Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Help - go to link that I didn't chose

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Help - go to link that I didn't chose

Unread postby cat4arby » September 15th, 2010, 5:45 pm

I click on a link and there are times that it sends me to something else. I have tried Norton and it quarantines hacktools. PC Pitstop quarantines FraudTool.win32.FakeAV.gen!dropped Data.

Hijack file is as follows:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:10:25 PM, on 09/15/10
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\UBCD4WIN\BARTPE\PROGRAMS\A2FREE\a2service.exe
C:\Program Files\Amazon\Amazon Games & Software

Downloader\AmazonGSDownloaderService.exe
C:\Program Files\Common Files\Apple\Mobile Device

Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CSHelper.exe
C:\Program Files\Common Files\Intuit\Update

Service\IntuitUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccSvcHst.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\RoamMgr.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Switching\User\RoamSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccSvcHst.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
C:\Program Files\ACNielsen\Homescan Internet Transporter\HSTrans.exe
C:\Program Files\Amazon\Amazon Games & Software

Downloader\AmazonGSDownloaderTray.exe
C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Content Manager\CmTray.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PayPal\PayPal Plug-In\RBroker.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://www.madisonmission.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL

= http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant

=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet

Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no

file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -

C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -

C:\Program Files\Norton Security Suite\Engine\4.2.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention -

{6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton

Security Suite\Engine\4.2.0.12\IPSBHO.DLL
O2 - BHO: OToolbarHelper Class -

{EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program

Files\PayPal\PayPal Plug-In\PayPalHelper.dll
O3 - Toolbar: PayPal Plug-In - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511}

- C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}

- C:\Program Files\Norton Security Suite\Engine\4.2.0.12\coIEPlg.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program

Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common

Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NielsenOnline] C:\Program

Files\NetRatingsNetSight\NetSight\NielsenOnline.exe
O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop

Doctor\bin\sprtcmd.exe" /P ddoctorv2
O4 - HKLM\..\Run: [MegaPanel] C:\Program Files\ACNielsen\Homescan

Internet Transporter\HSTrans.exe
O4 - HKLM\..\Run: [AmazonGSDownloaderTray] C:\Program

Files\Amazon\Amazon Games & Software

Downloader\AmazonGSDownloaderTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program

Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program

Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program

Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Magellan CmTray] C:\Program Files\Content

Manager\CmTray.exe
O4 - HKUS\S-1-5-21-329068152-507921405-854245398-1005\..\Run: [MSMSGS]

"C:\Program Files\Messenger\msmsgs.exe" /background (User 'Cee')
O4 - HKUS\S-1-5-21-329068152-507921405-854245398-1005\..\Run:

[ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Cee')
O4 - HKUS\S-1-5-18\..\Run: [hsf87efjhdsf87f3jfsdi7fhsujfd]

C:\WINDOWS\TEMP\smss.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate]

C:\WINDOWS\System32\Macromed\Flash\FlashUtil10d.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [hsf87efjhdsf87f3jfsdi7fhsujfd]

C:\WINDOWS\TEMP\smss.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate]

C:\WINDOWS\System32\Macromed\Flash\FlashUtil10d.exe (User 'Default

user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows

Desktop Search\WindowsSearch.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -

C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583}

- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -

{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683}

- C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility)

- http://www.pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine

Advantage Validation Tool) -

http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2703049B-D81D-4763-A3C6-AF8932FCBD8F}

(CheckFileStatus.UserControl1) -

https://am.hrblock.com/ActivexComponent ... Status.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus

scanner) -

http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} -

http://webiq005.webiqonline.com/WebIQ/D ... dll?Handle

r=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9}
O16 - DPF: {445F47D7-E043-4BD6-82EB-7A1BD0EBA773} (CopyGuardCtrl

Class) - http://www.psapoll.com/CopyGuardIE.cab
O16 - DPF: {555F1BBC-6EC2-474F-84AF-633EF097FF54} (WWHearts Control) -

http://www.worldwinner.com/games/v53/ww ... hearts.cab
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} (BJA Control) -

http://www.worldwinner.com/games/v63/bjattack/bja.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety

Center Base Module) -

http://cdn.scan.onecare.live.com/resour ... lscbase677

0.cab
O16 - DPF: {61900274-3323-4446-BDCD-91548D32AF1B} (SpiderSolitaire

Control) -

http://www.worldwinner.com/games/v56/sp ... olitaire.c

ab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class)

-

http://www.update.microsoft.com/windows ... en/x86/cli

ent/wuweb_site.cab?1232685042092
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI

Utility Class) -

http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} (PCPitstop

AntiVirus) -

http://utilities.pcpitstop.com/Extermin ... iVirus.dll
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} (FreeCell Control) -

http://www.worldwinner.com/games/v41/fr ... eecell.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)

-

http://update.microsoft.com/microsoftup ... /x86/clien

t/muweb_site.cab?1232707064185
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} (Verizon Wireless

Media Upload) -

http://picture.vzw.com/activex/VerizonW ... ontrol.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) -

http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class)

- http://216.148.96.22/Media/VisitorchatENU/TLIEFlash.CAB
O16 - DPF: {A7846ED2-9DE6-4E8A-B116-A8ACEBFA7DB1} (Invoke Solutions

MILiveParticipantPadHelper Control) -

http://rms2.invokesolutions.com/events/ ... MILive.cab
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class)

- http://offers.e-centives.com/cif/downlo ... ctxcab.cab
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} (SwapIt Control) -

http://www.worldwinner.com/games/v67/swapit/swapit.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses

Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner)

- http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D8AA889B-2C65-47C3-8C16-3DCD4EF76A47} (Invoke Solutions

Participant Control(MR)) -

http://online.invokesolutions.com/event ... MILive.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class)

-
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -

http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program

Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH -

C:\UBCD4WIN\BARTPE\PROGRAMS\A2FREE\a2service.exe
O23 - Service: Amazon Download Agent - Amazon.com - C:\Program

Files\Amazon\Amazon Games & Software

Downloader\AmazonGSDownloaderService.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler

(AntiVirScheduler) - Unknown owner - C:\Program Files\Avira\AntiVir

PersonalEdition Classic\sched.exe (file missing)
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard

(AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir

PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program

Files\Common Files\Apple\Mobile Device

Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -

C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program

Files\Bonjour\mDNSResponder.exe
O23 - Service: CopySafe Helper Service (CSHelper) - Unknown owner -

C:\WINDOWS\system32\CSHelper.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc.

- C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision

Corporation - C:\Program Files\Common

Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex

Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: Adapter Switching (IntelRoam) - Intel Corporation -

C:\Program Files\Intel\Switching\User\RoamSvc.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit

Inc. - C:\Program Files\Common Files\Intuit\Update

Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program

Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun

Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton Security Suite (N360) - Symantec Corporation -

C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccSvcHst.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation -

C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NMSAccessU - Unknown owner - D:\WinX DVD Author

5.5\NMSAccessU.exe (file missing)
O23 - Service: PanelSvc - Unknown owner - C:\Program

Files\SurfBoard\PanelApp\PanelSvc.exe
O23 - Service: RegSrvc - Intel Corporation -

C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: RoamMgr - Intel Corporation -

C:\WINDOWS\System32\RoamMgr.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel

Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2)

(sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program

Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. -

C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: SupportSoft Repair Service (providercomcast)

(tgsrvc_providercomcast) - Unknown owner - C:\Program

Files\providerComcast\bin\tgsrvc.exe (file missing)

--
End of file - 13943 bytes


Uninstal file is as follows:

2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
Acrobat.com
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.3.3
Adobe Shockwave Player 11.5
Amazon Games & Software Downloader
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArtistScope Plugin IE 42
ATI Control Panel
ATI Display Driver
Bonjour
Broadcom Driver Installer
CCH Small Firm Services (xulRunner)
CCleaner
Comcast Desktop Software (v1.2.0.9)
Compatibility Pack for the 2007 Office system
ContentManager
Coupon Printer for Windows
Critical Update for Windows Media Player 11 (KB959772)
Dell ResourceCD
Desktop Doctor
FTDI USB Serial Converter Drivers
Google Update Helper
H&R Block Alabama 2009
H&R Block Business 2009 (Remove Only)
H&R Block New York 2009
H&R Block Premium + Efile + State 2009
HijackThis 2.0.2
Homescan Internet Transporter
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel(R) PROSet
InterVideo WinDVD
Invoke Solutions Participant 6.2.0.1452
iPod for Windows 2006-03-23
ISO Recorder
iTunes
J2SE Runtime Environment 5.0 Update 3
Java(TM) 6 Update 19
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Money 2006
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Professional 2007
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Nielsen
Norton Security Suite
PayPal Plug-In
PC Pitstop Exterminate2 2.0
Pdf995
PdfEdit995
Photo Story 3 for Windows
QuickTime
Security Update for 2007 Microsoft Office System (KB2277947)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB2288953)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2251419)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SigmaTel AC97 Audio Drivers
Spelling Dictionaries Support For Adobe Reader 9
StyleEase for APA Style
SUPERAntiSpyware
SupportSoft Assisted Service
SurfBoard Technology Tracking Application
TaxCut Alabama 2007
TaxCut Alabama 2008
TaxCut Premium + State + Efile 2008
TaxCut Premium + State 2007
TurboTax 2008
TurboTax 2008 walpbpm
TurboTax 2008 WinBizFedFormset
TurboTax 2008 WinBizProgramHelp
TurboTax 2008 WinBizReleaseEngine
TurboTax 2008 WinBizTaxSupport
TurboTax 2008 WinBizUserEducation
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wrapper
TurboTax 2008 wrapper
TurboTax Business 2008
UBCD4Win 3.50
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Outlook 2007 Junk Email Filter (kb2291599)
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Windows Internet Explorer 8
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Resource Kit Tools - SubInAcl.exe
Windows Search 4.0
Windows XP Service Pack 3
Word Search Creator 1.0
Yahoo! Messenger

Thanks in advance for your assistance
cat4arby
Regular Member
 
Posts: 16
Joined: January 11th, 2009, 4:22 am

Re: Help - go to link that I didn't chose

Unread postby MWR 3 day Mod » September 19th, 2010, 11:13 pm

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the 72 hour bump room, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MWR 3day Robot
 
Posts: 2519
Joined: April 4th, 2008, 8:40 am

Re: Help - go to link that I didn't chose

Unread postby Airscape » September 20th, 2010, 12:39 pm

Hello and welcome to the forum.
My name is Airscape and I'll be helping you with your malware issues.
The logs can take a while to research. Please be patient with me.

Take note of the following before we begin.

  • Post to this thread only and please stick to it until you are given an All Clean. Absence of symptoms does not mean that your computer is clean.
  • The instructions I give are for This computer only and should not be used on any other pc.
  • Do NOT run any tools/scans unless I instruct you to.
  • Try not to install/uninstall any programs while we work. This will add extra time researching your logs.
  • If you have found assistance elsewhere and no longer require our help, please say so, and this topic will be closed.
  • If you have any problems, please stop and ask before proceeding with any fixes.
  • Copy/paste all logs (text files) I ask for, do not use attachments. Make sure Word Wrap is UNticked in Notepad before posting.
  • ALL USERS OF THIS FORUM MUST READ THIS FIRST

Note: As I'm still in training here at MRU everything I post must be checked by a teacher first. So there may be a slight delay in between posts.

Important:
Please be aware that removing Malware is a hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

In light of this it would be wise for you to back up any important files and folders that you don't want to lose before we start.
User avatar
Airscape
Regular Member
 
Posts: 1858
Joined: November 1st, 2008, 11:06 pm

Re: Help - go to link that I didn't chose

Unread postby Airscape » September 21st, 2010, 4:22 pm

While looking over your log it seems this pc may be used for business purposes (home or work business/company related)... is this true?
User avatar
Airscape
Regular Member
 
Posts: 1858
Joined: November 1st, 2008, 11:06 pm

Re: Help - go to link that I didn't chose

Unread postby cat4arby » September 21st, 2010, 8:59 pm

Yes I do some work at home - is that a problem?
cat4arby
Regular Member
 
Posts: 16
Joined: January 11th, 2009, 4:22 am

Re: Help - go to link that I didn't chose

Unread postby Airscape » September 22nd, 2010, 5:38 pm

Hi cat4arby,

Unfortunately, we cannot help remove malware from a computer, used for business purposes.
Many of these type systems may have specific modifications made..which could be removed or damaged by the tools we use. These altered systems may also hinder our tools, possibly reducing their effectiveness in removing the malware.
An extract taken from the Malware Removal's rules posted at the top of the Malware Removal forum:
Malware Removal Administration wrote:Computers used in a business environment often have policies and other modifications made to them. It is impossible for us to differentiate these from ones that have been made by an infection, so in removing what we think is an infection, we may compromise the business set up of your computer.

The scans we run often reveal information that most businesses would not want exposed in an open forum, and there are other legal constraints and ramifications involved with business machines that we are not equipped or trained to deal with.

We will close any topic where we believe the computer is one that is used in a business environment, irrespective of whether that business is a large company or a small one man enterprise.
For a corporate or multi-computer business:
I strongly advise that you contact your IT department. Make them aware of the problems you are having. If your computer is infected (possibly others as well), your IT department needs to be aware of this, so they can devise a plan to minimize any business impact.
For a single computer used for business purposes:
I would advise your contract an individual or firm to deal with any computer problems.

I notice you have MBAM installed. This is a very effective program and I advise you to update it then run a full scan.
How to use Malwarebytes' Anti-Malware to scan and remove malware from your computer

I'm sorry, that I am not able to offer you more assistance. Thank you, for your understanding in this matter.
I will now ask for this topic to be closed.
User avatar
Airscape
Regular Member
 
Posts: 1858
Joined: November 1st, 2008, 11:06 pm

Re: Help - go to link that I didn't chose

Unread postby muppy03 » September 23rd, 2010, 5:51 am

I see you are posting for help for a "Business" computer.

May I draw your attention to THIS topic, which you should have read before posting for help.

The section Posting for help for business machines explains why we do not offer help for such computers.

This topic is now closed
User avatar
muppy03
MRU Emeritus
MRU Emeritus
 
Posts: 4769
Joined: December 4th, 2007, 5:30 am
Location: Australia


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 40 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware