Search engine redirects to spam sites

Sidebar Sidebar
F

fraudulent_miracle

Distinguished
Sep 21, 2006
4
0
18,510
Hello everyone,

As of yesterday, i've been having a problem with searching queries in google, yahoo, bing, etc. Anytime I try to search, it redirects to some random malware/spam website. i'm not sure how to get rid of it; this is the first time I've been bugged by this. i thought it was perhaps a browser issue (using chrome) so i used google on firefox and IE and all of them yielded the same results. I did a whole system restore and it came back. I used various programs such as hijack this and still no solution yet. I'm wondering if any of you are having the same problem and what are you doing to alleviate, or much rather, eliminate the situation.


-here's what i'm running:
windows 7 home premium 64 bit

 
Sort by date Sort by votes
F

fraudulent_miracle

Distinguished
Sep 21, 2006
4
0
18,510
Hi nikorr,

i've just completed the steps you've suggested me. However, the problem still exists! It doesn't take as long to load content and such, but using google or any other search engine still redirects me. It's getting really frustrating. is anyone else having a similar issue?
 
Upvote 0 Downvote
F

fraudulent_miracle

Distinguished
Sep 21, 2006
4
0
18,510
Deleting the temp files hasn't had any affect on the redirects. I'm looking over the txt file from the combofix scan and I'm not entirely sure what i'm looking within it. In the meantime, i'm updating everything from windows updates to other malware programs.
 
Upvote 0 Downvote
F

fraudulent_miracle

Distinguished
Sep 21, 2006
4
0
18,510
hey nikorr,ComboFix 11-10-18.01 - The Camamas 10/18/2011 2:46.2.1 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3002.2459 [GMT -7:00]
Running from: c:\users\The Camamas\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-09-18 to 2011-10-18 )))))))))))))))))))))))))))))))
.
.
2011-10-18 09:50 . 2011-10-18 09:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-18 09:28 . 2011-10-18 09:28 -------- d--h--w- c:\programdata\CanonBJ
2011-10-18 09:28 . 2008-02-26 12:00 82944 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPP9I.DLL
2011-10-18 09:28 . 2008-02-26 12:00 27648 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPD9I.DLL
2011-10-18 09:28 . 2011-10-18 09:28 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2011-10-18 09:28 . 2008-02-26 12:00 279040 ----a-w- c:\windows\system32\CNMLM9I.DLL
2011-10-18 09:28 . 2008-02-08 22:38 236032 ----a-w- c:\windows\system32\CNC190L.DLL
2011-10-18 09:28 . 2007-11-09 18:59 1335296 ----a-w- c:\windows\system32\CNC190C.DLL
2011-10-18 09:28 . 2007-11-09 18:59 92672 ----a-w- c:\windows\system32\CNC190I.DLL
2011-10-18 09:28 . 2007-03-15 21:13 229888 ----a-w- c:\windows\system32\CNC190O.DLL
2011-10-18 09:28 . 2011-10-18 09:28 -------- d--h--w- c:\program files\CanonBJ
2011-10-17 21:42 . 2011-10-17 21:42 -------- d-----w- c:\programdata\Malwarebytes
2011-10-17 21:42 . 2011-10-17 21:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-10-17 21:42 . 2011-09-01 00:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-17 08:32 . 2011-10-17 08:32 -------- d-----w- c:\program files (x86)\Trend Micro
2011-10-17 08:14 . 2011-10-17 08:14 -------- d-----w- c:\programdata\Norton
2011-10-17 05:48 . 2011-10-17 05:48 -------- d-----w- c:\windows\NAPP_Dism_Log
2011-10-17 05:22 . 2011-09-21 16:00 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D254122D-9E2C-42DE-B6D6-DFA4C26814A2}\mpengine.dll
2011-10-17 05:22 . 2011-05-25 02:14 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-10-17 05:21 . 2006-11-29 20:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
2011-10-17 05:21 . 2006-11-29 20:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2011-10-17 05:21 . 2011-10-17 05:21 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-10-17 05:19 . 2011-10-17 05:19 -------- d-----w- c:\program files (x86)\Microsoft
2011-10-17 05:19 . 2011-10-17 05:19 -------- d-----w- c:\program files (x86)\Windows Live SkyDrive
2011-10-17 05:18 . 2011-10-17 05:23 -------- d-----w- c:\program files (x86)\Windows Live
2011-10-17 05:14 . 2011-10-17 05:14 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2011-10-17 05:13 . 2011-10-17 05:13 -------- d-----w- c:\program files (x86)\Common Files\CyberLink
2011-10-17 05:12 . 2011-10-17 05:13 -------- d-----w- c:\program files (x86)\CyberLink
2011-10-17 05:11 . 2011-10-17 05:10 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2011-10-17 05:11 . 2011-10-17 05:10 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-10-17 05:11 . 2011-10-17 05:10 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-10-17 05:07 . 2011-10-17 05:07 -------- d-----w- c:\program files\Synaptics
2011-10-17 05:06 . 2011-10-17 05:06 -------- d-----w- c:\program files (x86)\Acer Crystal Eye webcam
2011-10-17 05:06 . 2011-10-17 05:06 -------- d-----w- C:\MyWinLockerData
2011-10-17 05:04 . 2011-10-17 05:04 -------- d-----w- c:\program files (x86)\Launch Manager
2011-10-17 05:03 . 2011-10-17 05:03 -------- d---a-w- C:\book
2011-10-17 05:02 . 2011-10-17 05:02 -------- d-----w- c:\program files (x86)\OEM
2011-10-17 05:02 . 2011-10-17 05:02 -------- d-----w- c:\programdata\OEM_E471269A730D
2011-10-17 04:59 . 2011-10-17 05:03 -------- d-----w- c:\users\The Camamas
2011-10-17 04:59 . 2011-10-17 04:59 -------- d-----w- C:\Recovery
2011-10-17 04:55 . 2011-10-17 04:55 3 ----a-w- c:\windows\system32\PLD_Framework.cmd
2011-10-17 04:53 . 2011-10-17 04:53 -------- d-----w- c:\windows\SysWow64\x64
2011-10-17 04:53 . 2011-10-17 04:53 -------- d-----w- c:\windows\SysWow64\Lang
2011-10-17 04:53 . 2010-03-15 02:17 1002008 ----a-w- c:\windows\SysWow64\igxpun.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-18_04.25.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-18 09:28 . 2006-11-06 23:13 98304 c:\windows\twain_32\MP190 series\softfare.dll
+ 2011-10-18 09:28 . 2006-01-12 21:22 73728 c:\windows\twain_32\MP190 series\RSTCOL.DLL
+ 2011-10-18 09:28 . 2007-11-07 19:02 38646 c:\windows\twain_32\MP190 series\IPM.DAT
+ 2011-10-18 09:28 . 2007-05-16 03:26 77824 c:\windows\twain_32\MP190 series\IJFSHLIB.DLL
+ 2011-10-18 09:28 . 2006-04-13 22:43 53248 c:\windows\twain_32\MP190 series\HSL.DLL
+ 2011-10-18 09:28 . 2008-02-13 21:07 49224 c:\windows\twain_32\MP190 series\CNC190P.DAT
+ 2011-10-18 09:28 . 2007-06-06 00:15 86016 c:\windows\twain_32\MP190 series\CAPS.DLL
+ 2011-10-18 09:28 . 2005-04-15 22:34 57344 c:\windows\twain_32\MP190 series\BaLCo.dll
+ 2011-10-18 09:28 . 2006-11-29 21:39 73728 c:\windows\twain_32\MP190 series\AG.DLL
- 2011-10-17 05:08 . 2011-10-18 04:13 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-10-17 05:08 . 2011-10-18 04:53 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-10-17 07:06 . 2011-10-18 04:35 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012011101720111018\index.dat
- 2011-10-17 07:06 . 2011-10-17 22:19 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012011101720111018\index.dat
+ 2011-10-17 05:09 . 2011-10-18 04:53 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat
- 2011-10-17 05:09 . 2011-10-18 04:13 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat
+ 2009-07-14 05:10 . 2011-10-18 04:28 35806 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-10-18 09:28 . 2008-02-26 12:00 11776 c:\windows\system32\spool\drivers\x64\3\CNMW69I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 11264 c:\windows\system32\spool\drivers\x64\3\CNMW39I.DLL
+ 2011-10-18 09:28 . 2008-02-25 15:49 47440 c:\windows\system32\spool\drivers\x64\3\CNMVS9I.EXE
+ 2011-10-18 09:28 . 2008-02-26 12:00 15360 c:\windows\system32\spool\drivers\x64\3\CNMVS9I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 77312 c:\windows\system32\spool\drivers\x64\3\CNMSR9I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 44544 c:\windows\system32\spool\drivers\x64\3\CNMSQ9I.DLL
+ 2011-10-18 09:28 . 2008-02-25 15:48 18768 c:\windows\system32\spool\drivers\x64\3\CNMSE9I.EXE
+ 2011-10-18 09:28 . 2008-02-26 12:00 49152 c:\windows\system32\spool\drivers\x64\3\CNMSD9I.DLL
+ 2011-10-18 09:28 . 2008-02-26 07:00 30320 c:\windows\system32\spool\drivers\x64\3\CNMP29I.DAT
+ 2011-10-18 09:28 . 2008-02-26 07:00 27140 c:\windows\system32\spool\drivers\x64\3\CNMP19I.DAT
+ 2011-10-18 09:28 . 2008-02-26 07:00 23280 c:\windows\system32\spool\drivers\x64\3\CNMP09I.DAT
+ 2011-10-18 09:28 . 2008-02-26 12:00 30208 c:\windows\system32\spool\drivers\x64\3\CNMOP9I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 71168 c:\windows\system32\spool\drivers\x64\3\CNMLH9I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 10240 c:\windows\system32\spool\drivers\x64\3\CNMFU9I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 33792 c:\windows\system32\spool\drivers\x64\3\CNMEI9I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 11264 c:\windows\system32\spool\drivers\x64\3\CNMBU9I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 38912 c:\windows\system32\spool\drivers\x64\3\CNMBS9I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 11264 c:\windows\system32\spool\drivers\x64\3\CNMBM9I.DLL
+ 2009-07-14 05:30 . 2011-10-18 09:35 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2011-10-17 05:09 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-10-18 09:28 . 2006-11-06 23:13 98304 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\softfare.dll
+ 2011-10-18 09:28 . 2006-01-12 21:22 73728 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\RSTCOL.DLL
+ 2011-10-18 09:28 . 2007-05-16 03:26 77824 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\IJFSHLIB.DLL
+ 2011-10-18 09:28 . 2006-04-13 22:43 53248 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\HSL.DLL
+ 2011-10-18 09:28 . 2007-06-06 00:15 86016 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\CAPS.DLL
+ 2011-10-18 09:28 . 2005-04-15 22:34 57344 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\BaLCo.dll
+ 2011-10-18 09:28 . 2006-11-29 21:39 73728 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\AG.DLL
+ 2011-10-18 09:28 . 2007-11-09 18:59 92672 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\MP190\x64\CNC190I.DLL
+ 2011-10-18 09:28 . 2007-11-07 19:02 38646 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\MP190\IPM.DAT
+ 2011-10-18 09:28 . 2008-02-13 21:07 49224 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\MP190\CNC190P.DAT
+ 2011-10-18 09:28 . 2008-02-26 12:00 11776 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMW6.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 11264 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMW3.DLL
+ 2011-10-18 09:28 . 2008-02-25 15:49 47440 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMVS.EXE
+ 2011-10-18 09:28 . 2008-02-26 12:00 15360 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMVS.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 44032 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMSRJ.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 77312 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMSR.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 38912 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMSMSDK.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 49152 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMSMSD.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 33792 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMSMOPT.DLL
+ 2011-10-18 09:28 . 2008-02-25 15:48 18768 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMSE.EXE
+ 2011-10-18 09:28 . 2008-02-26 12:00 44544 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMQUEUE.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 82944 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMPP.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 11264 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMPMSDK.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 11264 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMPDSDK.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 27648 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMPD.DLL
+ 2011-10-18 09:28 . 2008-02-26 07:00 30320 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMP2.DAT
+ 2011-10-18 09:28 . 2008-02-26 07:00 27140 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMP1.DAT
+ 2011-10-18 09:28 . 2008-02-26 07:00 23280 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMP0.DAT
+ 2011-10-18 09:28 . 2008-02-26 12:00 30208 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMOP9I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 91136 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMLRJ.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 71168 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMLH.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 10240 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMFUS.DLL
+ 2009-07-14 00:35 . 2009-07-14 00:35 41984 c:\windows\system32\drivers\usbscan.sys
- 2011-10-17 04:56 . 2011-10-17 22:57 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-10-17 04:56 . 2011-10-18 09:40 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-10-17 04:56 . 2011-10-17 22:57 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-10-17 04:56 . 2011-10-18 09:40 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-10-18 09:40 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-17 22:57 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-10-18 09:28 . 2008-02-14 18:56 49664 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series\RES\DLL\IJInstUS.dll
+ 2011-10-18 09:28 . 2008-02-14 18:56 38912 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series\RES\DLL\IJInstJP.dll
- 2011-10-17 06:58 . 2011-10-18 04:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-10-17 06:58 . 2011-10-18 09:51 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-10-17 06:58 . 2011-10-18 04:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-10-17 06:58 . 2011-10-18 09:51 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-10-18 09:28 . 2007-01-26 22:44 4608 c:\windows\twain_32\MP190 series\USDRESUS.DLL
+ 2011-10-18 09:28 . 2007-01-26 22:44 4096 c:\windows\twain_32\MP190 series\USDRESJP.DLL
+ 2011-10-18 09:40 . 2011-10-18 09:40 1858 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2011-10-17 06:59 . 2011-10-18 04:29 3492 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-421085074-1657083802-1334669952-1001_UserData.bin
+ 2011-10-18 09:28 . 2008-02-26 12:00 9216 c:\windows\system32\spool\drivers\x64\3\CNML29I.DLL
+ 2011-10-18 09:23 . 2011-10-18 09:23 9560 c:\windows\system32\NetworkList\Icons\{9B9531B5-BB14-46E1-BFD6-85250DEC3F00}_48.bin
+ 2011-10-18 09:23 . 2011-10-18 09:23 4280 c:\windows\system32\NetworkList\Icons\{9B9531B5-BB14-46E1-BFD6-85250DEC3F00}_32.bin
+ 2011-10-18 09:23 . 2011-10-18 09:23 2456 c:\windows\system32\NetworkList\Icons\{9B9531B5-BB14-46E1-BFD6-85250DEC3F00}_24.bin
+ 2011-10-18 09:28 . 2007-01-26 22:44 4608 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\USDRESUS.DLL
+ 2011-10-18 09:28 . 2007-01-26 22:44 4096 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\USDRESJP.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 9216 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMLH2.DLL
- 2011-10-18 04:12 . 2011-10-18 04:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-10-18 09:51 . 2011-10-18 09:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-10-18 09:51 . 2011-10-18 09:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-10-18 04:12 . 2011-10-18 04:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-10-18 09:28 . 2007-02-07 04:00 258048 c:\windows\twain_32\MP190 series\USIP.DLL
+ 2011-10-18 09:28 . 2007-11-07 17:28 524288 c:\windows\twain_32\MP190 series\TPM.DLL
+ 2011-10-18 09:28 . 2005-02-03 01:34 118784 c:\windows\twain_32\MP190 series\SCRPRMV.DLL
+ 2011-10-18 09:28 . 2007-11-07 17:27 147456 c:\windows\twain_32\MP190 series\SCANINTF.DLL
+ 2011-10-18 09:28 . 2006-12-13 18:28 122880 c:\windows\twain_32\MP190 series\MC2.DLL
+ 2011-10-18 09:28 . 2004-06-07 19:58 290816 c:\windows\twain_32\MP190 series\libBLC.dll
+ 2011-10-18 09:28 . 2004-08-27 00:07 114688 c:\windows\twain_32\MP190 series\ITLIB32.DLL
+ 2011-10-18 09:28 . 2007-11-07 17:27 135168 c:\windows\twain_32\MP190 series\IPM.DLL
+ 2011-10-18 09:28 . 2007-11-07 17:27 184320 c:\windows\twain_32\MP190 series\IOP.DLL
+ 2011-10-18 09:28 . 2007-03-19 21:06 143360 c:\windows\twain_32\MP190 series\CUBS.DLL
+ 2011-10-18 09:28 . 2005-08-24 22:51 126976 c:\windows\twain_32\MP190 series\CFine2.dll
+ 2011-10-17 10:39 . 2011-10-18 08:28 181688 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2011-10-18 09:28 . 2008-02-26 12:00 391168 c:\windows\system32\spool\drivers\x64\3\CNMUR9I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 309760 c:\windows\system32\spool\drivers\x64\3\CNMUB9I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 493056 c:\windows\system32\spool\drivers\x64\3\CNMSM9I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 814592 c:\windows\system32\spool\drivers\x64\3\CNMSB9I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 119296 c:\windows\system32\spool\drivers\x64\3\CNMPV9I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 165888 c:\windows\system32\spool\drivers\x64\3\CNMLR9I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 636928 c:\windows\system32\spool\drivers\x64\3\CNMDR9I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 298496 c:\windows\system32\spool\drivers\x64\3\CNMD59I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 101888 c:\windows\system32\spool\drivers\x64\3\CNMCP9I.DLL
+ 2009-07-14 02:36 . 2011-10-18 09:45 615122 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-10-18 09:45 103496 c:\windows\system32\perfc009.dat
+ 2009-07-14 05:30 . 2011-10-18 09:35 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-10-17 05:09 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-10-17 05:09 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2011-10-18 09:28 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2011-10-18 09:28 . 2007-02-07 04:00 258048 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\USIP.DLL
+ 2011-10-18 09:28 . 2007-11-07 17:28 524288 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\TPM.DLL
+ 2011-10-18 09:28 . 2007-11-07 17:27 147456 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\SCANINTF.DLL
+ 2011-10-18 09:28 . 2006-12-13 18:28 122880 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\MC2.DLL
+ 2011-10-18 09:28 . 2004-06-07 19:58 290816 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\libBLC.dll
+ 2011-10-18 09:28 . 2004-08-27 00:07 114688 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\ITLIB32.DLL
+ 2011-10-18 09:28 . 2007-11-07 17:27 135168 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\IPM.DLL
+ 2011-10-18 09:28 . 2007-11-07 17:27 184320 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\IOP.DLL
+ 2011-10-18 09:28 . 2007-03-19 21:06 143360 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\CUBS.DLL
+ 2011-10-18 09:28 . 2005-08-24 22:51 126976 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\CFine2.dll
+ 2011-10-18 09:28 . 2007-03-15 21:13 229888 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x64\cncisco.dll
+ 2011-10-18 09:28 . 2005-02-03 01:34 118784 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\MP190\x86\SCRPRMV.DLL
+ 2011-10-18 09:28 . 2008-02-08 22:38 236032 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\MP190\x64\CNC190L.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 282624 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMURJ.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 391168 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMUR.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 493056 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMSTMN.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 119296 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMPV.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 814592 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMP_342.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 165888 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMLR.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 279040 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMLMON2.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 298496 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMDUMP5.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 636928 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMDRV.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 309760 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMBR342.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 101888 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNM_0342.DLL
+ 2011-10-18 09:28 . 2009-05-26 17:21 936792 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series\DelDrv.exe
+ 2011-10-18 08:45 . 2011-10-18 04:12 245760 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-10-18 09:28 . 2007-11-07 17:29 1175552 c:\windows\twain_32\MP190 series\SGUI.DLL
+ 2011-10-18 09:28 . 2007-11-07 17:27 1040384 c:\windows\twain_32\MP190 series\SGRES_US.DLL
+ 2011-10-18 09:28 . 2007-11-07 17:27 1011712 c:\windows\twain_32\MP190 series\SGRES_JP.DLL
+ 2011-10-18 09:28 . 2006-12-01 16:24 1159168 c:\windows\twain_32\MP190 series\SGCFLTR.DLL
+ 2011-10-18 09:28 . 2008-02-21 18:29 3724256 c:\windows\twain_32\MP190 series\CNC190.DAT
+ 2011-10-18 09:28 . 2008-02-26 12:00 2793984 c:\windows\system32\spool\drivers\x64\3\CNMUI9I.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 1599488 c:\windows\system32\spool\drivers\x64\3\CNMCB9I.DLL
+ 2011-10-18 09:28 . 2007-11-07 17:29 1175552 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\SGUI.DLL
+ 2011-10-18 09:28 . 2007-11-07 17:27 1040384 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\SGRES_US.DLL
+ 2011-10-18 09:28 . 2007-11-07 17:27 1011712 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\SGRES_JP.DLL
+ 2011-10-18 09:28 . 2006-12-01 16:24 1159168 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\SGCFLTR.DLL
+ 2011-10-18 09:28 . 2007-11-09 18:59 1335296 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\MP190\x64\CNC190C.DLL
+ 2011-10-18 09:28 . 2008-02-21 18:29 3724256 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\MP190\CNC190.DAT
+ 2011-10-18 09:28 . 2008-02-26 12:00 2793984 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMUI.DLL
+ 2011-10-18 09:28 . 2008-02-26 12:00 1599488 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMPCOM2.DLL
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:03 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-04-08 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-24 284696]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-02-01 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192]
"BkupTray"="c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-07 34040]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-24 588648]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-17 135664]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-17 135664]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 225280]
R4 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2010-04-08 332272]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-06 865824]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-24 13336]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-07 50424]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-17 05:08]
.
2011-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-17 05:08]
.
2011-10-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421085074-1657083802-1334669952-1001Core.job
- c:\users\The Camamas\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-17 05:07]
.
2011-10-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421085074-1657083802-1334669952-1001UA.job
- c:\users\The Camamas\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-17 05:07]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2010-04-08 05:00 750064 ----a-w- c:\programdata\Partner\Partner64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-23 10134560]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-02-01 349552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-15 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-15 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-15 365592]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-06 860192]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5334&r=27361011y415l0474z195t45i2m885
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5334&r=27361011y415l0474z195t45i2m885
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\The Camamas\AppData\Roaming\Mozilla\Firefox\Profiles\1qg95ftv.default\
FF - prefs.js: browser.startup.homepage - hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5334&r=27361011y415l0474z195t45i2m885
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Launch Manager\LMworker.exe
c:\windows\SysWOW64\ping.exe
.
**************************************************************************
.
Completion time: 2011-10-18 02:56:48 - machine was rebooted
ComboFix-quarantined-files.txt 2011-10-18 09:56
ComboFix2.txt 2011-10-18 04:31
.
Pre-Run: 206,691,573,760 bytes free
Post-Run: 206,654,103,552 bytes free
.
- - End Of File - - D6EAF0398CBF975EAD088050DB4EFD84




here's the txt file from the combofix scan:

Area51: i'll try that program out asap. thanks for the suggestion, and i'll let you know the result. Appreciating all your help, guys :)
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

A
Question Relentlessly getting hacked :(
Replies
1
Views
5K
Laptop General Discussion
Boristheengineer
B
Ali06
  • Locked
  • Question
Question Video playing in the background at the same time while I was watching another video on YouTube?
Replies
1
Views
4K
Laptop General Discussion
rgd1101
rgd1101
R
  • Locked
  • Question
Question Use TV as Smart Display
Replies
1
Views
7K
Streaming Video & TVs
hang-the-9
hang-the-9
hleerose
  • Locked
  • Solved
Solved! Searching on Google Chrome redirects to Yahoo Search
Replies
3
Views
24K
Antivirus / Security / Privacy
Stacey8490
Stacey8490
pati_yeet
  • Solved
Solved! Keep getting random videos playing in the background and sometimes get google searches redirected to trovi
Replies
7
Views
7K
Apps General Discussion
pati_yeet
pati_yeet

TRENDING THREADS

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom