 Ahh the joy that is google redirection |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Forum Guidelines
Read this topic before posting a log. DO NOT post a ComboFix log unless requested to. Only members of the HijackThis Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
  |
 Jun 29 2009, 11:04 AM
Post
#1
|
|
|
New Member  Group: Members Posts: 4 Joined: 29-June 09 Member No.: 346,562  |
My DDS text C&P below DDS (Ver_09-06-26.01) - NTFSx86 Run by Trevor at 16:44:34.46 on 29/06/2009 Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_14 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1354 [GMT 1:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Creative\Shared Files\CTDevSrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Kontiki\KService.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe C:\Program Files\BT Broadband Desktop Help\btbb_wcm\McciTrayApp.exe C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\BT Office Communicator\BTAgile.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\PROGRA~1\Yahoo!\browser\ycommon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Steam\Steam.exe C:\Documents and Settings\Trevor\Desktop\dds.pif ============== Pseudo HJT Report =============== uSearch Bar = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mSearch Bar = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html uInternet Settings,ProxyOverride = 127.0.0.1 uSearchURL,(Default) = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/ uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\progra~1\yahoo!\common\yiesrvc.dll BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe" uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe" uRun: [AdobeBridge] uRun: [msnmsgr] "c:\program files\msn messenger\msnmsgr.exe" /background uRun: [CTZDetec.exe] c:\program files\creative\creative media lite\CTZDetec.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [BTAgile] c:\program files\bt office communicator\BTAgile.exe mRun: [mxomssmenu] "c:\program files\maxtor\onetouch status\maxmenumgr.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [SoundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray mRun: [MediaFace Integration] c:\program files\fellowes\mediaface 4.0\SetHook.exe mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe" mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [NBKeyScan] "c:\program files\nero\nero 7\nero backitup\NBKeyScan.exe" mRun: [btbb_wcm_McciTrayApp] c:\program files\bt broadband desktop help\btbb_wcm\McciTrayApp.exe mRun: [btbb_McciTrayApp] "c:\program files\bt broadband desktop help\btbb\BTHelpNotifier.exe" mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL Trusted Zone: motive.com\pbttbc.bt DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab DPF: {5A9D4578-6649-4692-921B-ACA9ADAB007C} - hxxp://video.ufc.com/cabfiles/UFC_DLManager_3_6_0_19.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220403111062 DPF: {644F656A-013E-4198-BE03-1D7A4F6AB550} - hxxps://www.promapserver.co.uk/controls/latest/promap.cab DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} - hxxps://www.mybt.bt.com/dana-cached/setup/JuniperSetupSP1.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://www.creative.com/softwareupdate/su/ocx/15106/CTPID.cab TCP: NameServer = 85.255.112.153,85.255.112.92 TCP: {FEFF7F95-2F19-405D-9BB9-106348B6C557} = 85.255.112.153,85.255.112.92 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Notify: avgrsstarter - avgrsstx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\trevor\applic~1\mozilla\firefox\profiles\1qq7pr52.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com FF - component: c:\documents and settings\trevor\application data\mozilla\firefox\profiles\1qq7pr52.default\extensions\piclens@cooliris.com\components\coolirisstub.dll FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll FF - plugin: c:\program files\mozilla firefox\plugins\NPEyeCheck.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- FF - user.js: general.useragent.extra.zencast - Creative ZENcast v1.02.08); user_pref(general.useragent.extra.zencast, Creative ZENcast v2.01.01 ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-5-8 327688] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-5-8 27784] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-5-8 108552] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-5-8 298776] R2 Maxtor Sync Service;Maxtor Service;c:\program files\maxtor\sync\SyncServices.exe [2008-7-21 193888] S3 RDPDISPM;RDPDISPM;c:\windows\system32\drivers\rdpdispm.sys [2008-9-6 12288] S3 RDPVDD;RDPVDD;c:\windows\system32\drivers\rdpvmp.sys [2008-9-6 22656] S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2008-10-27 89256] S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2008-10-27 15016] S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2008-10-27 120744] S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2008-10-27 114216] S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2008-10-27 25512] S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2008-10-27 110632] S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2008-10-27 115752] =============== Created Last 30 ================ 2009-06-29 16:44 <DIR> --d-h--- c:\windows\PIF 2009-06-29 12:53 <DIR> --d----- c:\docume~1\trevor\applic~1\Juniper Networks 2009-06-14 18:22 <DIR> --d----- c:\documents and settings\all users\AdobeTemp 2009-06-11 11:30 3,247 a------- c:\windows\system32\wbem\Outlook_01c9ea7fa4431258.mof 2009-06-06 18:04 <DIR> --d----- c:\docume~1\trevor\applic~1\Flickr 2009-06-06 18:03 <DIR> --d----- c:\program files\Flickr Uploadr 2009-05-30 22:07 19,207 a------- c:\windows\system32\nvdisp.nvu ==================== Find3M ==================== 2009-06-26 09:37 327,688 a------- c:\windows\system32\drivers\avgldx86.sys 2009-06-26 09:37 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-05-21 11:33 410,984 a------- c:\windows\system32\deploytk.dll 2009-05-08 12:07 108,552 a------- c:\windows\system32\drivers\avgtdix.sys 2009-05-07 16:32 345,600 a------- c:\windows\system32\localspl.dll 2009-05-03 14:23 641,021 a------- c:\windows\unins000.exe 2009-05-03 14:23 1,667 a------- c:\windows\unins000.dat 2009-05-01 00:31 1,657,376 a------- c:\windows\system32\nwiz.exe 2009-05-01 00:31 449,056 a------- c:\windows\system32\nvappbar.exe 2009-05-01 00:31 436,768 a------- c:\windows\system32\keystone.exe 2009-05-01 00:31 1,724,416 a------- c:\windows\system32\nvwdmcpl.dll 2009-05-01 00:31 1,507,328 a------- c:\windows\system32\nview.dll 2009-05-01 00:31 1,101,824 a------- c:\windows\system32\nvwimg.dll 2009-05-01 00:31 466,944 a------- c:\windows\system32\nvshell.dll 2009-04-30 22:02 9,994,240 a------- c:\windows\system32\nvoglnt.dll 2009-04-30 22:02 8,055,584 a------- c:\windows\system32\drivers\nv4_mini.sys 2009-04-30 22:02 5,896,320 a------- c:\windows\system32\nv4_disp.dll 2009-04-30 22:02 1,720,320 a------- c:\windows\system32\nvcuda.dll 2009-04-30 22:02 1,579,630 a------- c:\windows\system32\nvdata.bin 2009-04-30 22:02 1,314,816 a------- c:\windows\system32\nvcuvenc.dll 2009-04-30 22:02 806,912 a------- c:\windows\system32\nvapi.dll 2009-04-30 22:02 663,552 a------- c:\windows\system32\nvcuvid.dll 2009-04-30 22:02 457,248 a------- c:\windows\system32\nvudisp.exe 2009-04-30 22:02 143,360 a------- c:\windows\system32\nvcodins.dll 2009-04-30 22:02 143,360 a------- c:\windows\system32\nvcod.dll 2009-04-29 05:56 827,392 a------- c:\windows\system32\wininet.dll 2009-04-29 05:55 78,336 a------- c:\windows\system32\ieencode.dll 2009-04-27 00:42 457,248 a------- c:\windows\system32\NVUNINST.EXE 2009-04-22 00:20 14,311,680 a------- c:\windows\system32\xlive.dll 2009-04-22 00:20 13,642,496 a------- c:\windows\system32\xlivefnt.dll 2009-04-17 13:26 1,847,168 a------- c:\windows\system32\win32k.sys 2009-04-15 15:51 585,216 a------- c:\windows\system32\rpcrt4.dll 2009-04-03 12:39 70,936 a------- c:\windows\system32\PhysXLoader.dll 2008-12-14 16:05 61,480 a------- c:\documents and settings\trevor\GoToAssistDownloadHelper.exe 2008-03-09 08:25 236 a---h--- c:\program files\common files\dx.reg 2008-09-05 09:21 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090520080906\index.dat ============= FINISH: 16:45:02.92 =============== This post has been edited by 6F2: Jun 29 2009, 11:07 AM
Attached File(s)
|
 |
 
|
|
Jul 1 2009, 10:51 PM
Post
#2
|
|
 malware expert Group: HJT Team Posts: 14,730 Joined: 8-January 05 From: Vancouver (not BC) WA (Not DC) USA Member No.: 9,026 |
Hello 6F2,
Please uninstall Java™ 6 Update 7, as that is ancient version and attracts malware. ************* Download Security Check by screen317 from here or here. Save it to your Desktop. Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt. Please post the contents of that document. ************* Please download Malwarebytes' Anti-Malware from one of these places: http://download.cnet.com/Malwarebytes-Anti...&tag=button http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.html http://www.besttechie.net/mbam/mbam-setup.exe Double Click mbam-setup.exe to install the application. * Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select "Perform Full Scan", then click Scan. * The scan may take some time to finish,so please be patient. * When the scan is complete, click OK, then Show Results to view the results. * Make sure that everything is checked, and click Remove Selected. * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) * The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. * Copy&Paste the entire MBAM report (even if it does not find anything) in your next reply along with a fresh HijackThis log. Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. This post has been edited by SifuMike: Jul 11 2009, 07:09 PM -------------------- If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!  Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum. |
|
|
|
|
Jul 11 2009, 06:29 PM
Post
#3
|
|
|
New Member Group: Members Posts: 4 Joined: 29-June 09 Member No.: 346,562 |
Hmmm have tried a few times both normal and in safe and whilst it will install Anti-malaware it won't run the software. Have d'loadd more than once and it's deffo not corrupt just won't run once installed??
|
|
|
|
|
Jul 11 2009, 07:01 PM
Post
#4
|
|
|
malware expert Group: HJT Team Posts: 14,730 Joined: 8-January 05 From: Vancouver (not BC) WA (Not DC) USA Member No.: 9,026 |
Hi 6F2
Malwarebytes runs best in Normal Mode, not Safe Mode. If MBAM will not run, go to the program directory of MBAM (e.g. C:\Program FIles\Malwarebytes Antimalware\) then rename mbam.exe to newtool2.exe, double click newtool2.exe to proceed in running a Full scan. Post the log after it completes. This post has been edited by SifuMike: Jul 11 2009, 07:10 PM -------------------- If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you! Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum. |
|
|
|
|
Jul 11 2009, 07:32 PM
Post
#5
|
|
|
New Member Group: Members Posts: 4 Joined: 29-June 09 Member No.: 346,562 |
I cleaned with cc and combofix and have reinstalled mbam and we have it running so will perform full scan and report back in !
|
|
|
|
|
Jul 11 2009, 08:12 PM
Post
#6
|
|
|
malware expert Group: HJT Team Posts: 14,730 Joined: 8-January 05 From: Vancouver (not BC) WA (Not DC) USA Member No.: 9,026 |
Who told you to run ComboFix????  You should NOT use Combofix unless you have been instructed to do so by a Malware Removal Expert. It is intended by its creator to be used under the guidance and supervision of an Malware Removal Expert, not for private use. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Please read Combofix's Disclaimer. -------------------- If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you! Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum. |
|
|
|
|
Jul 12 2009, 03:35 AM
Post
#7
|
|
|
New Member Group: Members Posts: 4 Joined: 29-June 09 Member No.: 346,562 |
It/cc cleaner cleared the way for anti-malware to run smoothly and an overnight scan revealed 2 entries for dns hijackers and a trojan, cleaned rebooted and rescanned this am and all clear with google no longer being poached.
Have to say this particular piece of crappy hijack software not only did it's job but the blocking of sites (and apparently) certain named installs is all rather clever/a lot of effort by someone to be a pain in the arse and redirect. |
|
|
|
|
Jul 12 2009, 12:05 PM
Post
#8
|
|
|
malware expert Group: HJT Team Posts: 14,730 Joined: 8-January 05 From: Vancouver (not BC) WA (Not DC) USA Member No.: 9,026 |
Since your problem appears to be resolved, this thread will now be closed. -------------------- If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you! Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum. |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 22nd November 2009 - 12:46 AM |
© 2003-2009 All Rights Reserved Bleeping Computer LLC.