[Milosz006]

This particular virus spawns 2 files on my desktop, "Help and Support Center" and "Windows Update" which both point to StorageProtector.com. My C:\ continually fills up with a billion "POSxx" TMP files. My C:\Documents and Settings\NAME\Local Settings\Temporary Internet Files\ folder has regenerating files which also point to StorageProtector.com. Neither HJT or Ewido Anti-Spyware have permanently or temporarily fixed this problem. Ewido won't let me shred any of the files since they are in use and HJT won't let me select files in my Temp internet files directory. Thank you in advance for any help.

EDIT: Also, I can't remember how I got this error but it included "/e,/idlist,:620:1388", which is how I found this forum.

HiJack This log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:51:42 PM, on 3/2/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ewido Anti-Spyware 4.0\guard.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\UltraMon\UltraMon.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Trillian\trillian.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Ewido Anti-Spyware 4.0\ewido.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Install Files\HiJackThis(2).exe

O2 - BHO: (no name) - {701F271D-DD1D-4420-80D9-CFC27D4F83F2} - C:\WINDOWS\System32\ssttt.dll
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\qnpcrilx.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll (file missing)
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\Ewido Anti-Spyware 4.0\ewido.exe" /minimized
O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe
O20 - Winlogon Notify: kcrsicmd - C:\WINDOWS\SYSTEM32\kcrsicmd.dll
O20 - Winlogon Notify: qnpcrilx - C:\WINDOWS\SYSTEM32\qnpcrilx.dll
O20 - Winlogon Notify: __c009B9A4 - C:\WINDOWS\SYSTEM32\__c009B9A4.dat
O20 - Winlogon Notify: __c00C07D9 - C:\WINDOWS\SYSTEM32\__c00C07D9.dat
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\Ewido Anti-Spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Microsoft cache control (MSControlService) - Unknown owner - C:\WINDOWS\System32\windows

--
End of file - 2273 bytes

HiJack This UnInstall list:
7-Zip 4.52 beta
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Stock Photos 1.0
Ahead Nero Burning ROM
AOL Instant Messenger (SM)
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Control Panel
ATI Display Driver
ATI HydraVision
AutoHotkey 1.0.47.04
BitComet 0.70
CCleaner (remove only)
CDisplay 1.8
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
Download Accelerator Plus
DVD Decrypter (Remove Only)
DVD Region+CSS Free 5.9.8.5
DVD Shrink 3.2
ewido anti-spyware 4.0
FLAC Installer 1.1.2a (remove only)
GoldWave v5.22
Hamachi 1.0.2.3
HijackThis 2.0.2
J2SE Development Kit 5.0 Update 13
J2SE Runtime Environment 5.0 Update 13
Magic Online
Magic Workstation 0.94f
Microsoft .NET Framework 2.0
Microsoft Office Professional Edition 2003
Microsoft Visual C++ 2005 Redistributable
Movavi VideoSuite 5
Mozilla Firefox (2.0.0.12)
NetBeans IDE 5.5.1
NetBeans Mobility Pack 5.5.1
PeerGuardian 2.0
QuickTime Alternative 1.81
Sony DVD Architect 4.0b
Steam
Team Fortress 2
TigerGame XBOX+PS2+GC Game Controller Adapter
Trillian
UltraMon
Ventrilo Client
VideoLAN VLC media player 0.8.6c
Winamp (remove only)
Windows Installer 3.1 (KB893803)
World of Warcraft
ZoneAlarm

Edited by Milosz006, 01 March 2008 - 06:03 PM.

[Advertisements]

Hello Milosz006

Welcome to G2Go.
=====================

We can definitely help you, but first you need to help us. The first step in this process is to apply Service Pack 1a for Windows XP. Without this update, you're wide open to re-infection, and we're both just wasting our time.
Click here: http://www.microsoft...p1/default.mspx
Apply the update, reboot, and post a fresh Hijack This log

[kahdah]

Hello Milosz006

Welcome to G2Go.
=====================

We can definitely help you, but first you need to help us. The first step in this process is to apply Service Pack 1a for Windows XP. Without this update, you're wide open to re-infection, and we're both just wasting our time.
Click here: http://www.microsoft...p1/default.mspx
Apply the update, reboot, and post a fresh Hijack This log

[Milosz006]

Hello Milosz006

Welcome to G2Go.
=====================

We can definitely help you, but first you need to help us. The first step in this process is to apply Service Pack 1a for Windows XP. Without this update, you're wide open to re-infection, and we're both just wasting our time.
Click here: http://www.microsoft...p1/default.mspx
Apply the update, reboot, and post a fresh Hijack This log

Is there anyway I can fix this problem without updating? I actually make it a point to not update XP. I've never had a virus that I couldn't wipe without updating.

[kahdah]

Updates help prevent this I will need you to apply the update or I will not be able to help you.