Jump to content

Google redirct Virus


Recommended Posts

I believe my pc has a virus. Using IE Google bagan automatically redirecting to google.de about 2 weeks ago. Now my homepage tells me I have no internet connection, when in fact I do. If you manually type a website it works but any search yields the same internet connection issue. I have tried running anitmalware with no luck. I ran combo fix and here are the results. Thanks for your help in adavance.

ComboFix 09-10-01.01 - Administrator 10/01/2009 19:19.3.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2018.1497 [GMT -4:00]

Running from: c:\combo-fix\Combo-Fix.exe

.

((((((((((((((((((((((((( Files Created from 2009-09-01 to 2009-10-01 )))))))))))))))))))))))))))))))

.

2009-09-25 21:10 . 2009-09-25 21:10 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache

2009-09-23 21:09 . 2009-09-23 21:10 -------- dc-h--w- c:\windows\ie8

2009-09-23 21:08 . 2009-07-03 17:09 12800 ------w- c:\windows\system32\dllcache\xpshims.dll

2009-09-23 21:08 . 2009-07-03 17:09 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll

2009-09-23 19:32 . 2009-09-23 19:32 -------- d-----w- c:\documents and settings\Administrator\Application Data\Yahoo!

2009-09-09 19:47 . 2009-09-09 19:47 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes

2009-09-09 19:47 . 2009-09-09 19:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-09-09 18:12 . 2009-10-01 22:32 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2009-09-09 16:07 . 2009-09-09 19:54 -------- d-sh--w- c:\documents and settings\All Users\Application Data\6f621ba

2009-09-08 19:13 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll

2009-09-05 22:09 . 2009-09-12 21:21 -------- d-----w- c:\documents and settings\Administrator\Application Data\HpUpdate

2009-09-05 22:08 . 2009-09-05 22:08 -------- d-----w- c:\windows\Hewlett-Packard

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-09-27 13:08 . 2008-10-14 21:37 -------- d-----w- c:\program files\Spybot - Search & Destroy

2009-09-27 13:08 . 2008-10-14 21:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2009-09-23 20:49 . 2008-11-03 19:56 -------- d-----w- c:\program files\Google

2009-09-23 20:48 . 2008-04-08 23:32 -------- d-----w- c:\program files\Yahoo!

2009-09-23 20:46 . 2009-03-25 11:45 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8

2009-09-10 20:26 . 2009-02-09 18:34 -------- d-----w- c:\program files\Coupons

2009-09-09 17:22 . 2009-08-09 23:20 -------- d-----w- c:\program files\Microsoft Silverlight

2009-08-05 09:01 . 2006-02-28 02:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll

2009-07-17 19:01 . 2006-02-28 02:00 58880 ----a-w- c:\windows\system32\atl.dll

2009-07-14 03:43 . 2006-02-28 02:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll

2009-07-07 21:53 . 2008-11-27 15:50 256 ----a-w- c:\windows\system32\pool.bin

.

((((((((((((((((((((((((((((( SnapShot@2009-10-01_22.44.34 )))))))))))))))))))))))))))))))))))))))))

.

- 2006-04-25 17:43 . 2009-10-01 22:38 72108 c:\windows\system32\perfc009.dat

+ 2006-04-25 17:43 . 2009-10-01 23:09 72108 c:\windows\system32\perfc009.dat

+ 2006-04-25 17:43 . 2009-10-01 23:09 444358 c:\windows\system32\perfh009.dat

- 2006-04-25 17:43 . 2009-10-01 22:38 444358 c:\windows\system32\perfh009.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-06-13 142104]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-06-13 162584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2007-06-13 138008]

"atchk"="c:\program files\Intel\AMT\atchk.exe" [2007-06-07 408344]

"SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824]

"Recguard"="c:\windows\Sminst\Recguard.exe" [2006-05-12 1138688]

"Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-31 761856]

"Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-07-10 872448]

"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-04-26 1015808]

"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2008-09-19 615696]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

HP Digital Imaging Monitor.lnk - c:\program files\Hp\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

NETGEAR WPN311 Smart Wizard.lnk - c:\program files\NETGEAR\WPN311\wlancfg5.exe [2006-12-4 1503232]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\WINDOWS\\SMINST\\Scheduler.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\LimeWire\\LimeWire.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\Unload\\HpqDIA.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqnrs08.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

R2 UNS;Intel

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this Topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.