Hi! I hope you guys can help. I got the Google Redirect Virus sometime yesterday - I have Vista - I think, and since then I've downloaded and ran both Malwarebytes and the TDSSKiller scan. The first two scans, Malwarebytes found the infected file each time and got rid of it, but the problem persisted. So, I followed instructions to run TDSSKiller, which said I was clean. Each subsequent scan on either program says I'm clean, but still have the problem in Firefox. I'm working off of another PC, but here is my Hijackthis file (warning: I don't know what the heck I'm doing so I'm just going off of what I'm reading in the other posts on this forum. If you need more info, please let me know and I'll provide it asap.): Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 2:05:49 PM, on 11/19/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18975) Boot mode: Normal Running processes: C:Windowssystem32taskeng.exe C:Windowssystem32Dwm.exe C:Program FilesIObitAdvanced SystemCare 3AWC.exe C:WindowsExplorer.EXE C:hpsupporthpsysdrv.exe C:hpKBDkbd.exe C:WindowsRtHDVCpl.exe C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe C:Program FilesHPHP Software UpdatehpwuSchd2.exe C:WindowsSystem32rundll32.exe C:Program FilesScanSoftPaperPortpptd40nt.exe C:Program FilesWindows Media Playerwmpnscfg.exe C:Windowssystem32wbemunsecapp.exe C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe C:Program FilesMcAfee.comAgentmcagent.exe C:Program FilesiTunesiTunesHelper.exe C:Program FilesCommon FilesJavaJava Updatejusched.exe C:Program FilesWindows Sidebarsidebar.exe C:Windowsehomeehtray.exe C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe C:Program FilesHewlett-PackardHP AdvisorHPAdvisor.exe C:Program FilesMcAfee Security Scan2.0.181SSScheduler.exe C:Windowsehomeehmsas.exe C:Program FilesMozilla Firefoxfirefox.exe C:Program FilesMozilla Firefoxplugin-container.exe C:Windowssystem32SearchFilterHost.exe C:UsersGinaDownloadsHijackThis.exe R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:PROGRA~1mcafeeSITEAD~1mcieplg.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpnyt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:progra~1mcafeemskmskapbho.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:Program FilesCommon FilesMcAfeeSystemCoreScriptSn.20101104120244.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.6.5612.1312swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:PROGRA~1mcafeeSITEAD~1mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:PROGRA~1mcafeeSITEAD~1mcieplg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide O4 - HKLM..Run: [hpsysdrv] c:hpsupporthpsysdrv.exe O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE O4 - HKLM..Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM..Run: [symantec PIF AlertEng] "C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe" /a /m "C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}AlertEng.dll" O4 - HKLM..Run: [HP Software Update] C:Program FilesHPHP Software UpdateHPWuSchd2.exe O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit O4 - HKLM..Run: [sSBkgdUpdate] "C:Program FilesCommon FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe" -Embedding -boot O4 - HKLM..Run: [PaperPort PTD] "C:Program FilesScanSoftPaperPortpptd40nt.exe" O4 - HKLM..Run: [indexSearch] "C:Program FilesScanSoftPaperPortIndexSearch.exe" O4 - HKLM..Run: [PPort11reminder] "C:Program FilesScanSoftPaperPortEregEreg.exe" -r "C:ProgramDataScanSoftPaperPort11ConfigEregEreg.ini" O4 - HKLM..Run: [AppleSyncNotifier] C:Program FilesCommon FilesAppleMobile Device SupportbinAppleSyncNotifier.exe O4 - HKLM..Run: [iSUSScheduler] "C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe" -start O4 - HKLM..Run: [mcui_exe] "C:Program FilesMcAfee.comAgentmcagent.exe" /runkey O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeQTTask.exe" -atboottime O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe" O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 9.0ReaderReader_sl.exe" O4 - HKLM..Run: [Adobe ARM] "C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe" O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesCommon FilesJavaJava Updatejusched.exe" O4 - HKLM..RunOnce: [Launcher] %WINDIR%SMINSTlauncher.exe O4 - HKCU..Run: [sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe O4 - HKCU..Run: [swg] "C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe" O4 - HKCU..Run: [iSUSPM Startup] C:PROGRA~1COMMON~1INSTAL~1UPDATE~1ISUSPM.exe -startup O4 - HKCU..Run: [HPADVISOR] C:Program FilesHewlett-PackardHP AdvisorHPAdvisor.exe view=DOCKVIEW,SYSTRAY O4 - HKUSS-1-5-19..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUSS-1-5-20..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O4 - Global Startup: QuickBooks Update Agent.lnk = C:Program FilesCommon FilesIntuitQuickBooksQBUpdateqbupdate.exe O8 - Extra context menu item: Google Sidewiki... - res://C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:PROGRA~1mcafeeSITEAD~1mcieplg.dll O18 - Protocol: intu-help-qb1 - {9B0F96C7-2E4B-433E-ABF3-043BA1B54AE3} - C:Program FilesIntuitQuickBooks 2008HelpAsyncPluggableProtocol.dll O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:PROGRA~1mcafeeSITEAD~1mcieplg.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:Windowssystem32browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:Program FilesCommon FilesSymantec SharedccSvcHst.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:Program FilesCommon FilesLightScribeLSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:Program FilesCommon FilesSymantec SharedccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:Program FilesMcAfeeSiteAdvisorMcSACore.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:Program FilesMcAfee Security Scan2.0.181McCHSvc.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:Program FilesMcAfeeVirusScanmcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe O23 - Service: McShield - McAfee, Inc. - C:Program FilesCommon FilesMcAfeeSystemCoremcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:Program FilesCommon FilesMcAfeeSystemCoremfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:Program FilesCommon FilesMcAfeeSystemCoremfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:Windowssystem32nvvsvc.exe O23 - Service: QBCFMonitorService - Intuit - C:Program FilesCommon FilesIntuitQuickBooksQBCFMonitorService.exe O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:Program FilesCommon FilesIntuitQuickBooksFCSIntuit.QuickBooks.FCS.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:Program FilesCommon FilesSureThing Sharedstllssvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe -- End of file - 11782 bytes Can someone help me???
