Google Redirects

[neal246]

Hi!...Having some problems with google redirects. I have run MBAM and am still having the problem, any help you could give would be appreciated. MBAM and DDS Logs

Malwarebytes Anti-Malware (Trial) 1.60.0.1800

www.malwarebytes.org

Database version: v2012.01.11.06

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 9.0.8112.16421

Neal :: NEAL-PC [administrator]

Protection: Enabled

1/11/2012 2:50:26 PM

mbam-log-2012-01-11 (14-50-26).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 429354

Time elapsed: 39 minute(s), 9 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421

Run by Neal at 15:42:47 on 2012-01-11

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2812.1054 [GMT -7:00]

.

AV: avast! antivirus *Enabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}

SP: avast! antivirus *Enabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\system32\atiesrxx.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\atieclxx.exe

C:\Program Files\Sandboxie\SbieSvc.exe

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\Program Files\TOSHIBA\TECO\TecoService.exe

C:\Users\Neal\AppData\Local\TVersity\Media Server\MediaServer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\windows\system32\SearchIndexer.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

C:\Program Files\TOSHIBA\TECO\TEco.exe

C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\PdaNet for Android\PdaNetPC.exe

C:\windows\system32\taskeng.exe

C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\windows\System32\ping.exe

C:\windows\system32\conhost.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

mDefault_Page_URL = hxxp://www.yahoo.com

mStart Page = hxxp://www.yahoo.com

uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\prxtbVuz0.dll

uURLSearchHooks: H - No File

uURLSearchHooks: H - No File

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\mif5ba~1\office14\URLREDIR.DLL

BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\prxtbVuz0.dll

BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: @c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll

TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\prxtbVuz0.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {BDE6F3A2-2CE8-4430-94E0-CD4CE39EEB0D} - No File

uRun: [MyTOSHIBA] "c:\program files\toshiba\my toshiba\MyToshiba.exe" /AUTO

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet

uRun: [search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [Google Update] "c:\users\neal\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [sandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe

mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

mRun: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe

mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe

mRun: [ToshibaServiceStation] "c:\program files\toshiba\toshiba service station\ToshibaServiceStation.exe" /hide:60

mRun: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe

mRun: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r

mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe

mRun: [NortonOnlineBackupReminder] "c:\program files\toshiba\toshiba online backup\activation\TobuActivation.exe" UNATTENDED

mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe"

mRun: [masqform.exe] c:\program files\pureedge\viewer 6.5\masqform.exe -RunOnce

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [bing Bar] "c:\program files\msn toolbar\platform\5.0.1449.0\mswinext.exe"

mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume

mRun: [NetFxUpdate_v1.1.4322] "c:\windows\microsoft.net\framework\v1.1.4322\netfxupdate.exe" 1 v1.1.4322 GAC + NI NID

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil11c_ActiveX.exe -update activex

StartupFolder: c:\users\neal\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\neal\appdata\roaming\dropbox\bin\Dropbox.exe

StartupFolder: c:\users\neal\appdata\roaming\micros~1\windows\startm~1\programs\startup\pdanet~1.lnk - c:\program files\pdanet for android\PdaNetPC.exe

uPolicies-explorer: HideSCAHealth = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

LSP: mswsock.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab

DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} - hxxp://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab

DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab

TCP: DhcpNameServer = 10.10.1.1

TCP: Interfaces\{4AC3AED1-42DF-456B-B413-8B506665CD35} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{F123A943-0CED-4987-B703-C39525EB14C6} : DhcpNameServer = 10.10.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\ievony\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - c:\program files\toshiba\my toshiba\MyToshiba.exe /SETUP

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\neal\appdata\roaming\mozilla\firefox\profiles\tlg3yo8q.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3106518&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Tucows Downloads Customized Web Search

FF - prefs.js: browser.startup.homepage - about:home

FF - plugin: c:\progra~1\mif5ba~1\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll

FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\neal\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll

.

============= SERVICES / DRIVERS ===============

.

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2009-6-19 12920]

R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2009-12-2 7680]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-8-18 20464]

R3 pnetmdm;PdaNet Modem;c:\windows\system32\drivers\pnetmdm.sys [2009-12-31 9472]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-12-2 187392]

R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2011-11-23 131856]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]

S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\androidusb.sys [2009-12-31 31312]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-12-2 171520]

S3 SCR3XX2K;SCR3xx USB SmartCardReader;c:\windows\system32\drivers\SCR3XX2K.sys [2010-1-6 57856]

S3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\drivers\tapoas.sys [2011-8-19 26112]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-20 52224]

S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-13 17920]

.

=============== Created Last 30 ================

.

2012-01-11 01:54:59 -------- d-----w- c:\users\neal\appdata\local\{4851499F-3841-4687-9B4A-B2062E3BB98A}

2012-01-11 01:54:49 -------- d-----w- c:\users\neal\appdata\local\{662458D7-B2E1-4BF9-8AC3-63D2FC500F48}

2012-01-09 16:35:40 -------- d-----w- c:\users\neal\appdata\local\{7718C27D-9A3A-4DF8-B1BC-8C57F24F22C9}

2012-01-09 16:35:28 -------- d-----w- c:\users\neal\appdata\local\{37C2E265-2520-4B1C-950A-7535E4D290F2}

2012-01-08 18:37:31 626688 ----a-w- c:\program files\mozilla firefox\msvcr80.dll

2012-01-08 18:37:31 548864 ----a-w- c:\program files\mozilla firefox\msvcp80.dll

2012-01-08 18:37:31 479232 ----a-w- c:\program files\mozilla firefox\msvcm80.dll

2012-01-08 18:37:31 43992 ----a-w- c:\program files\mozilla firefox\mozutils.dll

2012-01-06 16:31:53 -------- d-----w- c:\users\neal\appdata\local\{74E097F6-F601-4126-B2C3-FFD59E8BFC95}

2012-01-06 16:31:41 -------- d-----w- c:\users\neal\appdata\local\{2F37DCF8-9A1B-49A3-BA18-8EF8B3CD9E9E}

2012-01-05 00:41:07 -------- d-----r- C:\Sandbox

2012-01-05 00:17:21 -------- d-----w- c:\program files\Sandboxie

2012-01-04 23:51:34 -------- d-----w- c:\users\neal\appdata\local\{FB53A7A4-09A6-40AC-8C04-7280B4125E17}

2012-01-04 23:51:23 -------- d-----w- c:\users\neal\appdata\local\{4F6BEE07-0824-4A57-888B-885ABD75EB1A}

2012-01-04 23:27:19 -------- d-----w- c:\users\neal\appdata\local\{FEEF7D04-97F4-49B0-92DE-C1886E1C86ED}

2012-01-04 23:21:54 -------- d-----w- c:\users\neal\appdata\local\{59A17242-4B79-47C4-9E93-0BCA156FB863}

2012-01-04 01:29:32 -------- d-----w- c:\users\neal\appdata\local\{E817A480-F108-4109-9DC9-5E65EBC7722B}

2012-01-02 21:03:51 -------- d-----w- c:\users\neal\appdata\local\{FC44B027-B734-45BA-9741-27F27E216DBA}

2012-01-02 21:03:37 -------- d-----w- c:\users\neal\appdata\local\{6BB4AF14-9C8A-447F-BA03-1BD5F420209D}

2012-01-01 21:02:34 -------- d-----w- c:\users\neal\appdata\local\{3F014913-C28D-401A-B1BE-11D82CD1FA71}

2011-12-30 16:41:19 -------- d-----w- c:\users\neal\appdata\local\{B9709139-E5EA-4015-B847-BF5F8AACF993}

2011-12-30 04:40:41 -------- d-----w- c:\users\neal\appdata\local\{82078CD4-FD07-488E-9204-3277EBF0E4E5}

2011-12-29 16:40:04 -------- d-----w- c:\users\neal\appdata\local\{13C9FFED-EAF7-457C-BBCB-5AEFC4872FAF}

2011-12-29 03:05:12 -------- d-----w- c:\users\neal\appdata\local\{70E01D46-520B-4B00-84A8-E9397352F926}

2011-12-28 02:22:01 -------- d-----w- c:\users\neal\appdata\local\{9AB98165-9277-41C1-9894-1E25D47FF5AB}

2011-12-28 02:21:46 -------- d-----w- c:\users\neal\appdata\local\{954D5742-B3B8-4C20-9EEA-5ACB8A729B49}

2011-12-26 16:52:37 -------- d-----w- c:\users\neal\appdata\local\{5EEAD516-15A8-4458-9D99-B7FA0180039F}

2011-12-26 16:52:24 -------- d-----w- c:\users\neal\appdata\local\{15BC3E23-5D38-4F2D-8910-15C385773A7B}

2011-12-25 16:12:45 -------- d-----w- c:\users\neal\appdata\local\{BBEC6F7C-AAC6-41AA-8ED6-37F0F6B0446F}

2011-12-25 04:12:09 -------- d-----w- c:\users\neal\appdata\local\{F1080EA5-EEB6-478B-9314-7974FB5974BF}

2011-12-24 16:11:29 -------- d-----w- c:\users\neal\appdata\local\{A06A0661-0D16-4B43-A8DB-8F513FC34C3A}

2011-12-24 16:11:14 -------- d-----w- c:\users\neal\appdata\local\{75E53447-E19F-4916-B50B-F446AFCFB14C}

2011-12-24 01:03:33 -------- d-----w- c:\users\neal\appdata\local\{07D7DB6B-2585-427A-9B74-2399A0D9BE68}

2011-12-23 01:51:51 -------- d-----w- c:\users\neal\appdata\local\{4F03386B-F9E3-4412-9396-380ACAA45AF9}

2011-12-23 01:51:30 -------- d-----w- c:\users\neal\appdata\local\{EABA7FB4-59D6-473B-80D3-293D78960F0F}

2011-12-20 00:32:13 -------- d-----w- c:\users\neal\appdata\local\{8D3AC6ED-DCB9-4872-B8B0-D9B2D9B6CBB5}

2011-12-20 00:31:50 -------- d-----w- c:\users\neal\appdata\local\{CA79BB85-40AC-4572-8BD6-720D1BEEB8AC}

2011-12-19 02:33:47 -------- d-----w- c:\users\neal\appdata\local\{72686A22-92D5-4673-8892-CE66713FC0E9}

2011-12-15 22:02:44 -------- d-----w- c:\users\neal\appdata\local\{6A0829E2-62F9-4B99-A0AD-A6FD461A23BB}

2011-12-15 22:02:32 -------- d-----w- c:\users\neal\appdata\local\{E84C68D8-54A7-49DB-B555-EA2AA2CFCE2B}

2011-12-14 04:54:50 2342912 ----a-w- c:\windows\system32\win32k.sys

2011-12-14 04:54:48 2048 ----a-w- c:\windows\system32\tzres.dll

2011-12-14 04:54:43 534528 ----a-w- c:\windows\system32\EncDec.dll

2011-12-14 04:54:42 38912 ----a-w- c:\windows\system32\csrsrv.dll

2011-12-14 04:54:40 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-12-14 04:54:40 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe

.

==================== Find3M ====================

.

2011-12-10 22:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-26 20:33:44 644400 ----a-w- c:\windows\system32\mscomct2.ocx

2011-11-10 22:07:59 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll

2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl

2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll

2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2011-10-30 15:43:36 152576 ----a-w- c:\windows\system32\msclmd.dll

.

============= FINISH: 15:44:07.20 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 12/30/2009 7:53:59 PM

System Uptime: 1/10/2012 9:24:03 AM (30 hours ago)

.

Motherboard: TOSHIBA | | Portable PC

Processor: AMD Athlon II Dual-Core M300 | Socket S1G3 | 2000/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 289 GiB total, 85.22 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP483: 12/22/2011 7:43:48 PM - Scheduled Checkpoint

RP484: 12/27/2011 9:39:41 PM - Installed Google SketchUp 8

RP485: 1/4/2012 4:54:43 PM - Removed ActivClient CAC 6.1 x86.

RP486: 1/4/2012 4:58:21 PM - Removed ActivClient CAC 6.1 x86.

RP487: 1/4/2012 4:58:48 PM - Removed ActivClient CAC 6.1 x86.

RP488: 1/4/2012 5:00:30 PM - Removed OpenVPN Connect

RP489: 1/4/2012 5:02:32 PM - Removed REA's TESTware

RP490: 1/4/2012 5:04:04 PM - Removed WinTin++

RP491: 1/6/2012 8:54:23 AM - Removed WinZip 15.0

.

==== Installed Programs ======================

.

7-Zip 9.20

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.1

Are You Smarter than a 5th Grader - Make the Grade

ATI Catalyst Install Manager

Bing Bar Platform

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CMUD 3.34

Compatibility Pack for the 2007 Office system

Coupon Printer for Windows

D3DX10

Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dropbox

ffdshow [rev 1723] [2007-12-24]

Flickr Downloadr

Google Chrome

Google Earth Plug-in

Google SketchUp 8

Google Toolbar for Internet Explorer

Google Update Helper

HP Photo Creations

HP Photosmart Plus B210 series Basic Device Software

HP Photosmart Plus B210 series Help

HP Photosmart Plus B210 series Product Improvement Study

HP Update

ImgBurn

Java 6 Update 14

Junk Mail filter update

Label@Once 1.0

Malwarebytes Anti-Malware version 1.60.0.1800

Microsoft .NET Framework 1.1

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Default Manager

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Student 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2010

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Works

Mozilla Firefox 9.0.1 (x86 en-US)

MSVCRT

MyToshiba

NetZero Launcher

OGA Notifier 2.0.0048.0

Pando Media Booster

PdaNet for Android 2.16

PlayReady PC Runtime x86

PureEdge Viewer 6.5

Quickbooks Financial Center

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

Realtek WLAN Driver

Sandboxie 3.62 (32-bit)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553353) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Shipping Assistant 3.7

Skype Launcher

Synaptics Pointing Device Driver

Toshiba Application and Driver Installer

TOSHIBA Assist

TOSHIBA ConfigFree

TOSHIBA Disc Creator

TOSHIBA DVD PLAYER

TOSHIBA eco Utility

TOSHIBA Extended Tiles for Windows Mobility Center

TOSHIBA Hardware Setup

TOSHIBA HDD/SSD Alert

Toshiba Online Backup

TOSHIBA PC Health Monitor

Toshiba Quality Application

TOSHIBA Recovery Media Creator

TOSHIBA Service Station

TOSHIBA Speech System Applications

TOSHIBA Speech System SR Engine(U.S.) Version1.0

TOSHIBA Speech System TTS Engine(U.S.) Version1.0

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

ToshibaRegistration

TVersity Codec Pack 1.2

TVersity Media Server Pro 1.8 Beta

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition

Update for Microsoft Outlook Social Connector (KB2583935)

VLC media player 1.1.4

Vuze

Vuze Remote Toolbar

WildTangent Games

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WModem Driver Installer

Yahoo! Messenger

Yahoo! Search Protection

Yahoo! Software Update

.

==== Event Viewer Messages From Past Week ========

.

1/9/2012 9:34:48 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

1/9/2012 9:34:45 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

1/9/2012 9:34:45 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

1/9/2012 9:34:35 AM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter

1/9/2012 9:30:56 AM, Error: Service Control Manager [7034] - The TVersityMediaServer service terminated unexpectedly. It has done this 1 time(s).

1/9/2012 8:10:54 PM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107.

1/9/2012 8:10:54 PM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

1/11/2012 4:29:29 AM, Error: atikmdag [43029] - Display is not active

1/11/2012 3:43:48 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FontCache service.

1/11/2012 3:43:18 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.

1/11/2012 3:35:41 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the upnphost service.

1/11/2012 3:35:09 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SSDPSRV service.

1/11/2012 3:34:39 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SCardSvr service.

1/11/2012 3:34:08 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Mcx2Svc service.

1/11/2012 12:29:31 PM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.

.

==== End Of File ===========================

[screen317]

Hi and welcome to Malwarebytes.

Please see:

HijackThis Forum Policy

We will not assist users that are obviously using illegal software.

If any such evidence is found you will be given the benefit of the doubt and the opportunity to completely uninstall and delete any such data from your system.

During the scanning process if any further evidence shows up your topic will be closed and no further assistance will be provided.

If you're using Peer 2 Peer software such as uTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

It's likely why your issue began in the first place.

[screen317]

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!