dreamr Posted September 6, 2010 ID:310310 Share Posted September 6, 2010 Test Link to post Share on other sites More sharing options...
dreamr Posted September 6, 2010 Author ID:310315 Share Posted September 6, 2010 I could really use help, but for some reason, it will not let me post any logs or anything. The "test" topic went through, obviously, but every time I try to include logs or attach the .zip file...nothing happens. If you would, please delete this thread and I'll try again. *sigh* Link to post Share on other sites More sharing options...
dreamr Posted September 6, 2010 Author ID:310316 Share Posted September 6, 2010 It wouldn't let me post, hence the "test" topic. Then I discovered I can't edit that post...I'm sorry about that. :/Hey there,I am having a bit of trouble with my computer. I clicked on a google search link a day and a half ago and got the "this site may harm your computer" screen. I tried backing out of it, but apparently, it was too late. All kinds of different popups started popping up. Security Suite among others. I seem to have removed that one, but my computer is still having problems. Namely, there seems to be an svchost.exe file that is taking up all of my RAM when viewing the task manager.I've scanned with MalwareBytes several times and supposedly cured the infection...but upon reboot, it's back. I've scanned with MalwareBytes, Spybot S&D, Dr. CureIt, and I've also ran CCleaner. So far, nothing seems to have actually cleaned it for good, so I really could use some help.Also, Chrome gives an error when I try to open it ("application failed to initialize properly" 0xc0000022). I'm using FireFox right now, which at least lets me get online, but after about 2-3 minutes of having it open, a new tab opens automatically and goes to a random website. Also, I've noticed that if I do a google search and click on a search result, it usually redirects to a random website instead of going to the actual link location.I've followed the guide stickied in this forum, so I'm really hoping that someone here can help me out. Thanks for looking. DDS.txt:DDS (Ver_10-03-17.01) - NTFSx86 MINIMAL Run by Owner at 15:39:32.15 on Mon 09/06/2010Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_18Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.759.616 [GMT -4:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\system32\svchost.exe -k netsvcsC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\Softex\OmniPass\OPXPApp.exeC:\WINDOWS\Explorer.EXEC:\Documents and Settings\Owner\Desktop\dds.scr============== Pseudo HJT Report ===============uStart Page = hxxp://www.google.com/uSearch Page = hxxp://srch-qus8.hpwis.com/uDefault_Page_URL = hxxp://qus8.hpwis.com/uDefault_Search_URL = hxxp://srch-qus8.hpwis.com/uSearch Bar = hxxp://srch-qus8.hpwis.com/mDefault_Page_URL = hxxp://qus8.hpwis.com/mDefault_Search_URL = hxxp://srch-qus8.hpwis.com/mSearch Page = hxxp://srch-qus8.hpwis.com/mStart Page = hxxp://qus8.hpwis.com/mSearch Bar = hxxp://srch-qus8.hpwis.com/uInternet Connection Wizard,ShellNext = hxxp://www.avg.com/platformsuInternet Settings,ProxyOverride = <local>uInternet Settings,ProxyServer = http=127.0.0.1:6092BHO: Yahoo! Companion BHO: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\common\ycomp5,1,1,0.dllBHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocxBHO: {243b17de-77c7-46bf-b94b-0b5f309a0e64} - c:\program files\microsoft money\system\mnyside.dllBHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realone player\rpbrowserrecordplugin.dllBHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No FileBHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllBHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No FileTB: &Yahoo! Companion: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\common\ycomp5,1,1,0.dllEB: {32683183-48a0-441b-a342-7c2a440a9478} - No FileuRun: [NVIEW] rundll32.exe nview.dll,nViewLoadHookuRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /backgroundmRun: [hpsysdrv] c:\windows\system\hpsysdrv.exemRun: [HotKeysCmds] c:\windows\system32\hkcmd.exemRun: [KBD] c:\hp\kbd\KBD.EXEmRun: [Recguard] c:\windows\sminst\RECGUARD.EXEmRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartupmRun: [AlcxMonitor] ALCXMNTR.EXEmRun: [PS2] c:\windows\system32\ps2.exemRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exemRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNCmRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNCmRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMENamemRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscriptStartupFolder: c:\docume~1\owner\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dllIE: {E023F504-0C5A-4750-A1E7-Ascans.rar Link to post Share on other sites More sharing options...
dreamr Posted September 6, 2010 Author ID:310320 Share Posted September 6, 2010 I'm really sorry about all the threads! I got a "connection reset" error every time I tried to post and when I would refresh the forum, none of them were there. Until now. *sigh*I really hope someone can help.Please delete all of the extra threads, including this one. Link to post Share on other sites More sharing options...
Maurice Naggar Posted September 9, 2010 ID:311357 Share Posted September 9, 2010 You have been helped by JSntgRvr in topic http://forums.malwarebytes.org/index.php?showtopic=62157This topic is now closed. Link to post Share on other sites More sharing options...
Recommended Posts