redirect malware w/ logs (txt) files incl

[needshelp99]

Dear all,

Thanks for the help and being here.

My machine as a redirect virus of somekind that has not been caught my various av etc.

Here are the details:

Running avast and adaware realtime, as well as mcafee security scan (free) that I can turn off that mostly wants to sell me software. Also running the following as ad hoc / as needed: hjt, spybot, malwarebytes and, since this time I followed the instructions, ssa, gmer, defogger.

It redirects ie, causes addl ie windows to open, redirects firefox and causes chrome to crash.

In the requested order, here are the scans:

dds*************

defogger_disable by jpshortstuff (23.02.10.1)

Log created at 14:51 on 25/08/2010 (Dean Slack)

Checking for autostart values...

HKCU\~\Run values retrieved.

HKLM\~\Run values retrieved.

Checking for services/drivers...

-=E.O.F=-

dds attach********

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 8/1/2010 8:27:51 PM

System Uptime: 8/25/2010 2:53:14 PM (0 hours ago)

Motherboard: Dell Inc. | | 0D201R

Processor: Intel Pentium III Xeon processor | Microprocessor | 2393/266mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 233 GiB total, 166.115 GiB free.

D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: Intel® WiFi Link 5100 AGN

Device ID: PCI\VEN_8086&DEV_4232&SUBSYS_13218086&REV_00\4&1CD20F91&0&00E1

Manufacturer: Intel Corporation

Name: Intel® WiFi Link 5100 AGN

PNP Device ID: PCI\VEN_8086&DEV_4232&SUBSYS_13218086&REV_00\4&1CD20F91&0&00E1

Service: NETw5x32

==== System Restore Points ===================

RP1: 8/1/2010 8:48:25 PM - System Checkpoint

RP2: 8/2/2010 7:05:52 AM - Unsigned driver install

RP3: 8/2/2010 7:17:03 AM - Removed WeatherBug

RP4: 8/2/2010 10:08:45 AM - Software Distribution Service 3.0

RP5: 8/2/2010 10:47:26 AM - Removed CinemaNow Media Manager.

RP6: 8/2/2010 12:42:49 PM - Installed WeatherBug

RP7: 8/2/2010 1:42:16 PM - avast! Free Antivirus Setup

RP8: 8/2/2010 4:53:24 PM - post windows reinstall repair

RP9: 8/2/2010 5:59:17 PM - Software Distribution Service 3.0

RP10: 8/3/2010 2:43:03 PM - Installed Java 6 Update 21

RP11: 8/3/2010 2:54:16 PM - Removed MSN Toolbar

RP12: 8/3/2010 2:54:28 PM - Removed Microsoft Default Manager

RP13: 8/5/2010 1:50:47 PM - System Checkpoint

RP14: 8/10/2010 1:28:43 PM - post glary pre legal

RP15: 8/11/2010 9:40:35 AM - Software Distribution Service 3.0

RP16: 8/11/2010 11:11:21 AM - Installed StyleWriter 4

RP17: 8/12/2010 2:24:59 PM - System Checkpoint

RP18: 8/13/2010 3:00:34 PM - System Checkpoint

RP19: 8/18/2010 11:29:17 AM - Installed StyleWriter 4

RP20: 8/18/2010 3:31:38 PM - Installed Windows Media Player 11

RP21: 8/19/2010 2:49:39 PM - pre

RP22: 8/24/2010 6:26:21 PM - Removed Bonjour

RP23: 8/24/2010 6:26:42 PM - Removed Boingo Wi-Fi

RP24: 8/25/2010 10:56:30 AM - post combofix

==== Installed Programs ======================

[Maurice Naggar]

Moderator comments !!

STOP creating new topics ! You already have another topic here --> http://forums.malwarebytes.org/index.php?showtopic=61267

which looks like it is on same system

STOP running special tools like Combofix on your own. You are risking turning your system into a brick.

Tell me whether you want to keep this topic OR the other one

I will not be able to handle your case --- I have enough on my plate. You will have to be patient and wait for another helper to respond.

I will delete my post here, after you advise which of 2 topics you want to keep.

Be considerate as the forum is super busy, always. and you need to wait your turn.

by the way, the next thing you need to do is to de-install uTorrent and any other "torrent" or file-sharing app.

[needshelp99]

Moderator comments !!

STOP creating new topics ! You already have another topic here --> http://forums.malwarebytes.org/index.php?showtopic=61267

which looks like it is on same system

STOP running special tools like Combofix on your own. You are risking turning your system into a brick.

Tell me whether you want to keep this topic OR the other one

I will not be able to handle your case --- I have enough on my plate. You will have to be patient and wait for another helper to respond.

I will delete my post here, after you advise which of 2 topics you want to keep.

Be considerate as the forum is super busy, always. and you need to wait your turn.

by the way, the next thing you need to do is to de-install uTorrent and any other "torrent" or file-sharing app.

[needshelp99]

Please keep this one.

It follows the instructions you sent me.

And no, per your instructions, I did not run CF again.

Please delete the other post. In it, it refers to this one.

This one has the logs requested in the instructions.

And yes, I will next remove utor.. etc. while waiting my turn.

Thank you. I'm sorry if I didn't do things right. das_fmr@msn.com

[Gammo]

Hi,

I'm helping you in this topic: http://forums.malwarebytes.org/index.php?showtopic=61267

This one will be closed by a moderator.