Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Google redirect to Scour

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Google redirect to Scour

Unread postby Duxdad » June 23rd, 2011, 2:39 pm

Malwarebytes finds nothing, TDSS will not run even when renamed. Any help will be appreciated.
Thanks

.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Jim and Cath at 14:28:23 on 2011-06-20
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1918.1070 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Verizon Broadband Toolbar: {4e7bd74f-2b8d-469e-8cb0-ab60bb9aae22} - c:\progra~1\vol_to~1\VOL_TO~1.DLL
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Norton Safe Web Lite BHO: {f0da78e9-6b60-42fb-bc26-ef2cfb8c8ff3} - c:\program files\norton safe web lite\engine\1.2.0.6\coIEPlg.dll
TB: {BA52B914-B692-46c4-B683-905236F6F655} - No File
TB: Verizon Broadband Toolbar: {4e7bd74f-2b8d-469e-8cb0-ab60bb9aae22} - c:\progra~1\vol_to~1\VOL_TO~1.DLL
TB: Norton Safe Web Lite: {30ceeea2-3742-40e4-85dd-812bf1cbb83d} - c:\program files\norton safe web lite\engine\1.2.0.6\coIEPlg.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [PadTouch] c:\program files\toshiba\touch and launch\PadExe.exe
mRun: [\\http://192.168.2.1:1631\My_Printer] c:\windows\system32\spool\drivers\w32x86\3\e_fatiaca.exe /p36 "\\http://192.168.2.1:1631\My_Printer" /O43 "http://192.168.2.1:1631/printers/My_Printer" /M "Stylus CX3800"
mRun: [VerizonServicepoint.exe] "c:\program files\verizon\vsp\VerizonServicepoint.exe" /AUTORUN
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [USRobotics Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxps://activatemydsl.verizon.net/sdcCo ... gctlcm.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microso ... 7288461265
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shoc ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1 71.243.0.12
TCP: Interfaces\{13DE8172-A76E-4670-9BD5-332C9C1A02D5} : DhcpNameServer = 192.168.1.1 71.243.0.12
TCP: Interfaces\{602C8BCB-ABFF-4EAF-BE10-77DDDB34C052} : DhcpNameServer = 192.168.1.1 71.243.0.12
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-6-5 13496]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]
R1 MpKsl4705a2ec;MpKsl4705a2ec;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{41a33c44-d357-4461-a1c2-ca384b63838f}\MpKsl4705a2ec.sys [2011-6-20 28752]
R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\verizon\iha_messagecenter\bin\Verizon_IHAMessageCenter.exe [2010-10-13 98304]
R2 NSL;Norton Safe Web Lite;c:\program files\norton safe web lite\engine\1.2.0.6\ccSvcHst.exe [2011-6-6 130000]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [2005-3-31 211200]
S1 MpKslad42693b;MpKslad42693b;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c807f935-9763-4bc2-bb8b-257ae7a37c6d}\mpkslad42693b.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c807f935-9763-4bc2-bb8b-257ae7a37c6d}\MpKslad42693b.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2005-8-9 14336]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [2011-6-5 606056]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2005-8-9 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-06-20 18:13:32 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{41a33c44-d357-4461-a1c2-ca384b63838f}\MpKsl4705a2ec.sys
2011-06-20 00:47:41 6962000 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{41a33c44-d357-4461-a1c2-ca384b63838f}\mpengine.dll
2011-06-15 20:50:26 -------- d-----w- c:\windows\SxsCaPendDel
2011-06-15 16:45:56 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-06-10 16:42:48 1409 ----a-w- c:\windows\QTFont.for
2011-06-08 00:59:13 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-06-08 00:59:13 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-08 00:41:49 -------- d-----w- c:\program files\common files\L&H
2011-06-08 00:33:40 -------- d-----w- C:\Utils
2011-06-07 00:16:10 -------- d-----w- c:\windows\system32\drivers\nst\0102000.006
2011-06-07 00:16:10 -------- d-----w- c:\windows\system32\drivers\NST
2011-06-07 00:16:09 -------- d-----w- c:\program files\Norton Safe Web Lite
2011-06-07 00:16:09 -------- d-----w- c:\documents and settings\all users\application data\Norton
2011-06-07 00:15:31 -------- d-----w- c:\program files\NortonInstaller
2011-06-07 00:15:30 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller
2011-06-06 20:37:32 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-06 20:20:11 -------- d-----w- c:\documents and settings\jim and cath\application data\Windows Search
2011-06-06 20:09:05 700416 ----a-w- c:\windows\system32\BCMLogon.dll
2011-06-06 19:52:50 6962000 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-06-06 19:16:32 -------- d-----w- c:\windows\system32\winrm
2011-06-06 19:16:22 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2011-06-06 19:11:29 -------- d-----w- c:\documents and settings\jim and cath\local settings\application data\Identities
2011-06-06 19:11:21 -------- d-----w- c:\documents and settings\jim and cath\application data\Windows Desktop Search
2011-06-06 19:10:18 -------- d-----w- c:\program files\Windows Desktop Search
2011-06-06 19:10:17 -------- d-----w- c:\windows\system32\GroupPolicy
2011-06-06 19:06:42 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll
2011-06-06 19:06:42 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll
2011-06-06 19:06:42 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll
2011-06-06 19:06:01 -------- d-----w- c:\program files\Windows Media Connect 2
2011-06-06 19:03:55 -------- d-----w- c:\windows\system32\LogFiles
2011-06-06 18:58:06 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll
2011-06-06 15:20:38 -------- d-----w- c:\windows\pss
2011-06-06 06:08:07 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2011-06-06 00:53:32 274288 ----a-w- c:\windows\system32\mucltui.dll
2011-06-05 23:01:22 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-06-05 22:44:23 -------- d-----w- c:\program files\Microsoft Security Client
2011-06-05 06:19:26 29520 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-06-05 06:19:18 -------- d-----w- c:\documents and settings\jim and cath\application data\IObit
2011-06-05 06:19:12 13496 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-06-05 06:17:26 -------- d-----w- c:\program files\IObit
2011-06-05 05:45:29 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-05 05:30:25 -------- d-----w- c:\program files\CCleaner
2011-06-05 04:49:08 606056 ----a-w- c:\windows\system32\drivers\RTL8192su.sys
2011-06-05 04:06:12 -------- d-sh--w- c:\documents and settings\jim and cath\IECompatCache
2011-06-05 03:54:44 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-06-05 03:54:44 -------- d-----w- c:\windows\system32\wbem\Repository
2011-06-04 15:15:33 -------- d-----w- c:\documents and settings\jim and cath\application data\Malwarebytes
2011-06-04 15:15:06 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-06-04 15:15:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-28 00:25:12 -------- d-----w- c:\documents and settings\jim and cath\local settings\application data\Adobe
.
==================== Find3M ====================
.
2011-05-02 15:31:52 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 16:11:12 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:11:11 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:11:11 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01:22 385024 ----a-w- c:\windows\system32\html.iec
2011-04-21 13:37:43 105472 ----a-w- c:\windows\system32\drivers\mup.sys
.
============= FINISH: 14:29:39.09 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-12.02)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 1/1/2006 7:51:36 PM
System Uptime: 6/20/2011 2:12:54 PM (0 hours ago)
.
Motherboard: TOSHIBA | | Satellite L25
Processor: Intel(R) Celeron(R) M processor 1.40GHz | U23 | 1396/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 37 GiB total, 17.646 GiB free.
D: is CDROM ()
E: is CDROM (CDFS)
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP625: 4/17/2011 1:30:43 PM - System Checkpoint
RP626: 4/19/2011 11:41:59 AM - System Checkpoint
RP627: 4/20/2011 12:41:13 PM - System Checkpoint
RP628: 4/21/2011 1:42:13 PM - System Checkpoint
RP629: 4/22/2011 2:12:35 PM - System Checkpoint
RP630: 4/23/2011 2:58:06 PM - System Checkpoint
RP631: 4/25/2011 9:57:42 PM - System Checkpoint
RP632: 4/26/2011 10:10:18 PM - System Checkpoint
RP633: 4/27/2011 10:19:25 PM - Software Distribution Service 3.0
RP634: 4/28/2011 10:58:51 PM - System Checkpoint
RP635: 5/6/2011 8:17:38 AM - System Checkpoint
RP636: 5/7/2011 12:39:09 PM - System Checkpoint
RP637: 5/8/2011 2:39:50 PM - System Checkpoint
RP638: 5/9/2011 8:42:47 PM - System Checkpoint
RP639: 5/10/2011 9:10:33 PM - System Checkpoint
RP640: 5/11/2011 2:04:36 PM - Software Distribution Service 3.0
RP641: 5/12/2011 5:33:16 PM - System Checkpoint
RP642: 5/13/2011 5:34:01 PM - System Checkpoint
RP643: 5/14/2011 6:17:58 PM - System Checkpoint
RP644: 5/15/2011 8:29:08 PM - System Checkpoint
RP645: 5/16/2011 9:36:28 PM - System Checkpoint
RP646: 5/17/2011 10:03:44 PM - System Checkpoint
RP647: 5/18/2011 10:10:17 PM - System Checkpoint
RP648: 5/20/2011 8:17:32 AM - System Checkpoint
RP649: 5/21/2011 8:32:01 AM - System Checkpoint
RP650: 5/22/2011 9:15:34 AM - System Checkpoint
RP651: 5/23/2011 10:31:54 AM - System Checkpoint
RP652: 5/24/2011 10:34:28 AM - System Checkpoint
RP653: 5/25/2011 2:11:30 PM - System Checkpoint
RP654: 5/26/2011 8:41:49 PM - System Checkpoint
RP655: 5/27/2011 8:42:40 PM - Installed Adobe Reader X (10.0.1).
RP656: 6/4/2011 6:26:25 PM - System Checkpoint
RP657: 6/4/2011 11:47:20 PM - Restore Operation
RP658: 6/5/2011 12:55:06 AM - Configured Toshiba Utility
RP659: 6/5/2011 1:12:31 AM - Removed ConfigFree
RP660: 6/5/2011 1:12:43 AM - Removed ConfigFree
RP661: 6/5/2011 3:01:55 AM - Software Distribution Service 3.0
RP662: 6/5/2011 8:48:28 PM - Software Distribution Service 3.0
RP663: 6/6/2011 10:38:57 AM - Software Distribution Service 3.0
RP664: 6/6/2011 10:46:24 AM - Software Distribution Service 3.0
RP665: 6/6/2011 11:25:07 AM - Software Distribution Service 3.0
RP666: 6/6/2011 3:02:50 PM - Software Distribution Service 3.0
RP667: 6/6/2011 4:00:31 PM - Software Distribution Service 3.0
RP668: 6/6/2011 4:16:12 PM - Software Distribution Service 3.0
RP669: 6/7/2011 8:39:22 PM - Installed Microsoft Office Professional Edition 2003
RP670: 6/7/2011 8:54:51 PM - Installed Adobe Reader X (10.0.1).
RP671: 6/7/2011 8:58:45 PM - Installed Java(TM) 6 Update 26
RP672: 6/7/2011 9:13:49 PM - Software Distribution Service 3.0
RP673: 6/7/2011 9:25:31 PM - Software Distribution Service 3.0
RP674: 6/10/2011 11:08:30 AM - Software Distribution Service 3.0
RP675: 6/11/2011 9:20:11 AM - Software Distribution Service 3.0
RP676: 6/12/2011 8:45:13 AM - Software Distribution Service 3.0
RP677: 6/13/2011 12:08:54 PM - Software Distribution Service 3.0
RP678: 6/14/2011 9:26:26 AM - Software Distribution Service 3.0
RP679: 6/15/2011 11:08:11 AM - Software Distribution Service 3.0
RP680: 6/15/2011 4:47:44 PM - Software Distribution Service 3.0
RP681: 6/15/2011 11:23:38 PM - Software Distribution Service 3.0
RP682: 6/16/2011 9:14:02 AM - Software Distribution Service 3.0
RP683: 6/17/2011 9:45:43 AM - System Checkpoint
RP684: 6/17/2011 9:03:38 PM - Software Distribution Service 3.0
RP685: 6/19/2011 8:47:35 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
AC97 Data Fax SoftModem with SmartCP
Adobe Acrobat 5.0
Adobe AIR
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Reader X (10.0.1)
America Online (Choose which version to remove)
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOL Spyware Protection
AOL You've Got Pictures Screensaver
ArcSoft Panorama Maker 5
ArcSoft PhotoImpression 5
ArcSoft Software Suite
AT&T Connection Services Manager
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
CCleaner
CD/DVD Drive Acoustic Silencer
Cda Product Service - shared component
Conexant AC-Link Audio
DVD-RAM Driver
EPSON CX 3800 Guide
EPSON Printer Software
EPSON Scan
File Uploader
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
IHA_MessageCenter
InterVideo WinDVD for TOSHIBA
J2SE Runtime Environment 5.0 Update 2
Java Auto Updater
Java(TM) 6 Update 26
Learn2 Player (Uninstall Only)
Malwarebytes' Anti-Malware version 1.51.0.1200
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office OneNote 2003
Microsoft Office Professional Edition 2003
Microsoft Office Standard Edition 2003
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyConnect Special Offer
Nikon Transfer
Norton Safe Web Lite
Notebook Maximizer
Pure Networks Port Magic
Quicken 2005
QuickTime
RealPlayer Basic
REALTEK Gigabit and Fast Ethernet NIC Driver
Security Advisor
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Smart Defrag 2
Sonic DLA
Sonic RecordNow!
Synaptics Pointing Device Driver
TOSHIBA Assist
Toshiba Hotkey Utility
TOSHIBA PC Diagnostic Tool
Toshiba Q4 Retail Demo ScreenSaver
Toshiba Registration
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
Toshiba Tbiosdrv Driver
Toshiba Touchpad Utility
TOSHIBA Zooming Utility
Touch and Launch
U.S. Robotics Wireless MAXg Adapter
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Verizon Broadband Toolbar
Verizon Help and Support Tool
Verizon Servicepoint 1.5.20
Viewpoint Media Player
Vz In Home Agent
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
Yahoo! Music Engine
.
==== Event Viewer Messages From Past Week ========
.
6/20/2011 2:10:56 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
6/20/2011 2:10:37 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
6/20/2011 2:10:30 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
6/20/2011 2:02:28 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MpFilter MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
6/20/2011 2:02:28 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
6/20/2011 2:02:28 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/20/2011 2:02:28 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/20/2011 2:02:28 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
6/20/2011 10:50:57 AM, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 00C049FCAFDB has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
6/15/2011 10:57:59 AM, error: Service Control Manager [7022] - The IHA_MessageCenter service hung on starting.
6/13/2011 11:58:12 AM, error: Print [19] - Sharing printer failed + 1722, Printer EPSON Stylus CX3800 Series share name EPSONSty.
.
==== End Of File ===========================
Duxdad
Active Member
 
Posts: 1
Joined: June 23rd, 2011, 2:26 pm
Advertisement
Register to Remove

Re: Google redirect to Scour

Unread postby melboy » June 24th, 2011, 5:43 pm

Hi and welcome to the MR forums. :)

I'm melboy and I am going to try to help you with your problem. Please take note of the following:

  1. I will be working on your Malware issues this may or may not solve other issues you have with your machine.
  2. The fixes are specific to your problem and should only be used for this issue on this machine.
  3. If you don't know or understand something, please don't hesitate to ask.
  4. Please refrain from making any further changes to your computer (Install/Uninstall programs, delete files, edit the registry, etc...)
  5. Please DO NOT run any other tools or scans whilst I am helping you.
  6. It is important that you reply to this thread. Do not start a new topic.
  7. DO NOT attach logs unless requested to. Please copy/paste all requested logs into your replies.
  8. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  9. Absence of symptoms does not mean that everything is clear.


NOTE: Please take time to read the Malware Removal Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.


IMPORTANT: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.



No Reply Within 3 Days Will Result In Your Topic Being Closed!! If you need more time, please inform me.


================================================



Rootkit Unhooker

Download Rootkit Unhooker Save it to your desktop.

  • Double click RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check Drivers, Stealth. uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. (eg. desktop) then Click Close.
  • Copy the entire contents of the report and paste it in a reply here.

Note** you may get the following warning, just click OK and continue.
"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"


Note: Do not run any programs while RKUnHooker is running.
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Google redirect to Scour

Unread postby melboy » June 26th, 2011, 5:30 pm

Hi Duxdad

It has been two days since my last post.

  • Do you still need help?
  • Do you need more time?
  • Are you having problems following my instructions?
  • According to Malware Removal's latest policy, topics can be closed after 3 days without a response. If you do not reply within the next 24 hours, this topic will be closed.
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Google redirect to Scour

Unread postby NonSuch » June 27th, 2011, 6:09 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27300
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 11 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware