Continued Problems after virus removal

[tankyb]

Well, once again my shared laptop has been given a virus...and attempts to fix it before I got home may have made it worse. I have run Malwarebytes, and it has detected and removed 4 or 5 things each the last few days. It appears fixed, but still doesn't seem quite right, so I'm hoping someone can help me finish the removal or make sure it's clean.

At one point, Google was being redirected; Today: explorer keeps having trouble, closing and restarting itself.

[tankyb]

Well, once again my shared laptop has been given a virus...and attempts to fix it before I got home may have made it worse. I have run Malwarebytes, and it has detected and removed 4 or 5 things each the last few days. It appears fixed, but still doesn't seem quite right, so I'm hoping someone can help me finish the removal or make sure it's clean.

At one point, Google was being redirected; Today: explorer keeps having trouble, closing and restarting itself.

ok...guess I'm supposed to copy/paste instead of attach....so this is what I've got:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by owner at 11:59:23 on 2011-10-31

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6143.4154 [GMT -5:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\FBAgent.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

C:\Program Files\ATKGFNEX\GFNEXSrv.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe

C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\wbctlvga.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\ACEngSvr.exe

C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\wbctlvga.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe

C:\Windows\explorer.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\REGSVR32.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = https://www.google.com/

uDefault_Page_URL = hxxp://asus.msn.com

mDefault_Page_URL = hxxp://www.yahoo.com

mStart Page = hxxp://www.yahoo.com

uInternet Settings,ProxyOverride = *.local

BHO: MRI_DISABLED - No File

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

TB: {981E53BA-6DF4-4D99-8C33-6C398F5C139E} - No File

TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File

EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

Trusted Zone: cinemanow.com

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB

DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab

DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} - hxxp://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

TCP: DhcpNameServer = 24.196.64.53 68.113.206.10 24.178.162.3

TCP: Interfaces\{A5D50C0F-E311-4694-973C-4729818E43F3} : DhcpNameServer = 24.196.64.53 68.113.206.10 24.178.162.3

TCP: Interfaces\{A5D50C0F-E311-4694-973C-4729818E43F3}\74C6F62616C6D456564796E6762475962756C6563737 : DhcpNameServer = 4.2.2.1

TCP: Interfaces\{A5D50C0F-E311-4694-973C-4729818E43F3}\86F6C69646169713 : DhcpNameServer = 10.0.1.1

TCP: Interfaces\{A5D50C0F-E311-4694-973C-4729818E43F3}\86F6D656 : DhcpNameServer = 69.6.190.10 69.6.190.11

TCP: Interfaces\{A5D50C0F-E311-4694-973C-4729818E43F3}\E4544574541425 : DhcpNameServer = 192.168.1.1

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: MRI_DISABLED - No File

BHO-X64: AcroIEHelperStub - No File

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

BHO-X64: 0x1 - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

BHO-X64: Canon Easy-WebPrint EX BHO - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

TB-X64: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

TB-X64: {981E53BA-6DF4-4D99-8C33-6C398F5C139E} - No File

TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File

EB-X64: {21347690-EC41-4F9A-8887-1F4AEE672439} - No File

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm

.

============= SERVICES / DRIVERS ===============

.

R1 EIO64;EIO Driver;C:\Windows\system32\DRIVERS\EIO64.sys --> C:\Windows\system32\DRIVERS\EIO64.sys [?]

R1 sbtis;sbtis;C:\Windows\system32\drivers\sbtis.sys --> C:\Windows\system32\drivers\sbtis.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]

R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]

R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2009-11-9 14904]

R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2009-6-11 127352]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-10-29 366152]

R2 OberonGameConsoleService;Oberon Media Game Console service;C:\Program Files (x86)\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe [2009-11-9 44312]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]

R2 WBVGAservice;WB VGA Service;C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe [2009-11-9 72248]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 RRNetCapMP;RRNetCapMP;C:\Windows\system32\DRIVERS\rrnetcap.sys --> C:\Windows\system32\DRIVERS\rrnetcap.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-2-7 135664]

S2 rbmouse;Rocketfish Mouse Suite Driver;C:\Windows\system32\DRIVERS\rbmouse.sys --> C:\Windows\system32\DRIVERS\rbmouse.sys [?]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-11-9 79360]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-11-9 79360]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-2-7 135664]

S3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\system32\DRIVERS\lvpopf64.sys --> C:\Windows\system32\DRIVERS\lvpopf64.sys [?]

S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]

S3 LVUVC64;QuickCam for Notebooks Deluxe(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]

S3 rbbtm;Rocketfish BT Mouse Filter Driver;C:\Windows\system32\DRIVERS\rbbtm.sys --> C:\Windows\system32\DRIVERS\rbbtm.sys [?]

S3 RRNetCap;RRNetCap Service;C:\Windows\system32\DRIVERS\rrnetcap.sys --> C:\Windows\system32\DRIVERS\rrnetcap.sys [?]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]

.

=============== Created Last 30 ================

.

2011-10-31 14:32:08 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D4F88F18-2DDA-427B-B2CA-E504AD383ED9}\offreg.dll

2011-10-31 13:26:58 -------- d-----w- C:\ProgramData\Premium

2011-10-31 13:26:56 -------- d-----w- C:\ProgramData\InstallMate

2011-10-31 01:17:01 -------- d-----w- C:\Program Files (x86)\Bing Bar Installer

2011-10-31 01:16:47 -------- d-----w- C:\Program Files (x86)\The Extractor

2011-10-28 12:42:20 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D4F88F18-2DDA-427B-B2CA-E504AD383ED9}\mpengine.dll

2011-10-21 23:56:31 45056 ----a-w- C:\Windows\System32\acovcnt.exe

2011-10-19 18:23:01 -------- d-----w- C:\Users\owner\AppData\Local\{D84F9B3B-F31B-4A67-839B-01921FDAC2F9}

2011-10-19 18:22:50 -------- d-----w- C:\Users\owner\AppData\Local\{3027C349-5DDE-4C01-9FBE-1C4FD0094DB9}

2011-10-19 15:30:45 -------- d-----w- C:\Users\owner\AppData\Local\{02E201E2-E84F-4543-A6A7-6EB55AC1C409}

2011-10-19 14:18:00 -------- d-----w- C:\Program Files\iPod

2011-10-19 14:17:59 -------- d-----w- C:\Program Files\iTunes

2011-10-19 14:17:59 -------- d-----w- C:\Program Files (x86)\iTunes

2011-10-19 14:15:58 -------- d-----w- C:\Program Files\Bonjour

2011-10-19 14:15:58 -------- d-----w- C:\Program Files (x86)\Bonjour

2011-10-18 18:32:38 -------- d-----w- C:\Program Files (x86)\Sony

2011-10-18 18:31:45 -------- d-----w- C:\Users\owner\AppData\Local\{B8FEF357-EA4C-45C4-8C5F-792EBF676EBF}

2011-10-18 18:31:20 -------- d-----w- C:\Users\owner\AppData\Local\{780B9801-76C0-4D6C-8D50-BEB082125F43}

2011-10-18 18:30:34 -------- d-----w- C:\Users\owner\AppData\Local\{FC49286B-8BE6-4709-B1F5-ED534F1D5D40}

2011-10-18 18:30:21 -------- d-----w- C:\Users\owner\AppData\Local\{B5C48DEB-CEF9-4411-BDD7-53ACC4593629}

2011-10-17 21:45:58 -------- d-----w- C:\Users\owner\AppData\Local\{ED4E4550-0E4F-4B3E-A9B2-4FF1B2B6407C}

2011-10-17 21:45:46 -------- d-----w- C:\Users\owner\AppData\Local\{74D9AF62-28F9-45C7-855A-11F1A15887D1}

2011-10-17 21:38:31 -------- d-----w- C:\Users\owner\AppData\Local\{FDAE98B7-7CD8-4C66-AF67-A125D3E26DC3}

2011-10-17 21:38:17 -------- d-----w- C:\Users\owner\AppData\Local\{FFF09E41-8295-4D98-84F1-7AF24F9E17B8}

2011-10-12 15:00:01 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-10-12 15:00:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2011-10-12 15:00:01 174368 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll

2011-10-12 15:00:01 141088 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll

2011-10-12 15:00:00 304640 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll

2011-10-12 14:05:37 3138048 ----a-w- C:\Windows\System32\win32k.sys

2011-10-12 14:05:36 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax

2011-10-12 14:05:36 613888 ----a-w- C:\Windows\System32\psisdecd.dll

2011-10-12 14:05:36 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll

2011-10-12 14:05:36 108032 ----a-w- C:\Windows\System32\psisrndr.ax

2011-10-12 14:05:29 861696 ----a-w- C:\Windows\System32\oleaut32.dll

2011-10-12 14:05:29 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2011-10-12 14:05:29 331776 ----a-w- C:\Windows\System32\oleacc.dll

2011-10-12 14:05:29 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll

2011-10-10 14:52:50 -------- d-----w- C:\Users\owner\AppData\Local\{9568C142-5F19-4D0D-AFBE-694076242D1F}

2011-10-07 19:23:46 -------- d-----w- C:\Users\owner\AppData\Local\{7026DB1D-2AFD-456E-83EF-008EC279C99B}

2011-10-07 19:23:35 -------- d-----w- C:\Users\owner\AppData\Local\{FBF67EA5-2152-48BB-AA28-DD3E918854FA}

2011-10-05 20:06:49 -------- d-----w- C:\Users\owner\AppData\Local\{2559FF10-A7B1-45E3-80F9-472D47B2ED26}

2011-10-05 20:06:38 -------- d-----w- C:\Users\owner\AppData\Local\{A576A0D7-2241-45A6-8DB7-E4AD5123DAF3}

2011-10-05 20:03:45 -------- d-----w- C:\Users\owner\AppData\Local\{FF4A8EE2-5293-4CCE-A1E0-1D83974F4CD7}

2011-10-05 20:03:22 -------- d-----w- C:\Users\owner\AppData\Local\{37BF6F24-1E50-49E6-95A9-BD83E69A6E88}

2011-10-05 20:03:01 -------- d-----w- C:\Users\owner\AppData\Local\{1FB857E3-409E-4A3D-A49C-B3418D615E3F}

.

==================== Find3M ====================

.

2011-10-28 17:13:11 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll

2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll

2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll

2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-08-31 22:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-08-31 04:05:32 96104 ----a-w- C:\Windows\System32\dns-sd.exe

2011-08-31 04:05:32 85864 ----a-w- C:\Windows\System32\dnssd.dll

2011-08-31 04:05:32 61288 ----a-w- C:\Windows\System32\jdns_sd.dll

2011-08-31 04:05:32 212840 ----a-w- C:\Windows\System32\dnssdX.dll

2011-08-31 04:05:04 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe

2011-08-31 04:05:04 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll

2011-08-31 04:05:04 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll

2011-08-31 04:05:04 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll

.

============= FINISH: 12:07:21.64 ===============

[tankyb]

Hellooooooooooooooo.....

So much for damsel in distress n such. Please help...my lappy is acting worse and worse...running some kind of program in background now and just now started playing music after log-in and before I even touched anything.

Is there someone who can PLEASE help me...typically malwarebytes protects/saves me from all of this, but this time....I'm drowning in ick

Any help at all is appreciated....part time yoga instructors don't make much and I don't wanna have to go to geek squad...ugh.

[tankyb]

Well, since it seems that no one on this forum would/could help me, I worked for hours yesterday and finally got my redirect virus off and got computer completely cleaned using hitman pro and deleting, reinstalling adobe. Malwarebytes (which I pay for...and have depended on for years) never could find this problem . I guess you can close this post.

[screen317]

Hi and welcome to Malwarebyes.

Bumping your topic makes it seem like you are already being helped, and as you've noticed, you were overlooked because of it. That isn't our fault.

Do you still need help??

[screen317]

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!