I need assistance removing browser hijacker and other malicious stuff please

Discussion in 'Windows - Virus and spyware problems' started by conure170, Jan 25, 2010.

  1. conure170

    conure170 Member

    Joined:
    Jan 25, 2010
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    11
    Hello,
    I need assistance removing a browser hijacker and probably some other malicious stuff. Both Mozilla Firefox and IE are redirected to other sights when I do a search. They eventually stop working and I have to reinstall them to work for a while. Yesterday, I spent the day doing multiple full system scans of my laptop with McAfee (never detects anything), Malwarebytes Anti-Malware (detects a few items) and SUPERAntispyware (detects a few items). Upon rebooting the system something depleted my free space memory as well. I'm guessing it ate about 10 gigs or so.

    Today I followed the directions on your site:
    (1) Cleaned with ATF Cleaner
    (2) Scanned with Kapersky Webscanner (see attached logfile)
    (3) Updated Windows XP (IE)
    (4) Rebooted computer
    (5) Ran Hijack This (see attached logfile)

    Note I didn't use Spybot search and destroy. I used this one a couple months ago when I had this same problem and I ended up having to obtain a back-up disc and reload windows. I don't think I ever got rid of the problem and it just took a while to start causing problems again.

    Any help you can provide is greatly appreciated.
    Please see logfiles below for both Kapersky and Hijack this.

    If you need any further clarification, please let me know. Thank you.

    --------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER 7.0: scan report
    Sunday, January 24, 2010
    Operating system: Microsoft Windows XP Professional Service Pack 2 (build 2600)
    Kaspersky Online Scanner version: 7.0.26.13
    Last database update: Sunday, January 24, 2010 17:17:27
    Records in database: 3365798
    --------------------------------------------------------------------------------

    Scan settings:
    scan using the following database: extended
    Scan archives: yes
    Scan e-mail databases: yes

    Scan area - My Computer:
    C:\
    D:\
    E:\

    Scan statistics:
    Objects scanned: 256994
    Threats found: 3
    Infected objects found: 507
    Suspicious objects found: 0
    Scan duration: 07:22:34


    File name / Threat / Threats count
    C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Data\TFR16.tmp Infected: Trojan.Win32.Qhost.lsc 1
    C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Data\TFRC.tmp Infected: Trojan.Win32.Qhost.lsc 1
    C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Data\TFRD.tmp Infected: Trojan.Win32.Qhost.lsc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\ppCA1MTY87.av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\ppCA3AS7CY.av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\ppCA3Q78O0.av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\ppCANB2E0R.av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\ppCAPZAT0D.av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\ppCAST7OQU.av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\ppCAYNZ3MT.av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\ppCAZB9U95.av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[10].av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[11].av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[1].av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[2].av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[3].av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[4].av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[5].av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[6].av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[7].av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[8].av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\14L7OBGO\pp[9].av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\1JEW67NK\pp[1].av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\1JEW67NK\pp[2].av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\1JEW67NK\pp[3].av Infected: Backdoor.Win32.Agent.ppc 1
    C:\WINDOWS\system32\drivers\OLD12D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD130.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD133.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD136.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD139.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD13C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD13F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD142.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD145.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD148.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD14B.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD14E.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD151.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD154.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD157.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD15A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD160.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD163.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD166.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD169.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD16C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD16F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD172.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD175.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD179.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD185.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD18E.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD191.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD194.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD197.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD19A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD19D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1A0.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1A3.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1A6.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1A9.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1AC.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1AF.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1B2.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1B5.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1B8.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1BB.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1BE.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1C1.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1C4.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1C7.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1CA.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1CD.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1D0.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1D3.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1D6.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1DC.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1DF.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1E2.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1E5.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1E8.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1EB.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1EE.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1F1.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1F4.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1F7.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1FA.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD1FD.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD200.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD203.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD206.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD209.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD20C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD20F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD212.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD215.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD218.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD21E.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD221.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD224.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD227.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD22A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD22D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD230.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD233.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD236.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD239.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD23C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD23F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD242.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD245.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD248.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD24B.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD24E.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD251.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD254.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD257.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD25A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD25D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD260.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD263.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD266.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD269.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD26C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD26F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD272.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD275.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD278.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD27B.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD27E.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD281.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD284.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD287.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD28A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD28D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD290.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD293.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD296.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD299.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD29C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD29F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2A2.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2A5.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2A8.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2AB.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2AE.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2B1.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2B4.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2B7.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2BA.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2BD.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2C0.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2C3.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2C6.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2C9.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2CC.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2CF.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2D2.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2D5.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2D8.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2DB.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2DE.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2E1.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2E4.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2E7.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2EA.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2ED.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2F0.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2F3.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2F6.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2F9.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2FC.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD2FF.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD302.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD305.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD308.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD30B.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD311.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD314.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD317.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD31A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD31D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD320.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD323.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD326.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD329.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD32C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD32F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD332.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD335.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD338.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD33B.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD33E.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD341.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD344.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD34A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD34D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD350.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD353.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD356.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD359.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD35C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD35F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD362.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD365.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD368.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD36B.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD36E.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD371.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD379.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD387.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD38A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD38D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD394.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD397.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD39A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD39D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3A2.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3A5.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3A8.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3AB.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3AE.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3B1.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3B4.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3B7.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3BA.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3BD.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3C0.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3C3.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3C6.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3C9.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3CF.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3D2.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3D5.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3D8.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3DB.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3DE.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3E1.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3E4.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3E7.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3EA.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3ED.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3F0.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3F3.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3F6.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3F9.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3FC.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD3FF.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD402.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD405.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD408.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD40B.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD40E.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD411.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD414.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD417.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD41A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD41D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD420.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD423.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD426.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD429.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD42C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD42F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD432.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD435.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD438.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD43B.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD43E.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD441.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD444.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD447.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD44A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD44D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD450.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD453.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD456.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD459.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD45C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD45F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD462.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD465.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD468.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD46B.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD46E.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD471.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD474.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD477.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD47A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD47D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD480.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD483.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD489.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD48C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD48F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD492.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD495.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD498.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD49B.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD49E.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4A1.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4A4.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4A7.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4AA.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4B2.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4B6.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4BA.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4BD.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4C0.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4C3.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4C6.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4C9.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4CC.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4CF.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4D2.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4D5.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4D8.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4DB.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4DE.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4E1.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4E4.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4E7.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4EA.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4ED.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4F0.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4F3.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4F6.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4F9.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4FC.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD4FF.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD503.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD506.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD509.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD50C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD510.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD513.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD517.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD51A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD51D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD520.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD526.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD529.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD52C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD52F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD532.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD535.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD538.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD53B.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD53E.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD541.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD544.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD547.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD54A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD54D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD550.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD553.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD556.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD559.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD55C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD55F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD562.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD565.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD568.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD56B.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD56E.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD571.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD574.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD577.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD57A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD57D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD580.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD583.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD586.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD589.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD58C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD58F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD592.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD596.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD599.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD59C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD59F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5A2.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5A5.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5A8.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5B1.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5B4.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5B7.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5BA.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5BD.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5C0.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5C3.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5C7.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5CD.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5D3.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5D7.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5DA.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5E0.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5E6.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5F0.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5F3.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5F6.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD5FC.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD608.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD60B.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD60E.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD611.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD614.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD617.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD61A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD61D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD620.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD623.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD626.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD629.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD62C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD62F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD632.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD635.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD638.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD63B.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD63E.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD641.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD644.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD647.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD64A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD64D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD650.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD653.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD656.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD659.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD65C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD662.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD665.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD66B.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD674.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD67A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD683.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD689.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD68F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD695.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD69B.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD69E.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD6A4.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD6A7.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD6AD.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD6B3.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD6BC.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD6C2.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD6C8.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD6CE.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD6D1.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD6E0.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD6E6.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD6EF.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD6F2.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD6F5.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD6F8.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD6FB.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD6FE.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD701.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD704.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD707.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD70A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD70D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD710.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD713.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD716.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD719.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD71C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD71F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD722.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD725.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD728.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD72B.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD72E.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD731.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD737.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD73A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD73D.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD740.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD743.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD746.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD749.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD74C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD74F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD752.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD755.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD75B.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD764.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD76A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD770.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD776.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD77C.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD77F.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD788.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD78E.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD794.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD79A.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD7A3.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD7A9.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD7AF.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD7B5.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD7BB.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD7BE.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD7C4.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD7C7.tmp Infected: Rootkit.Win32.TDSS.y 1
    C:\WINDOWS\system32\drivers\OLD7D0.tmp Infected: Rootkit.Win32.TDSS.y 1

    Selected area has been scanned.
     
    conure170, Jan 25, 2010
    #1
  2. conure170

    conure170 Member

    Joined:
    Jan 25, 2010
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    11
    ...and here is my HijackThis logfile!
    Thanks again!


    Logfile of Trend Micro HijackThis v2.0.3 (BETA)
    Scan saved at 12:50:58 AM, on 1/25/2010
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\McShield.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\McAfee\MSK\MskSrver.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe"
    O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-18\..\Run: [services] C:\WINDOWS\services.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [services] C:\WINDOWS\services.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [services] C:\WINDOWS\services.exe (User 'Default user')
    O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [services] C:\WINDOWS\services.exe (User 'Default user')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1173586342171
    O16 - DPF: {7FE26BE2-B923-4B41-9834-E84DA1CC1F96} (Closet Control) - http://vsp.closetmaid.com/vsp/cmaidctl_vsp.closetmaid.com_downloader.cab
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O20 - AppInit_DLLs: C:\WINDOWS\system32\ cqauez.dll C:\WINDOWS\system32\jefiyuna.dll c:\windows\system32\zeveluhe.dll c:\windows\system32\hahomehe.dll,C:\WINDOWS\system32\beregigi.dll,gigivada.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: McAfee Application Installer Cleanup (0200331262027675) (0200331262027675mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\020033~1.EXE (file missing)
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\McShield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
    O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
    O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

    --
    End of file - 12170 bytes
     
    conure170, Jan 25, 2010
    #2
  3. conure170

    conure170 Member

    Joined:
    Jan 25, 2010
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    11
    Anyone have any ideas?
    Thank you in advance.
    conure1701
     
    conure170, Jan 27, 2010
    #3
  4. terry9999

    terry9999 Member

    Joined:
    Jan 4, 2010
    Messages:
    51
    Likes Received:
    0
    Trophy Points:
    16
    Hi, Unfortunatley I don't know how to read the logs but I think I can help if you have Malware. The programs I have listed will preform very detailed scanns and are very good.

    If the below programs do not load change their .exe file name (not the shortcut)to something like iexplorer.exe and they will work fine.

    I was instructed by my companys IT support company to perform the following steps 3 or 4 times and my PC is now fine. If you are redirected when clicking on the below links copy and paste them into you browser.

    Most effective in the following order:
    1. Malware bytes: http://www.malwarebytes.org/mbam-download.php

    2. ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    3. SDFix: http://www.bleepingcomputer.com/files/sdfix.php

    4. SmitfraudFix: http://www.bleepingcomputer.com/resources/link243.html

    5. SpyBot Search and Destroy: http://www.spybotupdates.com/files/spybotsd162.exe

    Also ensure you have the newest version of java as some of the old one's have vulnerabilities.
    Other things to consider if you don’t already have them is a third part firewall, as windows firewall only block incoming traffic, if you are infected you want something like ZoneAlarm which will block outgoing traffic also. Please ensure Windows Firewall is switched off if you install a third party firewall (normally if you intsall zoneAlarm windows firewall will be automaticaly switched off but better to check) as running more than one firewall at a time could cause them to conflict.

    I hope this helps.

    Regards,
    Terry9999
     
    terry9999, Jan 27, 2010
    #4
  5. conure170

    conure170 Member

    Joined:
    Jan 25, 2010
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    11
    Thanks Terry 9999. I may give this a try as I have yet to receive a response to my posted Hijackthis log.
    conure1701
     
    conure170, Jan 30, 2010
    #5

Share This Page