Jump to content

JacksonGT

Members
 View Profile  See their activity

  • Posts

    2

  • Joined

  • Last visited

 Content Type 

Posts posted by JacksonGT

    Please help! Still have Google Redirect Virus!

    in Resolved Malware Removal Logs

    Posted

    I would REALLY appreciate it if someone could help me. I have the google redirect virus and it is driving me insane. I've followed the steps posted on other threads but I still have the stupid thing. I posted previously with no response, but I'm begging now...please, please, before I launch this pc into the parking lot - can someone help me????

    If you need logs or whatever tell me exactly what to cut and paste and I will do it. Please, please, help!!!!

    Google Redirect Virus - Still have it

    in Resolved Malware Removal Logs

    Posted

    Hi! I hope you guys can help. I got the Google Redirect Virus sometime yesterday - I have Vista - I think, and since then I've downloaded and ran both Malwarebytes and the TDSSKiller scan. The first two scans, Malwarebytes found the infected file each time and got rid of it, but the problem persisted. So, I followed instructions to run TDSSKiller, which said I was clean. Each subsequent scan on either program says I'm clean, but still have the problem in Firefox. I'm working off of another PC, but here is my Hijackthis file (warning: I don't know what the heck I'm doing so I'm just going off of what I'm reading in the other posts on this forum. If you need more info, please let me know and I'll provide it asap.):

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 2:05:49 PM, on 11/19/2010

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v8.00 (8.00.6001.18975)

    Boot mode: Normal

    Running processes:

    C:Windowssystem32taskeng.exe

    C:Windowssystem32Dwm.exe

    C:Program FilesIObitAdvanced SystemCare 3AWC.exe

    C:WindowsExplorer.EXE

    C:hpsupporthpsysdrv.exe

    C:hpKBDkbd.exe

    C:WindowsRtHDVCpl.exe

    C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe

    C:Program FilesHPHP Software UpdatehpwuSchd2.exe

    C:WindowsSystem32rundll32.exe

    C:Program FilesScanSoftPaperPortpptd40nt.exe

    C:Program FilesWindows Media Playerwmpnscfg.exe

    C:Windowssystem32wbemunsecapp.exe

    C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe

    C:Program FilesMcAfee.comAgentmcagent.exe

    C:Program FilesiTunesiTunesHelper.exe

    C:Program FilesCommon FilesJavaJava Updatejusched.exe

    C:Program FilesWindows Sidebarsidebar.exe

    C:Windowsehomeehtray.exe

    C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe

    C:Program FilesHewlett-PackardHP AdvisorHPAdvisor.exe

    C:Program FilesMcAfee Security Scan2.0.181SSScheduler.exe

    C:Windowsehomeehmsas.exe

    C:Program FilesMozilla Firefoxfirefox.exe

    C:Program FilesMozilla Firefoxplugin-container.exe

    C:Windowssystem32SearchFilterHost.exe

    C:UsersGinaDownloadsHijackThis.exe

    R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

    R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

    R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =

    R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =

    R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s

    R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local

    R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =

    R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:PROGRA~1mcafeeSITEAD~1mcieplg.dll

    O1 - Hosts: ::1 localhost

    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpnyt.dll

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll

    O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:progra~1mcafeemskmskapbho.dll

    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:Program FilesCommon FilesMcAfeeSystemCoreScriptSn.20101104120244.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll

    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.6.5612.1312swg.dll

    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:PROGRA~1mcafeeSITEAD~1mcieplg.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll

    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll

    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:PROGRA~1mcafeeSITEAD~1mcieplg.dll

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll

    O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide

    O4 - HKLM..Run: [hpsysdrv] c:hpsupporthpsysdrv.exe

    O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE

    O4 - HKLM..Run: [RtHDVCpl] RtHDVCpl.exe

    O4 - HKLM..Run: [symantec PIF AlertEng] "C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe" /a /m "C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}AlertEng.dll"

    O4 - HKLM..Run: [HP Software Update] C:Program FilesHPHP Software UpdateHPWuSchd2.exe

    O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup

    O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit

    O4 - HKLM..Run: [sSBkgdUpdate] "C:Program FilesCommon FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe" -Embedding -boot

    O4 - HKLM..Run: [PaperPort PTD] "C:Program FilesScanSoftPaperPortpptd40nt.exe"

    O4 - HKLM..Run: [indexSearch] "C:Program FilesScanSoftPaperPortIndexSearch.exe"

    O4 - HKLM..Run: [PPort11reminder] "C:Program FilesScanSoftPaperPortEregEreg.exe" -r "C:ProgramDataScanSoftPaperPort11ConfigEregEreg.ini"

    O4 - HKLM..Run: [AppleSyncNotifier] C:Program FilesCommon FilesAppleMobile Device SupportbinAppleSyncNotifier.exe

    O4 - HKLM..Run: [iSUSScheduler] "C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe" -start

    O4 - HKLM..Run: [mcui_exe] "C:Program FilesMcAfee.comAgentmcagent.exe" /runkey

    O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeQTTask.exe" -atboottime

    O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"

    O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 9.0ReaderReader_sl.exe"

    O4 - HKLM..Run: [Adobe ARM] "C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe"

    O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesCommon FilesJavaJava Updatejusched.exe"

    O4 - HKLM..RunOnce: [Launcher] %WINDIR%SMINSTlauncher.exe

    O4 - HKCU..Run: [sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun

    O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe

    O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe

    O4 - HKCU..Run: [swg] "C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe"

    O4 - HKCU..Run: [iSUSPM Startup] C:PROGRA~1COMMON~1INSTAL~1UPDATE~1ISUSPM.exe -startup

    O4 - HKCU..Run: [HPADVISOR] C:Program FilesHewlett-PackardHP AdvisorHPAdvisor.exe view=DOCKVIEW,SYSTRAY

    O4 - HKUSS-1-5-19..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOCAL SERVICE')

    O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

    O4 - HKUSS-1-5-20..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NETWORK SERVICE')

    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?

    O4 - Global Startup: QuickBooks Update Agent.lnk = C:Program FilesCommon FilesIntuitQuickBooksQBUpdateqbupdate.exe

    O8 - Extra context menu item: Google Sidewiki... - res://C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:PROGRA~1mcafeeSITEAD~1mcieplg.dll

    O18 - Protocol: intu-help-qb1 - {9B0F96C7-2E4B-433E-ABF3-043BA1B54AE3} - C:Program FilesIntuitQuickBooks 2008HelpAsyncPluggableProtocol.dll

    O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)

    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:PROGRA~1mcafeeSITEAD~1mcieplg.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:Windowssystem32browseui.dll

    O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe

    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe

    O23 - Service: Bonjour Service - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe

    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:Program FilesCommon FilesSymantec SharedccSvcHst.exe (file missing)

    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe

    O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe

    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:Program FilesCommon FilesLightScribeLSSrvc.exe

    O23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE

    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:Program FilesCommon FilesSymantec SharedccSvcHst.exe (file missing)

    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe

    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:Program FilesMcAfeeSiteAdvisorMcSACore.exe

    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:Program FilesMcAfee Security Scan2.0.181McCHSvc.exe

    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe

    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe

    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe

    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe

    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:Program FilesMcAfeeVirusScanmcods.exe

    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe

    O23 - Service: McShield - McAfee, Inc. - C:Program FilesCommon FilesMcAfeeSystemCoremcshield.exe

    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:Program FilesCommon FilesMcAfeeSystemCoremfefire.exe

    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:Program FilesCommon FilesMcAfeeSystemCoremfevtps.exe

    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe

    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:Windowssystem32nvvsvc.exe

    O23 - Service: QBCFMonitorService - Intuit - C:Program FilesCommon FilesIntuitQuickBooksQBCFMonitorService.exe

    O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:Program FilesCommon FilesIntuitQuickBooksFCSIntuit.QuickBooks.FCS.exe

    O23 - Service: stllssvr - MicroVision Development, Inc. - c:Program FilesCommon FilesSureThing Sharedstllssvr.exe

    O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe

    --

    End of file - 11782 bytes

    Can someone help me??? :)

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.