Mobile/PDA About Us Advertise here
User User name Password  
  Not registered yet? Register here.
Lost your password? Click here. 		 
  Home   News   Guides   Downloads   Glossary   Hardware   Profiles   Forums   v4  
 Advertise at AfterDawn.com     Link to us!     Private messages     Compose a private message     List of all updated threads     Threads without replies     Search messages
Tuesday 22.7.2025 / 02:40
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > i need assistance removing browser hijacker and other malicious stuff please
Show topics
 
Forums
Forums
I need assistance removing browser hijacker and other malicious stuff please
  Jump to:
 
Posted Message
conure170
Newbie
_ 		25. January 2010 @ 01:29 _ Link to this message    Send private message to this user   
Hello,
I need assistance removing a browser hijacker and probably some other malicious stuff. Both Mozilla Firefox and IE are redirected to other sights when I do a search. They eventually stop working and I have to reinstall them to work for a while. Yesterday, I spent the day doing multiple full system scans of my laptop with McAfee (never detects anything), Malwarebytes Anti-Malware (detects a few items) and SUPERAntispyware (detects a few items). Upon rebooting the system something depleted my free space memory as well. I'm guessing it ate about 10 gigs or so.

Today I followed the directions on your site:
(1) Cleaned with ATF Cleaner
(2) Scanned with Kapersky Webscanner (see attached logfile)
(3) Updated Windows XP (IE)
(4) Rebooted computer
(5) Ran Hijack This (see attached logfile)

Note I didn't use Spybot search and destroy. I used this one a couple months ago when I had this same problem and I ended up having to obtain a back-up disc and reload windows. I don't think I ever got rid of the problem and it just took a while to start causing problems again.

Any help you can provide is greatly appreciated.
Please see logfiles below for both Kapersky and Hijack this.

If you need any further clarification, please let me know. Thank you.

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Sunday, January 24, 2010
Operating system: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Sunday, January 24, 2010 17:17:27
Records in database: 3365798
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Objects scanned: 256994
Threats found: 3
Infected objects found: 507
Suspicious objects found: 0
Scan duration: 07:22:34


File name / Threat / Threats count
C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Data\TFR16.tmp Infected: Trojan.Win32.Qhost.lsc 1
C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Data\TFRC.tmp Infected: Trojan.Win32.Qhost.lsc 1
C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Data\TFRD.tmp Infected: Trojan.Win32.Qhost.lsc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\ppCA1MTY87.av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\ppCA3AS7CY.av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\ppCA3Q78O0.av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\ppCANB2E0R.av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\ppCAPZAT0D.av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\ppCAST7OQU.av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\ppCAYNZ3MT.av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\ppCAZB9U95.av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[10].av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[11].av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[1].av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[2].av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[3].av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[4].av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[5].av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[6].av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[7].av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[8].av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[9].av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\1JEW67NK\pp[1].av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\1JEW67NK\pp[2].av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\1JEW67NK\pp[3].av Infected: Backdoor.Win32.Agent.ppc 1
C:\WINDOWS\system32\drivers\OLD12D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD130.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD133.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD136.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD139.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD13C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD13F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD142.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD145.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD148.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD14B.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD14E.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD151.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD154.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD157.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD15A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD160.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD163.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD166.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD169.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD16C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD16F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD172.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD175.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD179.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD185.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD18E.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD191.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD194.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD197.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD19A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD19D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1A0.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1A3.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1A6.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1A9.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1AC.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1AF.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1B2.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1B5.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1B8.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1BB.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1BE.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1C1.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1C4.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1C7.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1CA.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1CD.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1D0.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1D3.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1D6.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1DC.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1DF.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1E2.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1E5.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1E8.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1EB.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1EE.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1F1.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1F4.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1F7.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1FA.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD1FD.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD200.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD203.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD206.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD209.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD20C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD20F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD212.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD215.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD218.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD21E.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD221.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD224.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD227.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD22A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD22D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD230.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD233.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD236.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD239.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD23C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD23F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD242.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD245.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD248.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD24B.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD24E.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD251.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD254.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD257.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD25A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD25D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD260.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD263.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD266.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD269.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD26C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD26F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD272.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD275.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD278.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD27B.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD27E.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD281.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD284.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD287.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD28A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD28D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD290.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD293.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD296.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD299.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD29C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD29F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2A2.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2A5.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2A8.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2AB.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2AE.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2B1.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2B4.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2B7.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2BA.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2BD.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2C0.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2C3.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2C6.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2C9.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2CC.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2CF.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2D2.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2D5.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2D8.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2DB.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2DE.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2E1.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2E4.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2E7.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2EA.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2ED.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2F0.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2F3.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2F6.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2F9.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2FC.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD2FF.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD302.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD305.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD308.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD30B.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD311.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD314.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD317.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD31A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD31D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD320.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD323.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD326.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD329.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD32C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD32F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD332.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD335.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD338.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD33B.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD33E.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD341.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD344.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD34A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD34D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD350.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD353.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD356.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD359.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD35C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD35F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD362.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD365.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD368.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD36B.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD36E.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD371.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD379.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD387.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD38A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD38D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD394.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD397.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD39A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD39D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3A2.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3A5.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3A8.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3AB.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3AE.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3B1.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3B4.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3B7.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3BA.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3BD.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3C0.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3C3.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3C6.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3C9.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3CF.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3D2.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3D5.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3D8.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3DB.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3DE.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3E1.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3E4.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3E7.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3EA.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3ED.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3F0.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3F3.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3F6.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3F9.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3FC.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD3FF.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD402.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD405.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD408.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD40B.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD40E.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD411.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD414.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD417.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD41A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD41D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD420.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD423.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD426.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD429.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD42C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD42F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD432.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD435.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD438.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD43B.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD43E.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD441.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD444.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD447.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD44A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD44D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD450.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD453.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD456.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD459.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD45C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD45F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD462.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD465.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD468.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD46B.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD46E.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD471.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD474.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD477.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD47A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD47D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD480.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD483.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD489.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD48C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD48F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD492.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD495.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD498.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD49B.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD49E.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4A1.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4A4.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4A7.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4AA.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4B2.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4B6.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4BA.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4BD.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4C0.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4C3.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4C6.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4C9.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4CC.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4CF.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4D2.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4D5.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4D8.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4DB.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4DE.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4E1.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4E4.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4E7.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4EA.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4ED.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4F0.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4F3.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4F6.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4F9.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4FC.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD4FF.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD503.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD506.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD509.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD50C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD510.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD513.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD517.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD51A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD51D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD520.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD526.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD529.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD52C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD52F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD532.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD535.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD538.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD53B.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD53E.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD541.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD544.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD547.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD54A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD54D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD550.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD553.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD556.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD559.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD55C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD55F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD562.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD565.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD568.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD56B.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD56E.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD571.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD574.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD577.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD57A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD57D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD580.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD583.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD586.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD589.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD58C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD58F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD592.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD596.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD599.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD59C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD59F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5A2.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5A5.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5A8.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5B1.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5B4.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5B7.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5BA.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5BD.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5C0.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5C3.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5C7.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5CD.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5D3.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5D7.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5DA.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5E0.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5E6.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5F0.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5F3.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5F6.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD5FC.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD608.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD60B.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD60E.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD611.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD614.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD617.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD61A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD61D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD620.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD623.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD626.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD629.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD62C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD62F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD632.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD635.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD638.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD63B.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD63E.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD641.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD644.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD647.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD64A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD64D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD650.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD653.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD656.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD659.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD65C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD662.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD665.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD66B.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD674.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD67A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD683.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD689.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD68F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD695.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD69B.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD69E.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD6A4.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD6A7.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD6AD.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD6B3.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD6BC.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD6C2.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD6C8.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD6CE.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD6D1.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD6E0.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD6E6.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD6EF.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD6F2.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD6F5.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD6F8.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD6FB.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD6FE.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD701.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD704.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD707.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD70A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD70D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD710.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD713.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD716.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD719.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD71C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD71F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD722.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD725.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD728.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD72B.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD72E.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD731.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD737.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD73A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD73D.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD740.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD743.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD746.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD749.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD74C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD74F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD752.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD755.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD75B.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD764.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD76A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD770.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD776.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD77C.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD77F.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD788.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD78E.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD794.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD79A.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD7A3.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD7A9.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD7AF.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD7B5.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD7BB.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD7BE.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD7C4.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD7C7.tmp Infected: Rootkit.Win32.TDSS.y 1
C:\WINDOWS\system32\drivers\OLD7D0.tmp Infected: Rootkit.Win32.TDSS.y 1

Selected area has been scanned.
[ + quote]
Advertisement
_ 		__
conure170
Newbie
_ 		25. January 2010 @ 01:34 _ Link to this message    Send private message to this user   
...and here is my HijackThis logfile!
Thanks again!


Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 12:50:58 AM, on 1/25/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\WINDOWS\system32\igfxsrvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\McShield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [services] C:\WINDOWS\services.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [services] C:\WINDOWS\services.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [services] C:\WINDOWS\services.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [services] C:\WINDOWS\services.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1173586342171
O16 - DPF: {7FE26BE2-B923-4B41-9834-E84DA1CC1F96} (Closet Control) - http://vsp.closetmaid.com/vsp/cmaidctl_v..._downloader.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\ cqauez.dll C:\WINDOWS\system32\jefiyuna.dll c:\windows\system32\zeveluhe.dll c:\windows\system32\hahomehe.dll,C:\WINDOWS\system32\beregigi.dll,gigivada.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: McAfee Application Installer Cleanup (0200331262027675) (0200331262027675mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\020033~1.EXE (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\McShield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 12170 bytes
[ + quote]
conure170
Newbie
_ 		27. January 2010 @ 00:12 _ Link to this message    Send private message to this user   
Anyone have any ideas?
Thank you in advance.
conure1701
[ + quote]
terry9999
Junior Member
_ 		27. January 2010 @ 04:12 _ Link to this message    Send private message to this user   
Hi, Unfortunatley I don't know how to read the logs but I think I can help if you have Malware. The programs I have listed will preform very detailed scanns and are very good.

If the below programs do not load change their .exe file name (not the shortcut)to something like iexplorer.exe and they will work fine.

I was instructed by my companys IT support company to perform the following steps 3 or 4 times and my PC is now fine. If you are redirected when clicking on the below links copy and paste them into you browser.

Most effective in the following order:
1. Malware bytes: http://www.malwarebytes.org/mbam-download.php

2. ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

3. SDFix: http://www.bleepingcomputer.com/files/sdfix.php

4. SmitfraudFix: http://www.bleepingcomputer.com/resources/link243.html

5. SpyBot Search and Destroy: http://www.spybotupdates.com/files/spybotsd162.exe

Also ensure you have the newest version of java as some of the old one's have vulnerabilities.
Other things to consider if you don?t already have them is a third part firewall, as windows firewall only block incoming traffic, if you are infected you want something like ZoneAlarm which will block outgoing traffic also. Please ensure Windows Firewall is switched off if you install a third party firewall (normally if you intsall zoneAlarm windows firewall will be automaticaly switched off but better to check) as running more than one firewall at a time could cause them to conflict.

I hope this helps.

Regards,
Terry9999
[ + quote]
Advertisement
_ 		__
 
_
conure170
Newbie
_ 		30. January 2010 @ 16:56 _ Link to this message    Send private message to this user   
Thanks Terry 9999. I may give this a try as I have yet to receive a response to my posted Hijackthis log.
conure1701
[ + quote]
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > i need assistance removing browser hijacker and other malicious stuff please
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2025 by AfterDawn Ltd.

  IDG TechNetwork