Posted 27 September 2009 - 11:11 AM
The other day I ran an MBAM scan.
I noticed less than a week ago that another member of the household (who really should know better) had visited p--n sites. A few days after, the taskbar exploded with a whole bunch of programs. It was as if all of the system tray and background programs suddenly had active windows. (I thought I was just being butterfingers and had accidentally hit the wrong combo of keys. I have a special knack for that, especially since the left-side ctrl key sticks occassionally.)
But maybe it was something else...?
No other symptoms.
MBAM said I had a rootkit called TDSS. Specifically, it said:
Disabled.SecurityCenter (this was listed twice)
What I Have Done
I opened the windows security center and it appeared to be functioning normally, but I am learning that very little can be trusted if I truly have a rootkit on my system.
I visited bleepingcomputer to see what I should do. Printed guidelines.
I downloaded fresh copies of dds and rootrepeal and renamed them.
I pulled the cord on the internet and uninstalled several programs. Some were old security scanners which I feared were no longer trustworthy. Some were just old programs that I rarely used.
I also cleared out files in temp folder (C:\Documents and Settings\Compaq_Owner\Local Settings\Temp ) except IadHide5.dll which said it was in use.
I ran MBAM again and let it do its thing. Reboot and ran it again. MBAM doesn't show anything anymore.
Ran DDS and RootRepeal and saved the logs.
Am I Infected?
OS: Windows XP, service pack 3
In January 2009, I received help here in removing Vundo.
I am keeping this computer disconnected from the internet, but I will receive immediate email notification on my phone.
Thanks in advance!