Jump to content

HAMDJM

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

Reputation

0 Neutral
  1. HAMDJM
    Here is the Malwarebytes log. How does it look? mbam_log_2010_05_20__21_53_34_.txt
  2. HAMDJM
    OK I finished running Combofix and the log is attached. How does it look? log.txt
  3. HAMDJM
    I previously has a virus which after following the instructions on your website http://forums.malwarebytes.org/index.php?showtopic=9573 appear to have gotten rid of it. However whenever I use Google and go to access a search site I am redirected to another site. Can you help? Here is the DDS.txt. The other attachments are below. DDS (Ver_10-03-17.01) - NTFSx86 Run by HAMDJM at 21:01:34.31 on Sun 05/16/2010 Internet Explorer: 7.0.5730.13 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.1496 [GMT -3:00] AV: avast! antivirus 4.8.1368 [VPS 100516-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxpers.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\wuauclt.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Documents and Settings\HAMDJM\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.ca/ uInternet Settings,ProxyServer = http=127.0.0.1:5555 uInternet Settings,ProxyOverride = <local>;*.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe" mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe" mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe" mRun: [LVCOMSX] "c:\program files\common files\logishrd\lcommgr\LVComSX.exe" mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [mxomssmenu] "c:\program files\maxtor\onetouch status\maxmenumgr.exe" mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE mRun: [eBook Library Launcher] c:\program files\sony\reader\data\bin\launcher\Reader Library Launcher.exe mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} - hxxps://portal2.canaccord.com/+CSCOL+/relayp.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242680930812 DPF: {705EC6D4-B138-4079-A307-EF13E4889A82} - hxxps://portal2.canaccord.com/CACHE/sdesktop/install/binaries/instweb.cab DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://dl8-cdn-09.sun.com/s/ESD7/JSCDL/jdk/6u13-b03/jinstall-6u13-windows-i586-jc.cab?e=1242774551061&h=fca5f5063b1a23a142b4bda5d3381ba7/&filename=jinstall-6u13-windows-i586-jc.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL Notify: igfxcui - igfxdev.dll Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-5-8 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-5-8 20560] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-5-8 138680] R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-5-8 254040] R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-5-8 352920] =============== Created Last 30 ================ 2010-05-16 23:57:22 0 ----a-w- c:\documents and settings\hamdjm\defogger_reenable 2010-05-12 06:02:34 174 ----a-w- c:\windows\system32\MRT.INI 2010-05-05 08:44:22 0 d-----w- c:\windows\system32\wbem\Repository 2010-05-02 15:28:48 0 d-----w- c:\program files\iPod 2010-05-02 15:28:39 0 d-----w- c:\docume~1\alluse~1\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-05-02 15:28:38 0 d-----w- c:\program files\iTunes 2010-05-02 15:19:21 0 d-----w- c:\program files\Bonjour ==================== Find3M ==================== 2010-05-16 20:25:08 1768 ----a-w- c:\windows\EntPack.dat 2010-04-29 18:39:38 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-04-29 18:39:26 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-16 11:33:36 41472 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2010-04-16 11:33:36 3003680 ----a-w- c:\windows\system32\usbaaplrc.dll 2010-04-08 16:20:02 91424 ----a-w- c:\windows\system32\dnssd.dll 2010-04-08 16:20:02 107808 ----a-w- c:\windows\system32\dns-sd.exe 2010-04-07 21:41:48 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf 2010-04-05 16:22:26 65688 ----a-w- c:\docume~1\hamdjm\applic~1\GDIPFONTCACHEV1.DAT 2010-03-11 12:38:54 832512 ----a-w- c:\windows\system32\wininet.dll 2010-03-11 12:38:52 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-03-11 12:38:51 17408 ----a-w- c:\windows\system32\corpol.dll 2010-03-09 11:09:18 430080 ----a-w- c:\windows\system32\vbscript.dll 2010-02-17 12:10:28 2189952 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-16 13:25:04 2066816 ----a-w- c:\windows\system32\ntkrnlpa.exe ============= FINISH: 21:02:39.96 =============== Attach.zip mbam_log_2010_05_16__19_50_28_.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.