Yes....
LSP: mswsock.dll <-----from your DDS log...this points to that infection.
So read this over:
Your computer is infected with a nasty rootkit. Please read the following information first.
You're infected with
Rootkit.ZeroAccess, a BackDoor Trojan.
BACKDOOR WARNING
------------------------------
One or more of the identified infections is known to use a backdoor.
This allows hackers to remotely control your computer, steal critical system information and download and execute files.
I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.
Though the infection has been identified and because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
http://www.dslreports.com/faq/10451
When Should I Format, How Should I Reinstall
http://www.dslreports.com/faq/10063
I will try my best to clean this machine but I can't guarantee that it will be 100% secure afterwards and......
- There's a possibility that you'll lose your internet connections which I may not be able to correct and will require a repair install.
- There's also a possibility that during the cleaning procedure the computer will become unusable (won't boot) which will result in a repair install or complete format and install.
- I strongly suggest you back up all of the important items on the system before we continue.
Please let me know you have read this and agree to it.
Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.
-----------------------------------
Please make sure system restore is running and create a new restore point before continuing.
Please download and run
TDSSKiller to your desktop as outlined below:
Doubleclick on
TDSSKiller.exe to run the application, then click on Change parameters.
-------------------------
Check the boxes beside
Verify Driver Digital Signature and
Detect TDLFS file system, then click
OK.
------------------------
Click the
Start Scan button.
-----------------------
If a suspicious object is detected, the default action will be
Skip, click on
Continue
If you get the warning about a file
UnsignedFile.Multi.Generic or
LockedFile.Multi.Generic please choose
Skip and click on
Continue
Any entries like this:
\Device\Harddisk0\DR0 ( TDSS File System ) - please choose
delete.
----------------------
If
malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure
Cure is selected, then click
Continue => Reboot now to finish the cleaning process.
Note: If
Cure is not available, please choose
Skip instead,
do not choose Delete unless instructed.
--------------------
A report will be created in your root directory, (usually C:\ folder) in the form of
"TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
MrC
Sign In
Create Account
1
This topic is locked
Attach.txt 2.58MB
4 downloads
Back to top
