Google redirect and my 8 step logs

[jlee1085]

Recently my computer just started to redirect me when I clicked on google links, and happened to stumble upon this site. I followed the 8 step process and have attached the following logs. I did have to rename the .exe files for malwarebytes, superantispyware and hijackthis in order for the programs to open. But upon renaming them they opened fine.

Other info, I'm using AVG antivirus. After running superantispyware the first time, it found a trojan (amongst other things). After restarting the computer, I ran it again and the trojan was gone, but registry threats were still detected. I uploaded both logs just in case. Thanks for any help!

 

[touch]

Hello jlee1085

It looks like a rootkit you´ve got there.

Remove/uninstall from " Add/rmove programs " in controlpanel:
Viewpoint
LogitechDesktopMessenger

Reboot.

Please download combofix here -> https://www.techspot.com/downloads/5587-combofix.html

Before Saving it to Desktop, please rename it to something like 123.exe to stop malware from disabling it.

Now, please make sure no other programs are running, close all other windows.

Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall.
It may take a while to complete scanning and this is normal.

You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after
scanning has completed.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post

 

[jlee1085]

Hey touch, thanks for your help!

Here's my log from combofix...should I be rerunning ccleaner, malware, superantispy and hijackthis over again? And if so do you want those logs?

 

[touch]

Open notepad and copy/paste the text in the quotebox below into it:
Name the file as CFScript
and Save it on the desktop

Killall::
Snapshot::
Folder::
c:\program files\Azureus
c:\documents and settings\Jason\Application Data\Azureus
File::
c:\windows\system32\d3d9caps.dat
c:\windows\S2EA9B61E.tmp
c:\docume~1\Jason\LOCALS~1\Temp\idrmkl.sys
Driver::
Idrmkl
cpuz131

http://www.fromsej.saknet.dk/billeder/cfscript.gif

Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post


No need to run ccleaner, malware, superantispy and hijackthis

 

[jlee1085]

Everything seems simple so far, even though I have no idea what's going on You guys are awesome!

Attached the second log from combo fix

 

[touch]

Thank you

The log looks clean. Please attach fresh hijackthis log, and tell how things are running now ?

 

[jlee1085]

Here's the new log from hijackthis. Everything seems to be going pretty smooth, tried going into google and testing out links and I'm no longer being redirected somewhere completely random!

Not really related to my problem, but I've been having spybot-SD on my comp for a while (my brother had installed it on my comp). Is it really necessary now that I have superantispyware? Should I just get rid of spybot now? It doesn't seem to be doing that much, but maybe I just can't see what it's doing?

Again, many thanks! Looks like this did the trick, but I'll wait for the a-ok from you first.