Google Redirect virus

One of my computers is infected with the Google Redirect Virus and I'm unable to run TDSSKiller.exe not matter how I rename the file. I've ran MalwareBytes and that has come up clean. I've also run ESET scanner and that found one item and removed it. I've attached the GMER and DDS logs. Thanks in advance.

.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by ksilence at 12:42:39 on 2011-06-21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1434 [GMT -7:00]
.
AV: Trend Micro Security Agent *Enabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files\Trend Micro\Security Agent\tmlisten.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\acrobat\activex\AcroIEHelper.dll
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - c:\program files\trend micro\amsp\module\20004\1.6.1106\6.6.1045\TmIEPlg.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [Trend Micro Client Framework] "c:\program files\trend micro\uniclient\uifrmwrk\UIWatchDog.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
IE: C&all - c:\program files\cisco systems\unified personal communicator\click to call\add-ins\internet-explorer\en\iecontextmenu-call.htm
IE: Call with &Edit... - c:\program files\cisco systems\unified personal communicator\click to call\add-ins\internet-explorer\en\iecontextmenu-edit-and-call.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: saksfifthavenue.com\www
DPF: {00134F72-5284-44F7-95A8-52A619F70751} - hxxps://kenco01.kencosales.com:4343/officescan/console/ClientInstall/WinNTChk.cab
DPF: {00134F72-5284-44F7-95A8-52A619F70752} - hxxps://kenco07.kencosales.com:4343/officescan/console/ClientInstall/WinNTChk.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} - hxxps://kenco01.kencosales.com:4343/officescan/console/ClientInstall/setup.cab
DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} - hxxps://kenco01.kencosales.com:4343/officescan/console/ClientInstall/RemoveCtrl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1211406976593
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://teamkenco.webex.com/client/T27L/webex/ieatgpc.cab
TCP: DhcpNameServer = 10.0.0.2 10.0.0.10
TCP: Interfaces\{8B5BB685-1C84-44F4-A468-99A3B0B0E10E} : DhcpNameServer = 10.0.0.2 10.0.0.10
TCP: Interfaces\{A400181F-E0DF-4927-9287-FBB056437E62} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{AB14BCA3-CAA0-4AFB-8B99-EFB8496D343C} : DhcpNameServer = 10.0.0.10 10.0.0.2
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\program files\trend micro\amsp\module\20004\1.6.1106\6.6.1045\TmIEPlg.dll
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - c:\program files\trend micro\security agent\uiframework\ProToolbarIMRatingActiveX.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
============= SERVICES / DRIVERS ===============
.
R2 Amsp;Trend Micro Solution Platform;c:\program files\trend micro\amsp\coreServiceShell.exe [2011-6-20 196320]
R2 Ndiscdp;Cisco CDP KMDF NDIS Protocol Driver;c:\windows\system32\drivers\Ndiscdp.sys [2011-6-2 22456]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2011-6-20 65296]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [2008-5-22 88192]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-6-20 366640]
S3 MBAMProtector;MBAMProtector;\??\c:\windows\system32\drivers\mbam.sys --> c:\windows\system32\drivers\mbam.sys [?]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 PTDCWWAN;PANTECH PC Card WWAN Controller device driver;c:\windows\system32\drivers\PTDCWWAN.sys [2010-1-7 114704]
S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\verizo~1\vzacce~1\SMSIVZAM5.SYS [2009-5-25 32408]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2006-2-28 14336]
.
=============== Created Last 30 ================
.
2011-06-21 16:02:08 -------- d-----w- c:\program files\ESET
2011-06-21 15:27:12 -------- d-sha-r- C:\cmdcons
2011-06-21 15:24:55 98816 ----a-w- c:\windows\sed.exe
2011-06-21 15:24:55 518144 ----a-w- c:\windows\SWREG.exe
2011-06-21 15:24:55 256512 ----a-w- c:\windows\PEV.exe
2011-06-21 15:24:55 208896 ----a-w- c:\windows\MBR.exe
2011-06-20 22:16:19 92112 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2011-06-20 22:16:13 81168 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2011-06-20 22:16:13 65296 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2011-06-20 22:16:13 190736 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-06-20 21:48:09 -------- d-----w- c:\windows\pss
2011-06-20 20:17:57 -------- d-----w- c:\documents and settings\ksilence\application data\Malwarebytes
2011-06-20 20:17:50 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-20 20:17:50 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-06-20 20:17:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-06-15 15:52:47 551936 -c----w- c:\windows\system32\dllcache\oleaut32.dll
2011-06-15 15:52:44 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-06-09 16:40:06 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-02 21:05:29 -------- d-----w- c:\documents and settings\ksilence\local settings\application data\Cisco
2011-06-02 21:05:29 -------- d-----w- c:\documents and settings\ksilence\application data\Cisco
2011-06-02 21:04:18 42048 ----a-r- c:\windows\system32\ProtNotify.dll
2011-06-02 21:04:18 22456 ----a-r- c:\windows\system32\drivers\Ndiscdp.sys
2011-06-02 21:04:18 1419232 ----a-r- c:\windows\system32\wdfcoinstaller01005.dll
2011-06-02 21:03:05 -------- d-----w- c:\program files\common files\Cisco Systems
2011-06-02 21:03:05 -------- d-----w- c:\program files\Cisco Systems
2011-06-02 21:01:42 -------- d-----w- c:\documents and settings\ksilence\local settings\application data\Downloaded Installations
2011-05-23 18:13:09 -------- d-----w- c:\documents and settings\ksilence\application data\Catalina Marketing Corp
.
==================== Find3M ====================
.
2011-05-02 15:31:52 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 16:11:12 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:11:11 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:11:11 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01:22 385024 ----a-w- c:\windows\system32\html.iec
2011-04-21 13:37:43 105472 ----a-w- c:\windows\system32\drivers\mup.sys
.
============= FINISH: 12:43:10.13 ===============

Attached File(s)

attach.txt (17.23K)
Number of downloads: 0
ark.txt (10.72K)
Number of downloads: 1

BleepingComputer.com: Google Redirect virus

Forum Guidelines