Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Google Redirect Virus


  • This topic is locked This topic is locked
2 replies to this topic

#1 snakerbot

snakerbot

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:54 PM

Posted 20 July 2009 - 07:27 PM

My computer recently got infected with the Google redirect virus. I've got the usual symptoms, my search results send me to other pages instead of the one it's supposed to. Usually I get other search sites, but once it sent me to a youtube video. It doesn't redirect every time, maybe 1 in every 3 times. What's more, I can't run Malwarebytes at all. I tried uninstalling and installing the newest version but it still won't work. When I try to run it, nothing happens. I have heard that SUPERantispyware can also get rid of the virus, but every time I try to run the installer, it says "SUPERAntiSpyware Free Edition has encountered a problem and needs to close. We are sorry for the inconvenience." Thanks in advance for any help. My DDS log is below:



DDS (Ver_09-06-26.01) - NTFSx86
Run by David at 19:18:17.59 on Mon 07/20/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_14
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2047.1391 [GMT -5:00]


============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Sizer\sizer.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\Program Files\National Instruments\MAX\nimxs.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\StkASv2K.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\David\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - No File
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
dRun: [braviax] c:\windows\system32\braviax.exe
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\sizer.lnk - c:\program files\sizer\sizer.exe
uPolicies-explorer: NoViewOnDrive = 0 (0x0)
uPolicies-system: RunStartupScriptSync = 1 (0x1)
mPolicies-system: RunStartupScriptSync = 1 (0x1)
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.2.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://go.divx.com/plugin/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 85.255.112.133,85.255.112.177
TCP: {67C15253-1748-471B-B41E-52C7892132AB} = 85.255.112.133,85.255.112.177
TCP: {9A422955-BB83-4F95-A683-864DA7AA3BF8} = 85.255.112.133,85.255.112.177
Notify: AtiExtEvent - Ati2evxx.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\david\applic~1\mozilla\firefox\profiles\l7ibtwas.default\
FF - prefs.js: browser.search.selectedEngine - UserLogos
FF - prefs.js: browser.startup.homepage - chrome://newtabking/content/ntk_out.htm
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?q=
FF - component: c:\documents and settings\david\application data\mozilla\firefox\profiles\l7ibtwas.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc.dll
FF - plugin: c:\documents and settings\david\local settings\application data\google\update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPCIG.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPLV82Win32.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nplv85win32.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npSwirl3.dll
FF - plugin: c:\program files\photosynth\npPhotosynthMozilla.dll
FF - plugin: c:\program files\pinecoast\npSwirl3.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\windows\microsoft.net\framework\v4.0.20506\wpf\NPWPF.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v4.0.20506\wpf\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
user_pref('capability.policy.policynames', 'localfilelinks');user_pref('capability.policy.localfilelinks.sites', 'hxxp://www.webmynd.com http://www.google.com');user_pref('...ri.enabled', 'allAccess');c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2008-7-31 20616]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-7-7 611664]
S2 gupdate1c993941bf5e534;Google Update Service (gupdate1c993941bf5e534);c:\program files\google\update\GoogleUpdate.exe [2009-2-20 133104]
S3 clr_optimization_v4.0.20506_32;.NET Runtime Optimization Service v4.0.20506_X86;c:\windows\microsoft.net\framework\v4.0.20506\mscorsvw.exe [2009-5-6 104272]
S3 CrystalSysInfo;CrystalSysInfo;\??\c:\program files\mediacoder\sysinfo.sys --> c:\program files\mediacoder\SysInfo.sys [?]
S3 ewdmaudn;ewdmaudn;\??\c:\docume~1\david\locals~1\temp\ewdmaudn.sys --> c:\docume~1\david\locals~1\temp\ewdmaudn.sys [?]
S3 FANTOM;LEGO MINDSTORMS NXT Driver;c:\windows\system32\drivers\fantom.sys [2007-11-9 39424]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2008-7-2 26248]
S3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\drivers\tap0801.sys [2006-10-1 26624]
S3 wsvad_driver;WS Audio Device;c:\windows\system32\drivers\VirtualAudio.sys [2009-4-6 16896]

============== File Associations ===============

regfile=regedit.exe "%1" %*
scrfile="%1" %*

=============== Created Last 30 ================

2009-07-20 17:40 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-20 17:40 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-07-20 17:40 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-07-20 17:18 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
2009-07-20 04:00 194,362 a------- c:\windows\system32\drivers\windrvr6.sys
2009-07-20 03:59 <DIR> --d----- c:\documents and settings\david\Medtronic
2009-07-19 00:58 8,704 a------- c:\windows\system32\braviax.exe
2009-07-19 00:58 84 a------- c:\windows\system32\delself.bat
2009-07-16 01:16 54,156 a---h--- c:\windows\QTFont.qfn
2009-07-16 01:16 1,409 a------- c:\windows\QTFont.for
2009-07-08 19:49 <DIR> --d----- c:\program files\common files\DivX Shared
2009-07-04 20:33 <DIR> --d----- c:\docume~1\david\applic~1\fretsonfire
2009-07-01 02:08 19,584 ac------ c:\windows\system32\dllcache\rasirda.sys
2009-07-01 02:08 19,584 a------- c:\windows\system32\drivers\rasirda.sys
2009-07-01 02:08 87,424 ac------ c:\windows\system32\dllcache\irda.sys
2009-07-01 02:08 87,424 a------- c:\windows\system32\drivers\irda.sys
2009-07-01 02:06 31,048 ac------ c:\windows\system32\dllcache\irstusb.sys
2009-07-01 02:06 31,048 a------- c:\windows\system32\drivers\irstusb.sys
2009-07-01 02:06 <DIR> --d----- c:\program files\iFoundry Systems
2009-07-01 02:04 <DIR> --d----- c:\program files\common files\Crystal Decisions
2009-07-01 02:04 <DIR> --d----- c:\program files\Deltec
2009-06-25 23:43 28,672 a------- c:\windows\system32\regclass.dll
2009-06-24 15:46 <DIR> --d----- c:\docume~1\david\applic~1\Broad Intelligence
2009-06-24 15:35 <DIR> --d----- c:\docume~1\david\applic~1\HandBrake
2009-06-24 15:32 <DIR> --d----- c:\program files\HandBrake
2009-06-24 15:24 <DIR> --d----- c:\program files\Wondershare
2009-06-23 20:18 37,888 ---shr-- c:\windows\system32\RLMPCDec.ax
2009-06-23 20:18 161,792 ---shr-- c:\windows\system32\RealMediaDX.ax
2009-06-23 20:18 54,784 ---shr-- c:\windows\system32\RLAPEDec.ax
2009-06-23 20:18 216,064 ---shr-- c:\windows\system32\nbDX.dll
2009-06-23 20:18 169,472 ---shr-- c:\windows\system32\MatroskaDX.ax
2009-06-23 20:18 163,328 ---shr-- c:\windows\system32\flvDX.dll
2009-06-23 20:18 31,232 ---shr-- c:\windows\system32\msfDX.dll
2009-06-23 20:18 227,328 ---shr-- c:\windows\system32\ac3DX.ax
2009-06-23 20:18 123,904 ---shr-- c:\windows\system32\AVCDX.ax
2009-06-23 20:18 <DIR> --d----- c:\program files\eRightSoft
2009-06-23 17:38 111 a------- c:\windows\Sansa Media Converter.INI
2009-06-23 17:36 14,608 a------- c:\windows\system32\iviaspi.sys
2009-06-23 17:36 <DIR> --d----- c:\program files\SanDisk
2009-06-22 18:49 <DIR> --d----- c:\windows\B56957059A0B4FBA84AD5F44F3596082.TMP

==================== Find3M ====================

2009-06-14 14:36 359,040 a------- c:\windows\system32\drivers\tcpip.sys
2009-06-08 16:30 629,760 a------- c:\windows\ElectricSheep_2_7b17.scr
2009-06-05 02:01 9,214,464 a------- c:\windows\avcodec-52.dll
2009-06-05 02:01 745,984 a------- c:\windows\avformat-52.dll
2009-06-05 02:01 218,624 a------- c:\windows\swscale-0.dll
2009-06-05 02:01 70,144 a------- c:\windows\avutil-50.dll
2009-06-02 11:11 85,504 a------- c:\windows\system32\ff_vfw.dll
2009-05-31 00:29 413,696 a------- c:\windows\system32\wrap_oal.dll
2009-05-31 00:29 110,592 a------- c:\windows\system32\OpenAL32.dll
2009-05-29 16:37 205,824 a------- c:\windows\system32\xvidvfw.dll
2009-05-29 16:31 881,664 a------- c:\windows\system32\xvidcore.dll
2009-05-21 11:33 410,984 a------- c:\windows\system32\deploytk.dll
2009-05-10 11:18 60,416 a------- c:\windows\zlib1.dll
2009-05-10 11:17 162,304 a------- c:\windows\libpng13.dll
2009-05-09 14:57 122,368 a------- c:\windows\lua5.1.dll
2009-05-06 11:29 17,744 a------- c:\windows\system32\aspnet_counters.dll
2009-05-06 09:08 489,800 a------- c:\windows\system32\evr.dll
2009-05-06 09:08 103,304 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0400.dll
2009-05-06 09:08 70,456 a------- c:\windows\system32\dxva2.dll
2009-05-06 09:08 13,120 a------- c:\windows\system32\mscorier.dll
2009-05-06 08:13 1,083,720 a------- c:\windows\system32\dfshim.dll
2009-05-06 08:13 404,320 a------- c:\windows\system32\PresentationHost.exe
2009-05-06 08:13 291,152 a------- c:\windows\system32\mscoree.dll
2009-05-06 08:13 158,048 a------- c:\windows\system32\UIAutomationCore.dll
2009-05-06 08:13 76,648 a------- c:\windows\system32\PresentationHostProxy.dll
2009-05-06 08:13 14,160 a------- c:\windows\system32\netfxperf.dll
2009-05-05 17:31 2,402,304 a------- c:\windows\system32\x264vfw.dll
2009-05-01 16:02 90,112 a------- c:\windows\system32\dpl100.dll
2009-05-01 16:02 685,056 a------- c:\windows\system32\divx.dll
2009-04-26 09:28 892,928 a------- c:\windows\iconv.dll
2009-04-26 09:28 127,488 a------- c:\windows\jpeg62.dll
2009-04-26 09:28 70,553 a------- c:\windows\pthreadGC2.dll
2009-01-17 17:22 294,653,207 a------- c:\program files\LEGO Software.rar
2008-12-25 16:08 22,328 a------- c:\docume~1\david\applic~1\PnkBstrK.sys
2008-03-18 18:49 13,195 a------- c:\documents and settings\david\zguicfgw.dat
2006-06-15 19:09 88 a----r-- c:\program files\RTB - Easy Dedicated.bat
2006-06-15 19:07 134,190 a------- c:\program files\rtbprelauncher.jar
2006-06-12 22:44 133 a----r-- c:\program files\RTB - dedicated.bat
2006-04-22 17:11 81 a----r-- c:\program files\Play RTB.bat
2005-12-04 00:52 411 a------- c:\program files\CleanUp.bat
2004-12-22 21:49 3,002,368 a------- c:\program files\blockLand.exe
2004-12-21 01:09 74 a------- c:\program files\dedicated.bat
2004-12-20 17:22 94,208 a------- c:\program files\glu2d3d.dll
2004-12-20 17:22 229,376 a------- c:\program files\opengl2d3d.dll
2003-09-24 10:49 60,416 a----r-- c:\program files\OpenAL32.dll
2003-06-07 17:09 7,113 a------- c:\program files\main.cs
2006-05-03 05:06 163,328 ---shr-- c:\windows\system32\flvDX.dll
2007-02-21 06:47 31,232 ---shr-- c:\windows\system32\msfDX.dll
2008-03-16 08:30 216,064 ---shr-- c:\windows\system32\nbDX.dll

============= FINISH: 19:18:38.95 ===============

Attached Files


Edited by snakerbot, 20 July 2009 - 07:29 PM.


BC AdBot (Login to Remove)

 


#2 snakerbot

snakerbot
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:54 PM

Posted 25 July 2009 - 07:30 PM

My problem seems to be resolved, I've been through four pages of google results and haven't been redirected once. Malwarebytes also works again, so this topic can be closed.

#3 Guest_The weatherman_*

Guest_The weatherman_*

  • Guests
  • OFFLINE
  •  

Posted 29 July 2009 - 05:50 PM

Thanks for letting us know snakerbot.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users