Like alot of others here I got the AntivirusXP 2008 bug. I was able to restore my display tabs and change my desktop. Thought I had deleted the bug as it stopped sending pop ups and such. However my IE7 browser has been affected. Any searches in Yahoo, Google, etc, are all redirected to ad sites. Half the pages refuse to load at all. They all appear to go through an IP owned by "Conepuppy". Also after 20 or so minute the browser stops working all together and the only way to use it again is to reboot the system. All system restore points are gone. Ran AVG, McAfee, AdWare and a few others but nothing is being detected. Tried downloading a few other spyware programs but none will download properly or operate. Receive a message stating that are not valid SYSTEM32 files. Right now nothing else on my system seems to be affected except the browser. Can someone please tell me what I'm missing? I can run a hijack this scan if wanted.

Not sure what I did wrong here. I'm just trying to get some help solving this.

Hi, and Welcome to WhatTheTech

My name is jpshortstuff. I would be glad to take a look at your log and help you with solving any malware problems. HijackThis logs can take a while to research, so please be patient and I'd be grateful if you would note the following:

• I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
• The fixes are specific to your problem and should only be used for the issues on this machine.
• Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
• It's often worth reading through these instructions and printing them for ease of reference.
• If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
• Please reply to this thread. Do not start a new topic.

As I am still training, my posts to you will be checked by an Expert member. This will ensure that all advice and instructions I give you are accurate and safe. This may mean that my replies may take a little longer.

Please download HijackThis version 2.0.2 and save the file to your desktop. Double click the Hijackthis icon on your desktop and hit Do a System Scan and Save a Logfile and then copy and paste the log into a new reply, using the Add Reply button.

Thanks,

jpshortstuff

I thank you for your help. I resolved it last night. Actually the AntivirusXP was removed, however that wasn't what was causing the problems. Found a trojan called TDSSServ.sys. It was embedded in the System32 folder. Couldn't delete in safe mode. Had to download a program and force a delete of it. Again, thank you for your response.

Hi there.

I notice you named a file that was bad, and I recognized this file as a Rootkit. Read about it here:
http://www.bleepingcomputer.com/startups/t....sys-23624.html

This is quite a nasty infection. If you want me to check your computer for any more signs of malware, then I would be more than happy to do so. If you are happy that your computer is back to it's usual performance then please let me know and we can close this thread.

Thanks.

Due to inactivity this topic will be closed.
If you need help please start a new thread and post a new HJT log