BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Google Redirect - Need Help Please
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > Google Redirect - Need Help Please  
Forum Quick Jump
 
New Topic Post reply to : Google Redirect - Need Help Please Printable version of : Google Redirect - Need Help Please
[ << Previous Thread | Next Thread >> ]

Tkkhen
New Member


Date Joined May 2010
Total Posts : 23
 
   Posted 7/19/2012 7:02 AM (GMT +3)    Quote: Google Redirect - Need Help PleaseAlert an admin about: Google Redirect - Need Help Please
My google is redirecting my search to some location rather then the searched website. Below is combofix:

ComboFix 12-07-18.04 - Administrator 07/18/2012 22:24:02.40.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1421 [GMT -5:00]
Running from: c:\documents and settings\Administrator\My Documents\Downloads\ComboFixNew.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((( Files Created from 2012-06-19 to 2012-07-19 )))))))))))))))))))))))))))))))
.
.
2012-07-19 03:04 . 2012-07-19 03:04 -------- d-----w- c:\windows\LastGood
2012-07-18 13:10 . 2012-07-18 13:10 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Temp
2012-07-18 04:53 . 2012-06-29 06:44 6891424 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5B1A007B-AC50-4270-839F-F5A38E90CC74}\mpengine.dll
2012-07-16 04:44 . 2012-06-18 08:14 6762896 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-13 01:30 . 2011-03-15 19:32 406896 ----a-w- c:\windows\system32\dsNcSmartCardProv.dll
2012-07-13 01:30 . 2011-03-15 19:32 361840 ----a-w- c:\windows\system32\dsNcCredProv.dll
2012-07-13 01:30 . 2012-07-13 01:30 -------- d-----w- c:\program files\Juniper Networks
2012-07-09 23:11 . 2012-07-09 23:12 -------- d-----w- c:\program files\Microsoft Security Client
2012-07-08 04:20 . 2012-07-08 04:20 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Apple Computer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 04:39 . 2012-04-13 16:20 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-12 04:39 . 2011-05-20 04:52 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 13:19 . 2004-08-11 22:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:50 . 2008-04-14 00:12 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2004-08-11 22:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-08-11 22:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 20:19 . 2007-07-31 00:18 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 20:19 . 2007-07-31 00:19 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 20:19 . 2004-08-11 22:12 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 20:19 . 2004-08-11 22:12 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 20:19 . 2004-08-11 22:12 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 20:19 . 2007-07-31 00:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 20:19 . 2007-07-31 00:19 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 20:19 . 2004-08-11 22:12 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 20:19 . 2004-08-11 22:12 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 20:19 . 2004-08-11 22:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 20:19 . 2007-07-31 00:18 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 20:19 . 2004-08-11 22:12 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 20:19 . 2004-08-11 22:12 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 20:18 . 2008-12-15 22:14 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 20:18 . 2008-12-15 22:14 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 20:18 . 2008-07-19 04:07 214256 ----a-w- c:\windows\system32\muweb.dll
2012-05-31 17:25 . 2012-01-29 00:12 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-05-31 13:22 . 2004-08-11 22:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:08 . 2004-08-11 22:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-11 14:42 . 2004-08-11 22:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-11 14:42 . 2004-08-11 22:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2004-08-11 22:00 385024 ----a-w- c:\windows\system32\html.iec
2012-05-04 13:16 . 2004-08-11 22:00 2148352 ------w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32 . 2004-08-04 03:59 2026496 ------w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2004-08-11 22:11 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-17 16:00 . 2012-06-17 16:00 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-07-19_01.50.15 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-07-19 02:12 . 2012-07-19 02:12 16384 c:\windows\temp\Perflib_Perfdata_2e4.dat
+ 2012-07-19 03:04 . 2011-09-13 12:30 32592 c:\windows\LastGood\system32\DRIVERS\avgrkx86.sys
+ 2012-07-19 03:04 . 2011-08-08 12:08 40016 c:\windows\LastGood\system32\DRIVERS\avgmfx86.sys
+ 2012-07-19 03:04 . 2011-10-04 12:21 16720 c:\windows\LastGood\system32\DRIVERS\AVGIDSShim.sys
+ 2012-07-19 03:04 . 2011-07-11 07:14 24272 c:\windows\LastGood\system32\DRIVERS\AVGIDSFilter.sys
+ 2012-07-19 03:04 . 2011-07-11 07:14 295248 c:\windows\LastGood\system32\DRIVERS\avgtdix.sys
+ 2012-07-19 03:04 . 2011-10-07 12:23 230608 c:\windows\LastGood\system32\DRIVERS\avgldx86.sys
+ 2012-07-19 03:04 . 2011-07-11 07:14 134608 c:\windows\LastGood\system32\DRIVERS\AVGIDSDriver.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2007-01-25 159744]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-18 138008]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-18 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-18 138008]
"SigmatelSysTrayApp"="stsystra.exe" [2007-02-19 303104]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-10-25 2220032]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240]
"CarboniteSetupLite"="c:\program files\Carbonite\CarbonitePreinstaller.exe" [2009-08-04 318096]
"MaxMenuMgr"="c:\program files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-09-26 185640]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-08 421776]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 19:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1850764082-1516836322-1438872087-4819\Scripts\Logon\0\0]
"Script"=content-filter-auth.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1850764082-1516836322-1438872087-4819\Scripts\Logon\1\0]
"Script"=UninstallDTS301.bat
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
backup=c:\windows\pss\Secunia PSI Tray.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY]
2012-01-24 23:24 2416480 ----a-w- c:\program files\AVG\AVG2012\avgtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-27 00:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-06-08 00:33 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
2006-10-20 22:23 118784 ------w- c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-19 01:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
2006-08-17 14:00 1116920 ----a-w- c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-02-18 21:40 2012912 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2011-04-22 12:21 247728 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys [5/19/2010 8:29 PM 32008]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 10:25 AM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2/17/2010 10:15 AM 66632]
R2 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;c:\program files\Broadcom\ASFIPMon\AsfIpMon.exe [12/19/2006 2:21 PM 79432]
R2 CSIScanner;CSIScanner;c:\program files\Prevx\prevx.exe [5/19/2010 8:29 PM 6393984]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [9/25/2009 11:32 PM 189736]
R2 NgVpnMgr;Aventail VPN Client;c:\windows\system32\ngvpnmgr.exe [3/17/2010 2:55 PM 240816]
R2 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys [5/19/2010 8:29 PM 76696]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [1/10/2011 9:24 AM 399416]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [4/22/2011 7:21 AM 92592]
R3 NgLog;Aventail VPN Logging;c:\windows\system32\drivers\nglog.sys [3/17/2010 2:53 PM 27208]
R3 NgVpn;Aventail VPN Adapter;c:\windows\system32\drivers\ngvpn.sys [3/17/2010 2:54 PM 79944]
R3 pxkbf;pxkbf;c:\windows\system32\drivers\pxkbf.sys [5/19/2010 8:29 PM 26096]
R3 SSLDrv;SSL-VPN NetExtender Adapter;c:\windows\system32\drivers\SSLDrv.sys [2/23/2009 4:55 PM 20504]
R4 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys --> c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R4 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys --> c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R4 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys --> c:\windows\system32\DRIVERS\AVGIDSShim.Sys [?]
R4 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys --> c:\windows\system32\DRIVERS\avgrkx86.sys [?]
R4 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys --> c:\windows\system32\DRIVERS\avgtdix.sys [?]
S0 ngbvsq;ngbvsq;c:\windows\system32\drivers\ymtt.sys --> c:\windows\system32\drivers\ymtt.sys [?]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [7/4/2012 5:25 PM 4433248]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [8/2/2011 7:09 AM 192776]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9/26/2010 4:33 PM 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/13/2012 11:20 AM 250056]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9/26/2010 4:33 PM 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/25/2012 6:08 AM 113120]
S3 NgFilter;Aventail VPN Filter;c:\windows\system32\drivers\ngfilter.sys [3/17/2010 2:55 PM 22600]
S3 NgWfp;Aventail VPN Callout;c:\windows\system32\drivers\ngwfp.sys [3/17/2010 2:55 PM 25160]
S3 pnetmdm;PdaNet Modem;c:\windows\system32\drivers\pnetmdm.sys [2/28/2009 12:31 PM 9472]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [9/1/2010 3:30 AM 15544]
S3 rcvpn;SonicWALL VPN Adapter;c:\windows\system32\DRIVERS\rcvpn.sys --> c:\windows\system32\DRIVERS\rcvpn.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2/17/2010 10:15 AM 12872]
S3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [1/10/2011 9:24 AM 993848]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - Avgldx86
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 04:39]
.
2012-07-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2012-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-26 21:33]
.
2012-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-26 21:33]
.
2012-07-19 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 22:03]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
DPF: {1BBB8666-9AF7-41D8-BA00-302E36F0C0DE} - hxxp://192.168.12.9/file/ViewXCtrl-66.cab
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\16mnymrc.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B05b9f78d-04a3-4f49-a0eb-151a01b14bae%7D&mid=c5be527a725347d6ae07d168362c5f2e-25a8548043bfb0416e524ff7870c41c78b98d84a&ds=AVG&v=11.1.0.12&lang=en&pr=fr&d=2011-12-02%2012%3A16%3A47&sap=ku&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-ROC_roc_dec12 - c:\program files\AVG Secure Search\ROC_roc_dec12.exe
MSConfigStartUp-vProt - c:\program files\AVG Secure Search\vprot.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-18 22:38
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
detected disk devices:
detected hooks:
\Driver\atapi DriverStartIo -> 0x8A8CF2E2
user != kernel MBR !!!
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3141101339-2074966332-4040367415-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,45,22,70,ac,e5,5f,87,46,8c,d1,44,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,45,22,70,ac,e5,5f,87,46,8c,d1,44,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,45,22,70,ac,e5,5f,87,46,8c,d1,44,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1620)
c:\windows\system32\WININET.dll
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
- - - - - - - > 'lsass.exe'(1732)
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(2644)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2012-07-18 22:44:26
ComboFix-quarantined-files.txt 2012-07-19 03:44
ComboFix2.txt 2012-07-19 02:02
ComboFix3.txt 2012-02-13 23:53
ComboFix4.txt 2012-01-22 18:38
ComboFix5.txt 2012-07-19 03:20
.
Pre-Run: 8,821,608,448 bytes free
Post-Run: 8,808,038,400 bytes free
.
- - End Of File - - 72578FC726D8BFE17957DB099A979C8A
Back to Top
 
New Topic Post reply to : Google Redirect - Need Help Please Printable version of : Google Redirect - Need Help Please
 
Forum Information
Currently it is Tuesday, July 29, 2014 11:42 AM (GMT +3)
There are a total of 60,529 posts in 13,304 threads.
In the last 3 days there were 1 new threads and 1 reply posts. View Active Threads
Who's Online
This forum has 36183 registered members. Please welcome our newest member, Hecate.
3 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
Bullguard removes CODWAW.exe says its a trojen generic (1)7/26/2014 5:56:15 PM (Andreea-Luciana Ostache)