It seems the same thing happened to me guys. By the way, I have SSD version 1.5.2.
Today I'm surfing the net when up popped a firewall warning alerting me to a request to hijack my internet connection by a file called wjqs.exe or something similar. Of course I say deny. Next comes a SSD pop up asking me to verify the following change:
value "BootExecute" (new data: "autocheck autochk * ") changed in Session manager!
I have no clue what that is so I deny.
Next I notice my Internet pages taking longer loading. So I open Adaware to scan my system but it say Adaware can't connect to the server!!
Next I attempt to open SSD but it flashes quickly and disappears!! I try to Google these variants and when I click the Google results I am redirected to spyware sites!!
Notice I never try to install SSD 1.6.
So I install Malwarebytes and I reboot the computer to go into Safemode but guess what happens? My computer won't boot into safe mode!! It reboots normally but just hangs at the XP login screen after I input my password!!
After many attempts to log into safe mode, I finally get in and I choose Last Known Good Configuration.
Then I reboot normally and run Malwarebytes. Below is what it finds on my PC:
- Two registry keys infected with tdssdata (Trojan.Agent)
- Four dll files infected with Trojan.TDSS
- One driver infected with Trojan.TDSS
- Two temp files infected with Trojan.FakeAlert
- One dll file infected with Rootkit.Agent
- and various other files infected with downloader trojans!!
Once these were cleaned from my system I was able to open and run SSD successfully!