It's Cyber Monday - fantastic 70% discount

Buy Now

Limited time offer:

03

Days

/

00

Hrs

/

04

Min

/

04

Sec

Google Redirect - Need Help Please

Posted 7/19/2012 4:02 AM
#94149
User avatar

Tkkhen Valued member

Date Joined Nov 2016
Total Posts: 23
My google is redirecting my search to some location rather then the searched website. Below is combofix: <br/> <br/>ComboFix 12-07-18.04 - Administrator 07/18/2012 22:24:02.40.2 - x86 <br/>Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1421 [GMT -5:00] <br/>Running from: c:\documents and settings\Administrator\My Documents\Downloads\ComboFixNew.exe <br/>AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} <br/>. <br/>. <br/>((((((((((((((((((((((((( Files Created from 2012-06-19 to 2012-07-19 ))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>2012-07-19 03:04 . 2012-07-19 03:04 -------- d-----w- c:\windows\LastGood <br/>2012-07-18 13:10 . 2012-07-18 13:10 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Temp <br/>2012-07-18 04:53 . 2012-06-29 06:44 6891424 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5B1A007B-AC50-4270-839F-F5A38E90CC74}\mpengine.dll <br/>2012-07-16 04:44 . 2012-06-18 08:14 6762896 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll <br/>2012-07-13 01:30 . 2011-03-15 19:32 406896 ----a-w- c:\windows\system32\dsNcSmartCardProv.dll <br/>2012-07-13 01:30 . 2011-03-15 19:32 361840 ----a-w- c:\windows\system32\dsNcCredProv.dll <br/>2012-07-13 01:30 . 2012-07-13 01:30 -------- d-----w- c:\program files\Juniper Networks <br/>2012-07-09 23:11 . 2012-07-09 23:12 -------- d-----w- c:\program files\Microsoft Security Client <br/>2012-07-08 04:20 . 2012-07-08 04:20 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Apple Computer <br/>. <br/>. <br/>. <br/>(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>2012-07-12 04:39 . 2012-04-13 16:20 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe <br/>2012-07-12 04:39 . 2011-05-20 04:52 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl <br/>2012-06-13 13:19 . 2004-08-11 22:00 1866112 ----a-w- c:\windows\system32\win32k.sys <br/>2012-06-05 15:50 . 2008-04-14 00:12 1372672 ----a-w- c:\windows\system32\msxml6.dll <br/>2012-06-05 15:50 . 2004-08-11 22:00 1172480 ----a-w- c:\windows\system32\msxml3.dll <br/>2012-06-04 04:32 . 2004-08-11 22:00 152576 ----a-w- c:\windows\system32\schannel.dll <br/>2012-06-02 20:19 . 2007-07-31 00:18 22040 ----a-w- c:\windows\system32\wucltui.dll.mui <br/>2012-06-02 20:19 . 2007-07-31 00:19 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui <br/>2012-06-02 20:19 . 2004-08-11 22:12 329240 ----a-w- c:\windows\system32\wucltui.dll <br/>2012-06-02 20:19 . 2004-08-11 22:12 219160 ----a-w- c:\windows\system32\wuaucpl.cpl <br/>2012-06-02 20:19 . 2004-08-11 22:12 210968 ----a-w- c:\windows\system32\wuweb.dll <br/>2012-06-02 20:19 . 2007-07-31 00:19 45080 ----a-w- c:\windows\system32\wups2.dll <br/>2012-06-02 20:19 . 2007-07-31 00:19 15384 ----a-w- c:\windows\system32\wuapi.dll.mui <br/>2012-06-02 20:19 . 2004-08-11 22:12 53784 ----a-w- c:\windows\system32\wuauclt.exe <br/>2012-06-02 20:19 . 2004-08-11 22:12 35864 ----a-w- c:\windows\system32\wups.dll <br/>2012-06-02 20:19 . 2004-08-11 22:00 97304 ----a-w- c:\windows\system32\cdm.dll <br/>2012-06-02 20:19 . 2007-07-31 00:18 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui <br/>2012-06-02 20:19 . 2004-08-11 22:12 577048 ----a-w- c:\windows\system32\wuapi.dll <br/>2012-06-02 20:19 . 2004-08-11 22:12 1933848 ----a-w- c:\windows\system32\wuaueng.dll <br/>2012-06-02 20:18 . 2008-12-15 22:14 275696 ----a-w- c:\windows\system32\mucltui.dll <br/>2012-06-02 20:18 . 2008-12-15 22:14 17136 ----a-w- c:\windows\system32\mucltui.dll.mui <br/>2012-06-02 20:18 . 2008-07-19 04:07 214256 ----a-w- c:\windows\system32\muweb.dll <br/>2012-05-31 17:25 . 2012-01-29 00:12 237072 ------w- c:\windows\system32\MpSigStub.exe <br/>2012-05-31 13:22 . 2004-08-11 22:00 599040 ----a-w- c:\windows\system32\crypt32.dll <br/>2012-05-16 15:08 . 2004-08-11 22:00 916992 ----a-w- c:\windows\system32\wininet.dll <br/>2012-05-11 14:42 . 2004-08-11 22:00 43520 ----a-w- c:\windows\system32\licmgr10.dll <br/>2012-05-11 14:42 . 2004-08-11 22:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl <br/>2012-05-11 11:38 . 2004-08-11 22:00 385024 ----a-w- c:\windows\system32\html.iec <br/>2012-05-04 13:16 . 2004-08-11 22:00 2148352 ------w- c:\windows\system32\ntoskrnl.exe <br/>2012-05-04 12:32 . 2004-08-04 03:59 2026496 ------w- c:\windows\system32\ntkrnlpa.exe <br/>2012-05-02 13:46 . 2004-08-11 22:11 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys <br/>2012-06-17 16:00 . 2012-06-17 16:00 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll <br/>. <br/>. <br/>((((((((((((((((((((((((((((( SnapShot_2012-07-19_01.50.15 ))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>+ 2012-07-19 02:12 . 2012-07-19 02:12 16384 c:\windows\temp\Perflib_Perfdata_2e4.dat <br/>+ 2012-07-19 03:04 . 2011-09-13 12:30 32592 c:\windows\LastGood\system32\DRIVERS\avgrkx86.sys <br/>+ 2012-07-19 03:04 . 2011-08-08 12:08 40016 c:\windows\LastGood\system32\DRIVERS\avgmfx86.sys <br/>+ 2012-07-19 03:04 . 2011-10-04 12:21 16720 c:\windows\LastGood\system32\DRIVERS\AVGIDSShim.sys <br/>+ 2012-07-19 03:04 . 2011-07-11 07:14 24272 c:\windows\LastGood\system32\DRIVERS\AVGIDSFilter.sys <br/>+ 2012-07-19 03:04 . 2011-07-11 07:14 295248 c:\windows\LastGood\system32\DRIVERS\avgtdix.sys <br/>+ 2012-07-19 03:04 . 2011-10-07 12:23 230608 c:\windows\LastGood\system32\DRIVERS\avgldx86.sys <br/>+ 2012-07-19 03:04 . 2011-07-11 07:14 134608 c:\windows\LastGood\system32\DRIVERS\AVGIDSDriver.sys <br/>. <br/>((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>*Note* empty entries & legit default entries are not shown <br/>REGEDIT4 <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"Apoint"="c:\program files\Apoint\Apoint.exe" [2007-01-25 159744] <br/>"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-18 138008] <br/>"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-18 162584] <br/>"Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-18 138008] <br/>"SigmatelSysTrayApp"="stsystra.exe" [2007-02-19 303104] <br/>"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-10-25 2220032] <br/>"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136] <br/>"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240] <br/>"CarboniteSetupLite"="c:\program files\Carbonite\CarbonitePreinstaller.exe" [2009-08-04 318096] <br/>"MaxMenuMgr"="c:\program files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-09-26 185640] <br/>"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280] <br/>"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] <br/>"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] <br/>"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] <br/>"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888] <br/>"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-08 421776] <br/>"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] <br/>. <br/>[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] <br/>"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] <br/>2009-09-03 19:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1850764082-1516836322-1438872087-4819\Scripts\Logon\0\0] <br/>"Script"=content-filter-auth.bat <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1850764082-1516836322-1438872087-4819\Scripts\Logon\1\0] <br/>"Script"=UninstallDTS301.bat <br/>. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] <br/>@="Service" <br/>. <br/>[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] <br/>path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk <br/>backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup <br/>. <br/>[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Secunia PSI Tray.lnk] <br/>path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk <br/>backup=c:\windows\pss\Secunia PSI Tray.lnkCommon Startup <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY] <br/>2012-01-24 23:24 2416480 ----a-w- c:\program files\AVG\AVG2012\avgtray.exe <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] <br/>2009-02-27 00:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] <br/>2012-06-08 00:33 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv] <br/>2006-10-20 22:23 118784 ------w- c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] <br/>2012-04-19 01:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc] <br/>2006-08-17 14:00 1116920 ----a-w- c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] <br/>2010-02-18 21:40 2012912 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] <br/>2011-04-22 12:21 247728 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\security center] <br/>"AntiVirusOverride"=dword:00000001 <br/>"FirewallOverride"=dword:00000001 <br/>. <br/>[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] <br/>"%windir%\\system32\\sessmgr.exe"= <br/>. <br/>R0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys [5/19/2010 8:29 PM 32008] <br/>R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 10:25 AM 12872] <br/>R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2/17/2010 10:15 AM 66632] <br/>R2 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;c:\program files\Broadcom\ASFIPMon\AsfIpMon.exe [12/19/2006 2:21 PM 79432] <br/>R2 CSIScanner;CSIScanner;c:\program files\Prevx\prevx.exe [5/19/2010 8:29 PM 6393984] <br/>R2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [9/25/2009 11:32 PM 189736] <br/>R2 NgVpnMgr;Aventail VPN Client;c:\windows\system32\ngvpnmgr.exe [3/17/2010 2:55 PM 240816] <br/>R2 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys [5/19/2010 8:29 PM 76696] <br/>R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [1/10/2011 9:24 AM 399416] <br/>R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [4/22/2011 7:21 AM 92592] <br/>R3 NgLog;Aventail VPN Logging;c:\windows\system32\drivers\nglog.sys [3/17/2010 2:53 PM 27208] <br/>R3 NgVpn;Aventail VPN Adapter;c:\windows\system32\drivers\ngvpn.sys [3/17/2010 2:54 PM 79944] <br/>R3 pxkbf;pxkbf;c:\windows\system32\drivers\pxkbf.sys [5/19/2010 8:29 PM 26096] <br/>R3 SSLDrv;SSL-VPN NetExtender Adapter;c:\windows\system32\drivers\SSLDrv.sys [2/23/2009 4:55 PM 20504] <br/>R4 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys --> c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [?] <br/>R4 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys --> c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [?] <br/>R4 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys --> c:\windows\system32\DRIVERS\AVGIDSShim.Sys [?] <br/>R4 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys --> c:\windows\system32\DRIVERS\avgrkx86.sys [?] <br/>R4 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys --> c:\windows\system32\DRIVERS\avgtdix.sys [?] <br/>S0 ngbvsq;ngbvsq;c:\windows\system32\drivers\ymtt.sys --> c:\windows\system32\drivers\ymtt.sys [?] <br/>S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [7/4/2012 5:25 PM 4433248] <br/>S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [8/2/2011 7:09 AM 192776] <br/>S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9/26/2010 4:33 PM 136176] <br/>S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/13/2012 11:20 AM 250056] <br/>S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9/26/2010 4:33 PM 136176] <br/>S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/25/2012 6:08 AM 113120] <br/>S3 NgFilter;Aventail VPN Filter;c:\windows\system32\drivers\ngfilter.sys [3/17/2010 2:55 PM 22600] <br/>S3 NgWfp;Aventail VPN Callout;c:\windows\system32\drivers\ngwfp.sys [3/17/2010 2:55 PM 25160] <br/>S3 pnetmdm;PdaNet Modem;c:\windows\system32\drivers\pnetmdm.sys [2/28/2009 12:31 PM 9472] <br/>S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [9/1/2010 3:30 AM 15544] <br/>S3 rcvpn;SonicWALL VPN Adapter;c:\windows\system32\DRIVERS\rcvpn.sys --> c:\windows\system32\DRIVERS\rcvpn.sys [?] <br/>S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2/17/2010 10:15 AM 12872] <br/>S3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [1/10/2011 9:24 AM 993848] <br/>. <br/>--- Other Services/Drivers In Memory --- <br/>. <br/>*Deregistered* - Avgldx86 <br/>. <br/>Contents of the 'Scheduled Tasks' folder <br/>. <br/>2012-07-19 c:\windows\Tasks\Adobe Flash Player Updater.job <br/>- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 04:39] <br/>. <br/>2012-07-13 c:\windows\Tasks\AppleSoftwareUpdate.job <br/>- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57] <br/>. <br/>2012-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job <br/>- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-26 21:33] <br/>. <br/>2012-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job <br/>- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-26 21:33] <br/>. <br/>2012-07-19 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job <br/>- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 22:03] <br/>. <br/>. <br/>------- Supplementary Scan ------- <br/>. <br/>uInternet Settings,ProxyOverride = *.local <br/>TCP: DhcpNameServer = 192.168.1.1 <br/>DPF: {1BBB8666-9AF7-41D8-BA00-302E36F0C0DE} - hxxp://192.168.12.9/file/ViewXCtrl-66.cab <br/>FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\16mnymrc.default\ <br/>FF - prefs.js: browser.search.selectedEngine - Google <br/>FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ <br/>FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B05b9f78d-04a3-4f49-a0eb-151a01b14bae%7D&mid=c5be527a725347d6ae07d168362c5f2e-25a8548043bfb0416e524ff7870c41c78b98d84a&ds=AVG&v=11.1.0.12&lang=en&pr=fr&d=2011-12-02%2012%3A16%3A47&sap=ku&q= <br/>FF - prefs.js: network.proxy.type - 0 <br/>. <br/>- - - - ORPHANS REMOVED - - - - <br/>. <br/>WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) <br/>HKLM-Run-ROC_roc_dec12 - c:\program files\AVG Secure Search\ROC_roc_dec12.exe <br/>MSConfigStartUp-vProt - c:\program files\AVG Secure Search\vprot.exe <br/>. <br/>. <br/>. <br/>************************************************************************** <br/>. <br/>catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net <br/>Rootkit scan 2012-07-18 22:38 <br/>Windows 5.1.2600 Service Pack 3 NTFS <br/>. <br/>scanning hidden processes ... <br/>. <br/>scanning hidden autostart entries ... <br/>. <br/>scanning hidden files ... <br/>. <br/>scan completed successfully <br/>hidden files: 0 <br/>. <br/>************************************************************************** <br/>. <br/>Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net <br/>Windows 5.1.2600 <br/>. <br/>CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process. <br/>device: opened successfully <br/>user: error reading MBR <br/>kernel: MBR read successfully <br/>detected disk devices: <br/>detected hooks: <br/>\Driver\atapi DriverStartIo -> 0x8A8CF2E2 <br/>user != kernel MBR !!! <br/>. <br/>************************************************************************** <br/>. <br/>--------------------- LOCKED REGISTRY KEYS --------------------- <br/>. <br/>[HKEY_USERS\S-1-5-21-3141101339-2074966332-4040367415-500\Software\Microsoft\Internet Explorer\User Preferences] <br/>@Denied: (2) (Administrator) <br/>"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, <br/> d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,45,22,70,ac,e5,5f,87,46,8c,d1,44,\ <br/>"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, <br/> d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,45,22,70,ac,e5,5f,87,46,8c,d1,44,\ <br/>"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15, <br/> d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,45,22,70,ac,e5,5f,87,46,8c,d1,44,\ <br/>. <br/>--------------------- DLLs Loaded Under Running Processes --------------------- <br/>. <br/>- - - - - - - > 'winlogon.exe'(1620) <br/>c:\windows\system32\WININET.dll <br/>c:\program files\SUPERAntiSpyware\SASWINLO.dll <br/>. <br/>- - - - - - - > 'lsass.exe'(1732) <br/>c:\windows\system32\WININET.dll <br/>. <br/>- - - - - - - > 'explorer.exe'(2644) <br/>c:\windows\system32\WININET.dll <br/>c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll <br/>c:\windows\system32\ieframe.dll <br/>c:\windows\system32\webcheck.dll <br/>c:\windows\system32\WPDShServiceObj.dll <br/>c:\windows\system32\PortableDeviceTypes.dll <br/>c:\windows\system32\PortableDeviceApi.dll <br/>. <br/>Completion time: 2012-07-18 22:44:26 <br/>ComboFix-quarantined-files.txt 2012-07-19 03:44 <br/>ComboFix2.txt 2012-07-19 02:02 <br/>ComboFix3.txt 2012-02-13 23:53 <br/>ComboFix4.txt 2012-01-22 18:38 <br/>ComboFix5.txt 2012-07-19 03:20 <br/>. <br/>Pre-Run: 8,821,608,448 bytes free <br/>Post-Run: 8,808,038,400 bytes free <br/>. <br/>- - End Of File - - 72578FC726D8BFE17957DB099A979C8A
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Sunday, December 4, 2016, 12:54 AM (GMT +1)
There are a total of 61,160 posts in 13,449 threads.
In the last 3 days there were 3 new threads and 4 reply posts.

Who's online

This forum has 37,968 registered members. Please welcome our newest member, Old shape.
There are currently no users on-line.