conkling86

have found other help thanks anyways

Is there anything I can do to fix this? I posted this several days ago with no reply???

attached are the malwarebytes, DDS/GMER, Malwarebytes' Anti-Malware 1.44 Database version: 3601 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 1/21/2010 8:54:39 PM mbam-log-2010-01-21 (20-54-39).txt Scan type: Quick Scan Objects scanned: 116016 Time elapsed: 11 minute(s), 3 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) DDS (Ver_09-12-01.01) - NTFSx86 Run by Andrew Conkling at 21:19:10.14 on Thu 01/21/2010 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1271.617 [GMT -6:00] AV: Avanquest Fix-It *On-access scanning enabled* (Updated) {964FCE60-0B18-4D30-ADD6-EB178909041C} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\PROGRA~1\AVANQU~1\Fix-It\mxtask.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\Program Files\Common Files\AntiVirus\SBAMSvc.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\PROGRA~1\AVANQU~1\Fix-It\mxtask2.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\system32\wltray.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Documents and Settings\Andrew Conkling\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://m.www.yahoo.com/ uDefault_Page_URL = hxxp://www.dell4me.com/myway uSearch Bar = hxxp://www.yahoo.com/search/ie.html uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uInternet Connection Wizard,ShellNext = hxxp://www.dell4me.com/myway mURLSearchHooks: H - No File BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: WormRadar.com IESiteBlocker.NavFilter: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - AVG Safe Search BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe mRun: [synTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [PRONoMgrWired] c:\program files\intel\prosetwired\ncs\proset\PRONoMgr.exe mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe" mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe mRun: [wltray.exe] c:\windows\system32\wltray.exe mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [igfxtray] c:\windows\system32\igfxtray.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe mPolicies-system: EnableLUA = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000 IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1249795892625 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll Hosts: 127.0.0.1 www.spywareinfo.com ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\andrew~1\applic~1\mozilla\firefox\profiles\x6qo5si3.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/ FF - prefs.js: network.proxy.type - 4 FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); ============= SERVICES / DRIVERS =============== R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-1-18 64288] R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [2009-8-8 13360] R1 sbtis;sbtis;c:\windows\system32\drivers\sbtis.sys [2009-8-8 202928] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-12-2 1181328] R2 SBAMSvc;Fix-It;c:\program files\common files\antivirus\SBAMSvc.exe [2008-10-28 886056] R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2009-8-8 68912] R3 mxDisk;mxDisk;c:\progra~1\avanqu~1\fix-it\mxDisk.sys [2008-11-24 51736] S3 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2008-10-23 92464] =============== Created Last 30 ================ 2010-01-22 03:08:49 0 ----a-w- c:\documents and settings\andrew conkling\defogger_reenable 2010-01-19 21:43:00 0 d-----w- c:\docume~1\andrew~1\applic~1\Malwarebytes 2010-01-19 21:42:44 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-19 21:42:42 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2010-01-19 21:42:39 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-19 21:42:39 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-19 21:26:40 0 d-----w- c:\program files\Trend Micro 2010-01-19 20:12:44 0 d-----w- c:\program files\Spybot - Search & Destroy 2010-01-19 20:12:44 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy 2010-01-19 01:50:10 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-01-18 23:44:56 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-01-18 23:38:34 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9} 2010-01-18 23:37:03 0 d-----w- c:\program files\Lavasoft 2010-01-16 11:29:40 104 ----a-w- c:\windows\system32\drivers\kgpfr2.cfg 2010-01-16 11:29:17 1112 ----a-w- c:\windows\system32\drivers\kgpcpy.cfg 2010-01-16 11:19:42 0 d-----w- c:\docume~1\alluse~1\applic~1\SITEguard 2010-01-16 11:16:56 0 d-----w- c:\program files\common files\iS3 2010-01-16 11:16:54 0 d-----w- c:\docume~1\alluse~1\applic~1\STOPzilla! 2010-01-13 14:08:56 471552 ------w- c:\windows\system32\dllcache\aclayers.dll 2010-01-02 20:48:29 0 d-----w- c:\docume~1\alluse~1\applic~1\Trymedia 2010-01-02 20:48:04 0 d-----w- c:\docume~1\alluse~1\applic~1\NeoEdge Networks 2009-12-31 21:57:05 40 ----a-w- c:\windows\X-Plane World-Maker.prf 2009-12-31 21:55:28 125 ----a-w- c:\windows\X-Plane Plane-Maker.prf 2009-12-31 21:41:49 54 ----a-w- c:\windows\X-Plane Resolution.prf 2009-12-31 21:41:49 35 ----a-w- c:\windows\X-Plane Pilot.prf 2009-12-31 21:41:49 1842 ----a-w- c:\windows\X-Plane.prf 2009-12-31 21:41:49 125 ----a-w- c:\windows\X-Plane Joy.prf ==================== Find3M ==================== 2009-12-11 22:06:42 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-12-11 22:06:42 22328 ----a-w- c:\docume~1\andrew~1\applic~1\PnkBstrK.sys 2009-12-11 22:06:28 103736 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-12-11 22:06:16 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-10-28 14:40:47 173056 ------w- c:\windows\system32\dllcache\ie4uinit.exe 2009-08-09 14:16:53 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009080920090810\index.dat ============= FINISH: 21:22:23.42 ===============

any ideas would be greatly appreciated

Hello when I enter a search term into a search engine I am redirected to various sites, I have downloaded malwarebytes and have removed the results it showed and restarted my computer but am still having the same problems, Any suggestions I have also included the malwarebytes log. Thanks Malwarebytes' Anti-Malware 1.44 Database version: 3600 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 1/19/2010 4:15:39 PM mbam-log-2010-01-19 (16-15-39).txt Scan type: Quick Scan Objects scanned: 115956 Time elapsed: 12 minute(s), 59 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 4 Registry Values Infected: 0 Registry Data Items Infected: 4 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\TypeLib\{df058c45-cd18-453e-8745-5a77f60722ab} (Adware.Gdown) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{b5a33c35-7298-4d15-8753-a2e851e2eab3} (Adware.Gdown) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{f0d2b812-752d-4af1-a2fb-968c4d8446db} (Adware.Gdown) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e856b973-45fd-4559-8f82-eab539144667} (Adware.Gdown) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\GTDownDE_87.ocx (Adware.Gdown) -> Quarantined and deleted successfully.