Page 3 - homepage hijacked

That's a lot of Trojans! Let's try to clean them up first.

Turn System Restore off while we get you cleaned up:
Right-click My Computer > Properties > System Restore tab > check Turn off System Restore

Browse to this folder: C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\ and dump everything in it. Then empty your recycle bin immediately. Some items may not delete in normal mode. You can boot into Safe Mode (tap F8 while booting) and probably dump the rest of them.

Open up your Norton Antivirus and delete all items in quarantine.

Here's a list of trojan scanners. I suggest installing each of them and running them one at a time:

Trojan Remover
http://www.simplysup.com/tremover/download.html

Trojan Hunter
http://www.misec.net/trojanhunter/

DiamondCS TDS-3
http://tds.diamondcs.com.au/

GFI online Scan
http://www.trojanscan.com/

Sygate Trojan Scan
http://scan.sygatetech.com/pretrojanscan.html

After that, update Norton and do a full system scan.

I suggest doing the bitdefender online scan next.

If your scans start coming up clean, post a fresh HijackThis log.

Tom

Will do. Thanks again.

Your welcome... keep us posted!

I ran all the scanners and here is the latest Bitdefender scan...

Please let me know if you feel I did something wrong, or if you can determine that from this log.

My IE is working okay now, but obviously there are still trojan files in the system.

Thanks.


Memory ok
Master Boot Record 80 ok (Windows 95 B20 - Windows 98)
Partition Boot 1 (primary) ok (Unknown MBR/Boot Code)
Partition Boot 2 (primary) (active) ok (Windows NT 2000 NTFS)
C:\Q230903.exe=>(ASPack 1.08.04) infected: Trojan.Downloader.WinShow.A
C:\Q230903.exe=>(ASPack 1.08.04) unable to disinfect
C:\WINDOWS\appfg32.exe infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\appfg32.exe unable to disinfect
C:\WINDOWS\atbwig.dat=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\WINDOWS\atbwig.dat=>(Upx) unable to disinfect
C:\WINDOWS\atlhj32.exe=>(Upx) infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\atlhj32.exe=>(Upx) unable to disinfect
C:\WINDOWS\bjkqxn.dat=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\WINDOWS\bjkqxn.dat=>(Upx) unable to disinfect
C:\WINDOWS\bvighw.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\bvighw.dat unable to disinfect
C:\WINDOWS\chujcp.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\chujcp.dat unable to disinfect
C:\WINDOWS\cntdhr.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\cntdhr.dat unable to disinfect
C:\WINDOWS\edkzzy.dat=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\WINDOWS\edkzzy.dat=>(Upx) unable to disinfect
C:\WINDOWS\eylruy.dat=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\WINDOWS\eylruy.dat=>(Upx) unable to disinfect
C:\WINDOWS\fhzwwp.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\fhzwwp.dat unable to disinfect
C:\WINDOWS\gqiava.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\gqiava.dat unable to disinfect
C:\WINDOWS\iefzx.dll infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\iefzx.dll unable to disinfect
C:\WINDOWS\jplwbw.dat=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\WINDOWS\jplwbw.dat=>(Upx) unable to disinfect
C:\WINDOWS\jqztak.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\jqztak.dat unable to disinfect
C:\WINDOWS\kpiqdv.dat=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\WINDOWS\kpiqdv.dat=>(Upx) unable to disinfect
C:\WINDOWS\ktkqmr.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\ktkqmr.dat unable to disinfect
C:\WINDOWS\mecmzy.dat=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\WINDOWS\mecmzy.dat=>(Upx) unable to disinfect
C:\WINDOWS\nyqhhc.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\nyqhhc.dat unable to disinfect
C:\WINDOWS\n_avtyby.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\n_avtyby.dat unable to disinfect
C:\WINDOWS\n_btdeem.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\n_btdeem.dat unable to disinfect
C:\WINDOWS\n_iheazx.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\n_iheazx.dat unable to disinfect
C:\WINDOWS\n_lfmuyg.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\n_lfmuyg.dat unable to disinfect
C:\WINDOWS\n_mqwnlp.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\n_mqwnlp.dat unable to disinfect
C:\WINDOWS\n_oxitxc.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\n_oxitxc.dat unable to disinfect
C:\WINDOWS\n_pdbkft.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\n_pdbkft.dat unable to disinfect
C:\WINDOWS\n_ppwerd.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\n_ppwerd.dat unable to disinfect
C:\WINDOWS\n_rbthnc.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\n_rbthnc.dat unable to disinfect
C:\WINDOWS\n_rlouad.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\n_rlouad.dat unable to disinfect
C:\WINDOWS\n_temzxu.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\n_temzxu.dat unable to disinfect
C:\WINDOWS\n_uaikia.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\n_uaikia.dat unable to disinfect
C:\WINDOWS\n_zlorvu.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\n_zlorvu.dat unable to disinfect
C:\WINDOWS\ptofem.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\ptofem.dat unable to disinfect
C:\WINDOWS\pzczc.dll infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\pzczc.dll unable to disinfect
C:\WINDOWS\qtimdv.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\qtimdv.dat unable to disinfect
C:\WINDOWS\qtksgl.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\qtksgl.dat unable to disinfect
C:\WINDOWS\setiqc.dat=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\WINDOWS\setiqc.dat=>(Upx) unable to disinfect
C:\WINDOWS\SYSTEM32\hfblpg.dl$ infected: Trojan.StartPage.IS
C:\WINDOWS\SYSTEM32\hfblpg.dl$ unable to disinfect
C:\WINDOWS\SYSTEM32\ntgx.exe infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\SYSTEM32\ntgx.exe unable to disinfect
C:\WINDOWS\SYSTEM32\ntup32.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\WINDOWS\SYSTEM32\ntup32.dll=>(Upx) unable to disinfect
C:\WINDOWS\txhrhe.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\txhrhe.dat unable to disinfect
C:\WINDOWS\vrgefg.dat=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\WINDOWS\vrgefg.dat=>(Upx) unable to disinfect
C:\WINDOWS\wonulk.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\wonulk.dat unable to disinfect
C:\WINDOWS\wtxien.dat=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\WINDOWS\wtxien.dat=>(Upx) unable to disinfect
C:\WINDOWS\xuittk.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\xuittk.dat unable to disinfect
C:\WINDOWS\xyrvii.dat infected: Trojan.Downloader.Agent.AP
C:\WINDOWS\xyrvii.dat unable to disinfect
C:\WINDOWS\xzgqfq.dat=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\WINDOWS\xzgqfq.dat=>(Upx) unable to disinfect
C:\WINDOWS\ybbrco.dat=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\WINDOWS\ybbrco.dat=>(Upx) unable to disinfect
C:\WINDOWS\zltewe.dat=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\WINDOWS\zltewe.dat=>(Upx) unable to disinfect
C:\WINDOWS\zxtpor.dat=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\WINDOWS\zxtpor.dat=>(Upx) unable to disinfect

Looks like you are getting there!

I suggest booting into Safe Mode (tap F6 while your computer first begins to boot) and manually deleting those uncleanable files.

Then boot normally and post a fresh HijackThis log.

Tom