Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Google Redirect, Can't Open Malware Removers

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Google Redirect, Can't Open Malware Removers

Unread postby alayna524 » September 13th, 2011, 7:58 pm

I'm going to scream.

I've been dealing with this problem the last three days now, and it's slowly getting worse. Search engines have been redirecting me to ads and malicious content when I click on the results. The first time I removed it with Combofix successfully, but it seems to have come back within a short period of time. Now nothing seems to work, and it won't even let me open the malware removers I download. Combofix, Malwarebytes, Gooredfix, Hijackthis, and many of the other programs I try to run are not working. They usually run fine halfway, then close suddenly. Then when I try to open them again, a window opens that says: Windows cannot access the specified device, path, or file. You may not have the appropriate permission to access the item.

My computer's slowed down quite a bit and there's a little red shield at the bottom right corner that wasn't there before. It's all giving me a pretty big headache and I would appreciate it very much if I could get the help I need.

I was able to get the DDS file, thankfully:

DDS
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_16
Run by Alayna and Andrea 3 at 19:36:10 on 2011-09-13
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1022.583 [GMT -4:00]
.
AV: Doctor Web Anti-Virus *Enabled/Updated* {3454C8F1-ECBC-4180-A6F4-04632FBA762B}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
SVCHOST.EXE
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Tablet\Pen\Pen_TouchService.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
SVCHOST.EXE
SVCHOST.EXE
C:\WINDOWS\4265311023:3498361857.exe
C:\WINDOWS\system32\spoolsv.exe
SVCHOST.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\PROGRA~1\McAfee.com\Agent\mcregwiz.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
c:\program files\mcafee.com\shared\mghtml.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Alayna and Andrea 3\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Alayna and Andrea 3\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Alayna and Andrea 3\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Alayna and Andrea 3\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.dell4me.com/myway
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - c:\program files\yontoo layers runtime\YontooIEClient_2.dll
uRun: [Google Update] "c:\documents and settings\alayna and andrea 3\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [MCUpdateExe] c:\progra~1\mcafee.com\agent\McUpdate.exe
mRun: [MSKAGENTEXE] c:\progra~1\mcafee\spamki~1\MskAgent.exe
mRun: [MCAgentExe] "c:\progra~1\mcafee.com\agent\McAgent.exe"
mRun: [McRegWiz] c:\progra~1\mcafee.com\agent\mcregwiz.exe /autorun
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 68.87.71.230 68.87.73.246
TCP: Interfaces\{FC150519-FDA2-4505-8F4F-E12CFF291CC2} : DhcpNameServer = 68.87.71.230 68.87.73.246
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {6469DA4E-803C-432F-8244-694856608FAA} - rundll32.exe "c:\documents and settings\alayna and andrea 3\application data\remote\yzzc14.dll", UnregisterDll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\alayna and andrea 3\application data\mozilla\firefox\profiles\30kvb48p.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\alayna and andrea 3\local settings\application data\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\tabletplugins\npwacom.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
.
---- FIREFOX POLICIES ----
user_pref(security.warn_viewing_mixed,false);
user_pref(security.warn_viewing_mixed.show_once,false);
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
user_pref(security.warn_submit_insecure,false);
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R2 TabletServicePen;TabletServicePen;c:\program files\tablet\pen\Pen_Tablet.exe [2011-9-5 4869488]
R2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\tablet\pen\Pen_TouchService.exe [2011-9-5 416112]
S2 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\program files\adobe\photoshop elements 3.0\photoshopelementsfileagent.exe --> c:\program files\adobe\photoshop elements 3.0\PhotoshopElementsFileAgent.exe [?]
S2 mcupdmgr.exe;McAfee SecurityCenter Update Manager;c:\progra~1\mcafee.com\agent\mcupdmgr.exe [2004-12-12 249856]
S2 MCVSRte;McAfee.com VirusScan Online Realtime Engine;c:\progra~1\mcafee.com\vso\mcvsrte.exe /embedding --> c:\progra~1\mcafee.com\vso\mcvsrte.exe [?]
S2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;c:\program files\adobe\photoshop elements 3.0\photoshopelementsdeviceconnect.exe --> c:\program files\adobe\photoshop elements 3.0\PhotoshopElementsDeviceConnect.exe [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 McShield;McAfee.com McShield;c:\progra~1\mcafee.com\vso\mcshield.exe [2004-12-12 225375]
S3 NaiFiltr;NaiFiltr;c:\windows\system32\drivers\NaiFiltr.sys [2004-12-12 23296]
S4 PRISMSVC;PRISMSVC;c:\windows\system32\PRISMSVC.exe [2004-12-12 57344]
.
=============== Created Last 30 ================
.
2011-09-13 23:26:38 388096 ----a-r- c:\documents and settings\alayna and andrea 3\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-09-13 23:15:55 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-13 23:15:16 -------- d-----w- c:\documents and settings\alayna and andrea 3\application data\Malwarebytes
2011-09-13 23:14:38 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-13 21:00:18 -------- d-----w- c:\documents and settings\alayna and andrea 3\local settings\application data\Google
2011-09-13 20:56:34 50112 --sha-w- c:\windows\system32\c_75661.nl_
2011-09-12 23:25:15 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-09-12 20:39:14 -------- d-----w- c:\documents and settings\alayna and andrea 3\application data\GetRightToGo
2011-09-12 02:32:51 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-09-12 02:32:51 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2011-09-05 20:22:53 -------- d-----w- c:\documents and settings\alayna and andrea 3\application data\WTablet
2011-09-05 20:22:52 642928 ----a-w- c:\windows\system32\Pen_Touch_Tablet.dll
2011-09-05 20:22:31 11312 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys
2011-09-05 20:22:15 14120 ----a-w- c:\windows\system32\drivers\wacomvhid.sys
2011-09-05 20:22:12 650096 ----a-w- c:\windows\system32\Pen_Tablet.dll
2011-09-05 20:22:12 506736 ----a-w- c:\windows\system32\Wintab32.dll
2011-09-05 20:22:09 -------- d-----w- c:\program files\Tablet
2011-09-05 14:04:50 -------- d-----w- c:\documents and settings\alayna and andrea 3\application data\Remote
2011-09-05 01:28:24 -------- d-----w- c:\program files\Yontoo Layers Runtime
2011-09-05 01:27:08 121856 ----a-w- c:\windows\system32\DOCPRO.dll
.
==================== Find3M ====================
.
2011-09-13 23:03:54 454016 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-09-13 22:31:52 64896 ----a-w- c:\windows\system32\drivers\SERIAL.SYS
2011-09-13 20:55:54 57472 ----a-w- c:\windows\system32\drivers\REDBOOK.SYS
2011-08-13 21:09:56 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
1601-01-01 00:03:28 39424 --sha-w- c:\windows\system32\junefare.dll
1601-01-01 00:03:28 39424 --sha-w- c:\windows\system32\kosuyapu.dll
.
============= FINISH: 19:37:22.62 ===============


ATTACH
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 10/23/2009 2:50:41 PM
System Uptime: 9/13/2011 7:31:33 PM (0 hours ago)
.
Motherboard: Dell Computer Corp. | | 0K5148
Processor: Intel(R) Celeron(R) CPU 2.40GHz | Microprocessor | 2392/400mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 72 GiB total, 52.237 GiB free.
D: is CDROM (CDFS)
E: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: USB Cable Modem
Device ID: USB\VID_077B&PID_08C1\001C108196E3
Manufacturer:
Name: USB Cable Modem
PNP Device ID: USB\VID_077B&PID_08C1\001C108196E3
Service:
.
==== System Restore Points ===================
.
RP463: 6/15/2011 5:55:38 PM - System Checkpoint
RP464: 6/16/2011 7:31:51 PM - System Checkpoint
RP465: 6/16/2011 11:59:27 PM - Software Distribution Service 3.0
RP466: 6/18/2011 10:09:14 AM - System Checkpoint
RP467: 6/19/2011 8:15:48 PM - System Checkpoint
RP468: 6/20/2011 8:44:06 PM - System Checkpoint
RP469: 6/22/2011 5:51:41 PM - System Checkpoint
RP470: 6/23/2011 5:59:30 PM - System Checkpoint
RP471: 6/24/2011 6:07:34 PM - System Checkpoint
RP472: 6/25/2011 6:49:11 PM - System Checkpoint
RP473: 6/26/2011 7:07:38 PM - System Checkpoint
RP474: 6/27/2011 11:43:05 PM - System Checkpoint
RP475: 6/29/2011 2:23:32 PM - System Checkpoint
RP476: 6/30/2011 6:24:38 PM - System Checkpoint
RP477: 7/2/2011 1:04:34 AM - System Checkpoint
RP478: 7/3/2011 2:08:55 PM - System Checkpoint
RP479: 7/5/2011 2:37:35 PM - System Checkpoint
RP480: 7/6/2011 6:22:57 PM - System Checkpoint
RP481: 7/7/2011 6:53:43 PM - System Checkpoint
RP482: 7/9/2011 2:52:44 AM - System Checkpoint
RP483: 7/10/2011 2:53:07 AM - System Checkpoint
RP484: 7/12/2011 5:54:39 PM - System Checkpoint
RP485: 7/13/2011 12:36:02 PM - Software Distribution Service 3.0
RP486: 7/14/2011 12:48:41 PM - System Checkpoint
RP487: 7/15/2011 7:06:29 PM - System Checkpoint
RP488: 7/17/2011 1:57:14 AM - System Checkpoint
RP489: 7/19/2011 1:43:03 AM - System Checkpoint
RP490: 7/20/2011 2:02:36 AM - System Checkpoint
RP491: 7/21/2011 7:28:28 PM - System Checkpoint
RP492: 7/23/2011 6:46:26 AM - System Checkpoint
RP493: 7/25/2011 5:41:34 PM - System Checkpoint
RP494: 7/28/2011 3:43:19 PM - System Checkpoint
RP495: 7/29/2011 5:00:06 PM - System Checkpoint
RP496: 7/31/2011 9:26:52 PM - System Checkpoint
RP497: 8/5/2011 2:59:00 PM - System Checkpoint
RP498: 8/6/2011 2:59:32 PM - System Checkpoint
RP499: 8/8/2011 1:11:17 PM - System Checkpoint
RP500: 8/10/2011 12:47:26 AM - System Checkpoint
RP501: 8/11/2011 1:47:08 AM - Software Distribution Service 3.0
RP502: 8/12/2011 12:11:52 PM - System Checkpoint
RP503: 8/13/2011 4:21:01 PM - System Checkpoint
RP504: 8/14/2011 8:10:23 PM - System Checkpoint
RP505: 8/15/2011 8:39:31 PM - System Checkpoint
RP506: 8/16/2011 9:14:37 PM - System Checkpoint
RP507: 8/17/2011 9:22:36 PM - System Checkpoint
RP508: 8/18/2011 9:56:35 PM - System Checkpoint
RP509: 8/20/2011 2:51:56 PM - System Checkpoint
RP510: 8/21/2011 3:41:44 PM - System Checkpoint
RP511: 8/22/2011 6:09:52 PM - System Checkpoint
RP512: 8/24/2011 4:08:54 PM - System Checkpoint
RP513: 8/25/2011 4:43:12 PM - System Checkpoint
RP514: 8/26/2011 4:57:04 PM - System Checkpoint
RP515: 8/28/2011 2:40:06 PM - System Checkpoint
RP516: 8/29/2011 8:49:32 PM - System Checkpoint
RP517: 9/1/2011 2:55:37 PM - System Checkpoint
RP518: 9/2/2011 4:48:34 PM - System Checkpoint
RP519: 9/3/2011 5:25:15 PM - System Checkpoint
RP520: 9/4/2011 10:03:04 PM - Removed Music Transfer
RP521: 9/4/2011 10:09:16 PM - Removed Music Transfer
RP522: 9/6/2011 12:43:15 PM - System Checkpoint
RP523: 9/7/2011 5:46:53 PM - System Checkpoint
RP524: 9/8/2011 2:16:22 PM - Removed Microsoft Silverlight
RP525: 9/9/2011 6:10:48 PM - System Checkpoint
RP526: 9/10/2011 6:33:18 PM - System Checkpoint
RP527: 9/11/2011 7:37:51 PM - System Checkpoint
RP528: 9/13/2011 3:46:17 PM - OTM Restore Point
RP529: 9/13/2011 3:58:40 PM - OTM Restore Point
RP530: 9/13/2011 4:26:01 PM - OTM Restore Point
RP531: 9/13/2011 5:06:11 PM - Software Distribution Service 3.0
RP532: 9/13/2011 7:26:35 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop Elements 3.0
Adobe Reader 9.3
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bamboo
Banctec Service Agreement
Bonjour
Broadcom Management Programs
Conexant D850 56K V.9x DFVc Modem
Corel Painter Essentials 2
Dell Driver Reset Tool
Dell Media Experience
Dell Media Experience Update
Dell Networking Guide
Dell Support
Digital Line Detect
Epson CreativeZone
Epson Easy Photo Print 2
EPSON NX410 Series Printer Uninstall
EPSON Scan
EPSON Web-To-Page
Google Chrome
HiJackThis
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel(R) Extreme Graphics Driver
Internet Explorer Default Page
iTunes
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) 6 Update 16
JTablet
LiveUpdate 1.90 (Symantec Corporation)
LTCM Client
Malwarebytes' Anti-Malware version 1.51.2.1300
McAfee Security Scan Plus
McAfee SecurityCenter
McAfee SpamKiller
McAfee VirusScan
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft GIF Animator
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Modem Helper
Mozilla Firefox 6.0.2 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
My Way Search Assistant
NetWaiting
nik Color Efex Pro 2.0 GE
PAP 4.0
PAP project files
Primo
QuickTime
RealPlayer Basic
Runtime
Safari
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Sony Picture Utility
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Outlook 2007 Junk Email Filter (KB2553110)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB978506)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB898461)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
USB 2.0 Wireless LAN Card Utility
Viewpoint Media Player
WebFldrs XP
WebTablet IE Plugin
WebTablet Netscape Plugin
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 10
Windows XP Hotfix - KB888310
.
==== Event Viewer Messages From Past Week ========
.
9/8/2011 5:05:27 PM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 8054aab2, parameter3 acc33a34, parameter4 00000000.
9/8/2011 3:31:06 PM, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The system cannot find the file specified.
9/8/2011 3:31:06 PM, error: DCOM [10005] - DCOM got error "%2" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
9/8/2011 2:17:06 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
9/7/2011 5:18:32 PM, error: System Error [1003] - Error code 00000044, parameter1 85d1be70, parameter2 00000d63, parameter3 00000000, parameter4 00000000.
9/13/2011 3:45:28 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
9/13/2011 3:45:27 PM, error: Service Control Manager [7034] - The Wacom Consumer Touch Service service terminated unexpectedly. It has done this 1 time(s).
9/13/2011 3:45:27 PM, error: Service Control Manager [7034] - The TabletServicePen service terminated unexpectedly. It has done this 1 time(s).
9/12/2011 9:00:26 PM, error: Service Control Manager [7023] - The iPod Service service terminated with the following error: Security must be initialized before any interfaces are marshalled or unmarshalled. It cannot be changed once initialized.
9/12/2011 9:00:17 PM, error: System Error [1003] - Error code 1000007f, parameter1 0000000d, parameter2 00000000, parameter3 00000000, parameter4 00000000.
9/12/2011 4:44:03 PM, error: Service Control Manager [7000] - The PC Tools Security Service service failed to start due to the following error: Access is denied.
9/12/2011 4:43:28 PM, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
9/11/2011 10:23:47 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
9/11/2011 10:23:40 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee SpamKiller Server service to connect.
9/11/2011 10:23:40 PM, error: Service Control Manager [7000] - The Photoshop Elements Device Connect service failed to start due to the following error: The system cannot find the file specified.
9/11/2011 10:23:40 PM, error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.
9/11/2011 10:23:40 PM, error: Service Control Manager [7000] - The McAfee.com VirusScan Online Realtime Engine service failed to start due to the following error: The system cannot find the file specified.
9/11/2011 10:23:40 PM, error: Service Control Manager [7000] - The McAfee SpamKiller Server service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/11/2011 10:23:40 PM, error: Service Control Manager [7000] - The Java Quick Starter service failed to start due to the following error: The system cannot find the file specified.
9/11/2011 10:23:40 PM, error: Service Control Manager [7000] - The Bonjour Service service failed to start due to the following error: The system cannot find the file specified.
9/11/2011 10:23:40 PM, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The system cannot find the file specified.
9/11/2011 10:23:40 PM, error: Service Control Manager [7000] - The Adobe Active File Monitor service failed to start due to the following error: The system cannot find the file specified.
9/10/2011 5:29:37 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'REDBOOK.SYS' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
.
==== End Of File ===========================


I hope this has all helped to diagnose the problem. Thank you!
alayna524
Active Member
 
Posts: 2
Joined: September 13th, 2011, 7:41 pm
Advertisement
Register to Remove

Re: Google Redirect, Can't Open Malware Removers

Unread postby MWR 3 day Mod » September 16th, 2011, 11:06 pm

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am

Re: Google Redirect, Can't Open Malware Removers

Unread postby Dakeyras » September 19th, 2011, 7:12 am

Hi,

I have bad news I'm afraid. :(

Apart form the fact your machine does not have the latest Service Pack for XP installed(namely SP3)...

Please read this:-

Attention: Windows XP and Vista Users!

Next:

One or more of the identified infections is the extremely severe Zero Access Rootkit plus undoubtedly other comprising malware!

OK since we are dealing with the aforementioned infection(s) I would be providing your good self with a disservice if I did not make you aware of the ramifications below:

This allows hackers to remotely control your computer, steal critical system information and Download and Execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Although an attempt could be made to clean this machine, it could never be considered to be truly clean, secure, or trustworthy. We could not say definitively that unknown and unseen malware will have been removed, nor will your system be restored to its pre-infection state. We cannot remedy unknown changes the malware may likely have made in order to allow itself access, nor can we repair the damage it may possibly have caused to vital system files. Additionally, it is quite possible that changes made to the system by the malware may impact negatively on your computer during the removal process. In short, your system may never regain its former stability or its full functionality without a reformat. Therefore, your best and safest course of action is a reformat and reinstallation of the Windows Operating System, and that is the course we strongly recommend.

Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

I can attempt to clean this machine(anything I try may not be successful) but I can't guarantee that it will be at all secure afterwords.

Should you have any questions, please feel free to ask.

Please let myself know what you have decided to do in your next post.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: Google Redirect, Can't Open Malware Removers

Unread postby Cypher » September 23rd, 2011, 5:15 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 307 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware