Some sort of malware

[DMin]

I have no idea what is really going on, but starting 2-3days ago I started to get google redirections and svchost.exe took up massive amounts of cpu so I used Malwarebytes and AVG. Those two deleted a ton of viruses and svchost.exe stopped acting up, but yesterday Malwarebytes started to block a lot of IPs (by a lot I mean the little bubble never stopped popping up). I really have no idea what's up so I decided to get some help.

DDS (Ver_10-12-12.02) - NTFSx86

Run by Administrator at 21:50:56.70 on Mon 02/07/2011

Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_20

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1041 [GMT -5:00]

AV: AVG Internet Security 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FW: AVG Firewall *Enabled*

============== Running Processes ===============

C:PROGRA~1AVGAVG10avgchsvx.exe

C:WINDOWSsystem32svchost -k DcomLaunch

svchost.exe

C:WINDOWSSystem32svchost.exe -k netsvcs

C:WINDOWSsystem32svchost.exe -k WudfServiceGroup

C:Program FilesIntelWirelessBinEvtEng.exe

C:Program FilesIntelWirelessBinS24EvMon.exe

C:Program FilesIntelWirelessBinWLKeeper.exe

svchost.exe

svchost.exe

C:WINDOWSsystem32spoolsv.exe

svchost.exe

C:AppServApacheApache.exe

C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe

C:Program FilesAVGAVG10avgfws.exe

C:AppServApacheApache.exe

C:Program FilesAVGAVG10avgwdsvc.exe

C:Program FilesBonjourmDNSResponder.exe

C:WINDOWSsystem32svchost.exe -k hpdevmgmt

C:Program FilesJavajre6binjqs.exe

C:Program FilesMalwarebytes' Anti-Malwarembamservice.exe

C:Program FilesMcAfeeCommon FrameworkFrameworkService.exe

C:Program FilesAVGAVG10avgam.exe

C:Program FilesAVGAVG10avgnsx.exe

C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE

C:AppServmysqlbinmysqld-nt.exe

C:WINDOWSSystem32svchost.exe -k HPZ12

C:Program FilesDellNICCONFIGSVCNICCONFIGSVC.exe

C:WINDOWSSystem32svchost.exe -k HPZ12

C:Program FilesIntelWirelessBinRegSrvc.exe

c:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe

C:WINDOWSsystem32svchost.exe -k imgsvc

C:Program FilesAVGAVG10Identity ProtectionAgentBinAVGIDSAgent.exe

C:Program FilesAVGAVG10avgcsrvx.exe

C:WINDOWSSystem32svchost.exe -k HTTPFilter

C:WINDOWSExplorer.EXE

C:Program FilesDellQuickSetquickset.exe

C:Program FilesApointApoint.exe

C:WINDOWSstsystra.exe

C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe

C:Program FilesIntelWirelessbinZCfgSvc.exe

C:Program FilesIntelWirelessBinifrmewrk.exe

C:WINDOWSsystem32rundll32.exe

C:Program FilesCommon FilesJavaJava Updatejusched.exe

C:Program FilesCyberLinkPowerDVDDVDLauncher.exe

C:WINDOWSsystem32igfxpers.exe

C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe

C:Program FilesiTunesiTunesHelper.exe

C:Program FilesMcAfeeCommon Frameworkudaterui.exe

C:Program FilesHPHP Software UpdateHPWuSchd2.exe

C:Program FilesDivXDivX UpdateDivXUpdate.exe

C:Program FilesMozilla Firefoxfirefox.exe

C:Program FilesAVGAVG10avgtray.exe

C:Program FilesMalwarebytes' Anti-Malwarembamgui.exe

C:WINDOWSsystem32ctfmon.exe

C:Program FilesSUPERAntiSpywareb6ed1a67-d269-4c3e-a643-99baa3f8d1bd.com

C:Program FilesApointHidFind.exe

C:Program FilesHPDigital Imagingbinhpqtra08.exe

C:Program FilesIntelWirelessBinDot1XCfg.exe

C:WINDOWSsystem32igfxsrvc.exe

C:Program FilesMcAfeeCommon FrameworkMcTray.exe

C:Program FilesApointApntex.exe

C:Program FilesAVGAVG10Identity Protectionagentbinavgidsmonitor.exe

C:Program FilesiPodbiniPodService.exe

C:Program FilesHPDigital ImagingbinhpqSTE08.exe

C:Program FilesHPDigital Imagingbinhpqbam08.exe

C:Program FilesHPDigital Imagingbinhpqgpc01.exe

C:PROGRA~1AVGAVG10avgrsx.exe

C:Program FilesAVGAVG10avgcsrvx.exe

C:WINDOWSexplorer.exe

C:WINDOWSexplorer.exe

C:Program FilesMozilla Firefoxplugin-container.exe

C:Documents and SettingsAdministratorDesktopdds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.bc.edu/bcinfo

uInternet Settings,ProxyOverride = ;<local>;*.local

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:program fileshpdigital imagingsmart web printinghpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:program filescommon filesadobeacrobatactivexAcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:program filesavgavg10avgssie.dll

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:windowssystem32dlaDLASHX_W.DLL

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:program filesmicrosoft officeoffice12GrooveShellExtensions.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:program filesjavajre6binjp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:program filesjavajre6libdeployjqsiejqs_plugin.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:program fileshpdigital imagingsmart web printinghpswp_BHO.dll

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:program fileshpdigital imagingsmart web printinghpswp_bho.dll

uRun: [ctfmon.exe] c:windowssystem32ctfmon.exe

uRun: [Google Update] "c:documents and settingsadministratorlo

Er I'm REALLY sorry about all those topics. When I clicked to create the post it said connection to server timed out and I thought it didn't work. I hope you guys don't think of me as some spamming douche.

[LDTate]

Please don't attach the scan results, use Copy/Paste

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

Please download ATF Cleaner by Atribune.

Download - ATF Cleaner

[LDTate]

Do you still need help with this?

[LDTate]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!