|
Multiple infections
Unfortunately, I had tried to battle these infections on my own before finding this place. As the result, HJT logs might not accurately reflect what had really happened.
I noticed recurring Logo_1.exe and rundl132.exe under C:\WINDOWS\ and C:\WINDOWS\uninstall\, respectively, as well as recurring WOW.exe, SERVICES.exe, LSASS.exe, and ?sy.exe (0sy.exe, 1sy.exe, 2sy.exe ... 10sy.exe, etc.) under C:\Program Files\Internet Explorer\. AVG Anti-Spyware showed reports of Trojan.Nilage.ara and Trojan.OnLineGames.es (I don't play on-line games), amongst other names that I can no longer remember (sorry). Since some of the aforementioned files seem to help propagate and/or download other trojans, I have created some folders with the same names with locked-up permissions to prevent recreation of these files.
I am running Windows XP Media Center Edition with SP2. This is a legitimate copy, so I should be able to receive the updates, but I can't... Otherwise I have followed the five steps very closely. I'll post the logs on my subsequent posts.
Thank you so much in advance, I've been working without sleep on this for the past 30 h...
|