Scans stopping!

[Mofrojojo]

I'm infected with something that keeps redirecting my internet to fake search sites and displaying fake security alerts... the Defogger tool does not ask me to reboot after it runs; the Malwarebytes scan abruptly stops after less than a minute of scanning; the GMER window appears with a "not responding" symbol in the top left and vanishes just as quickly - no GMER log is available. Attached are the Defogger and Malwarebytes logs as well as both DDS logs.

I'm not exactly your typical IT wiz, I'm just trying to get this...whatever it is...off of my desktop. Tell me if I'm doing anything wrong.

-------------------------------------------------------------------------------

defogger_disable by jpshortstuff (23.02.10.1)

Log created at 15:25 on 13/10/2011 (Administrator)

Checking for autostart values...

HKCU\~\Run values retrieved.

HKLM\~\Run values retrieved.

Checking for services/drivers...

-=E.O.F=-

-------------------------------------------------------------------------------

(mbamprotection-log-2011-10-13)

00:49:14 Administrator MESSAGE IP Protection stopped

00:49:15 Administrator MESSAGE Scheduled update executed successfully

00:50:32 Administrator MESSAGE Database updated successfully

00:50:41 Administrator MESSAGE IP Protection started successfully

16:20:43 (null) MESSAGE Protection started successfully

16:21:33 Administrator MESSAGE IP Protection started successfully

-------------------------------------------------------------------------------

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Administrator at 0:06:31 on 2011-10-12

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.72 [GMT -4:00]

.

AV: Total Protection *Disabled/Outdated* {8C354827-2F54-4E28-90DC-AD391E77808C}

FW: Total Protection *Disabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

C:\WINDOWS\3203397148:3809022017.exe

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\PROGRA~1\McAfee\MANAGE~1\VScan\ENGINE~1.EXE

C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe

C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe

C:\WINDOWS\system32\igfxtray.exe

C:\Program Files\McAfee\MPF\MPFSrv.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\SiteAdvisor\6173\SiteAdv.exe

C:\WINDOWS\SMINST\Scheduler.exe

C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtTry.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\PDF Complete\pdfsvc.exe

C:\Program Files\My Essentials\USB ME1001-USB\Wireless Utility\O-Maxwcui.exe

C:\Program Files\SiteAdvisor\6173\SAService.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

.

============== Pseudo HJT Report ===============

.

uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=all&pf=cmdt

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: H - No File

uWinlogon: Shell=c:\documents and settings\administrator\local settings\application data\1cf6efbe\X

BHO: {089fd14d-132b-48fc-8861-0048ae113215} - c:\program files\siteadvisor\6173\SiteAdv.dll

BHO: SafeOnline BHO: {69d72956-317c-44bd-b369-8e44d4ef9801} - c:\windows\system32\PxSecure.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

TB: McAfee SiteAdvisor: {0bf43445-2f28-4351-9252-17fe6e806aa0} - c:\program files\siteadvisor\6173\SiteAdv.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [PDF Complete] c:\program files\pdf complete\pdfsty.exe

mRun: [setRefresh] c:\program files\compaq\setrefresh\SetRefresh.exe

mRun: [MVS Splash] c:\program files\mcafee\managed virusscan\agent\Splash.exe

mRun: [McAfee Managed Services Tray] c:\program files\mcafee\managed virusscan\agent\StartMyAgtTry.Exe

mRun: [siteAdvisor] c:\program files\siteadvisor\6173\SiteAdv.exe

mRun: [Recguard] c:\windows\sminst\Recguard.exe

mRun: [Reminder] c:\windows\creator\Remind_XP.exe

mRun: [scheduler] c:\windows\sminst\Scheduler.exe

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [realtekc]

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\myesse~1.lnk - c:\program files\my essentials\usb me1001-usb\wireless utility\O-Maxwcui.exe

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

LSP: mswsock.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{230178C4-B6DE-4BAA-B877-5D9893304027} : DhcpNameServer = 192.168.1.1

Handler: myrm - {4D034FC3-013F-4b95-B544-44D49ABE3E76} - c:\program files\mcafee\managed virusscan\agent\myRmProt4.9.0.387.dll

Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - c:\program files\siteadvisor\6173\SiteAdv.dll

Notify: igfxcui - igfxdev.dll

.

============= SERVICES / DRIVERS ===============

.

R0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys [2011-10-10 32008]

R1 FSLX;FSLX;c:\windows\system32\drivers\fslx.sys [2008-7-11 191872]

R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-1-19 205608]

R1 oxpar;%OXPAR.SVCDESC%;c:\windows\system32\drivers\oxpar.sys [2007-1-24 80128]

R1 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys [2011-10-10 76696]

R2 EngineServer;EngineServer;c:\progra~1\mcafee\manage~1\vscan\ENGINE~1.EXE [2009-1-19 13632]

R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\common files\magix services\database\bin\FABS.exe [2009-8-27 1253376]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-8 366152]

R2 McAfee HackerWatch Service;McAfee HackerWatch Service;c:\program files\common files\mcafee\hackerwatch\HWAPI.exe [2009-1-19 540776]

R2 myAgtSvc;McAfee Virus and Spyware Protection Service;c:\program files\mcafee\managed virusscan\agent\myAgtSvc.exe [2009-1-19 202048]

R2 pdfcDispatcher;PDF Document Manager;c:\program files\pdf complete\pdfsvc.exe [2009-1-19 576024]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-8 22216]

R3 OMAWGU(Belkin Corporation);My Essential G USB Adapter(Belkin Corporation);c:\windows\system32\drivers\OMAWGU.sys [2010-10-8 408064]

R3 oxmf;OXPCI Bus enumerator;c:\windows\system32\drivers\oxmf.sys [2007-1-24 21888]

R3 Oxmfuf;Filter driver for OX16PCI95x ports;c:\windows\system32\drivers\oxmfuf.sys [2007-1-24 5888]

R3 oxser;OX16C95x Serial port driver;c:\windows\system32\drivers\oxser.sys [2007-1-24 70784]

R3 pxkbf;pxkbf;c:\windows\system32\drivers\pxkbf.sys [2011-10-10 26096]

S2 CSIScanner;CSIScanner;c:\program files\prevx\prevx.exe [2011-10-10 6416120]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-10 136176]

S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\common files\magix services\database\bin\fbserver.exe [2008-8-7 3276800]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-10-10 136176]

S3 McShield;McShield;c:\progra~1\mcafee\manage~1\vscan\McShield.exe [2009-1-19 144704]

S3 MfeAVFK;McAfee Inc. MfeAVFK;c:\windows\system32\drivers\MfeAVFK.sys [2009-1-19 79560]

S3 MfeBOPK;McAfee Inc. MfeBOPK;c:\windows\system32\drivers\MfeBOPK.sys [2009-1-19 35240]

S3 MfeRKDK;McAfee Inc. MfeRKDK;c:\windows\system32\drivers\MfeRKDK.sys [2009-1-19 34088]

.

=============== Created Last 30 ================

.

2011-10-10 21:31:37 71880 ----a-w- c:\windows\system32\PxSecure.dll

2011-10-10 21:31:36 76696 ----a-w- c:\windows\system32\drivers\pxrts.sys

2011-10-10 21:31:36 32008 ----a-w- c:\windows\system32\drivers\pxscan.sys

2011-10-10 21:31:35 26096 ----a-w- c:\windows\system32\drivers\pxkbf.sys

2011-10-10 21:31:35 -------- d-----w- c:\program files\Prevx

2011-10-10 21:31:26 -------- d-----w- c:\documents and settings\all users\application data\PrevxCSI

2011-10-10 13:56:56 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-10-08 17:53:19 -------- d--h--w- c:\windows\PIF

2011-10-08 17:22:12 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-10-08 03:41:26 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes

2011-10-08 03:41:19 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2011-10-08 03:41:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-10-07 21:21:36 -------- d-----w- C:\_OTM

2011-10-06 00:56:51 -------- d-sh--w- c:\documents and settings\administrator\local settings\application data\1cf6efbe

.

==================== Find3M ====================

.

.

============= FINISH: 0:07:36.15 ===============

defogger_disable.log

mbamprotection-log-2011-10-13.txt

DDSNotes.txt

DDSAttach.txt

[screen317]

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

• When the tool is finished, it will produce a report for you.
  
• Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

[screen317]

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.