwanted program 'TR/Rootkit.Gen [trojan]' C:\Windows\System32\spool\prtprocs\w32x86\625F93F.tmp. C:\Windows\System32\spool\prtprocs\w32x86\2162F.tmp C:\Windows\System32\drivers\579711D.sys. C:\Windows\System32\drivers\6263E8.tmp. C:\Windows\System32\drivers\1324E9C.sys C:\Windows\System32\drivers\2233E8.tmp C:\Users\liz\AppData\Local\Temp\ldr2220.tmp C:\Users\liz\AppData\Local\Temp\ldr3e4a.tmp C:\Users\liz\AppData\Local\Temp\-213E8.tmp C:\Users\liz\AppData\Local\Temp\ldr3e3b.tmp The files 'C:\Users\liz\AppData\Local\Temp\ldr3e4a.tmp' & C:\Users\liz\AppData\Local\Temp\ldr224f.tm contained a virus or unwanted program 'TR/Alureon.CD.6' [trojan] In attempt to stop the 'Windows Recovery' malware, I performed a Systems Restore. The google redirect issue seems to persist, so I attempted the following: Started in Safe Mode. Ran 'CleanUp!' to clean up files. Scanned with: SUPERAntiSpyware - cleared some cookies. Malwarebytes' Anti-Malware - cleared some cookies. SpyBot Search & Destroy - cleared some cookies. HijackThis - log file attached* Restarted computer, in normal mode, redirect malware still exists. Followed instructions on this forum: Ran DDS - log file attached* Ran GMER - log file attached* RKill iExplore - the following process was stopped (C:\Windows\System32\grpconv.exe) Hitman Pro 3.5 - cleared some cookies. Avira AntiVir scan - log file attached* Downloaded TDSSKiller. Extracted to desktop, clicked 'run as administrator' - though nothing happens. Any help would be greatly appreciated. attach.zip