Search engine redirects to spam sites

Hello everyone,

As of yesterday, i've been having a problem with searching queries in google, yahoo, bing, etc. Anytime I try to search, it redirects to some random malware/spam website. i'm not sure how to get rid of it; this is the first time I've been bugged by this. i thought it was perhaps a browser issue (using chrome) so i used google on firefox and IE and all of them yielded the same results. I did a whole system restore and it came back. I used various programs such as hijack this and still no solution yet. I'm wondering if any of you are having the same problem and what are you doing to alleviate, or much rather, eliminate the situation.


-here's what i'm running:
windows 7 home premium 64 bit
8 answers Last reply
More about search engine redirects spam sites
  1. Some malware or such can do just that.

    Run #1 and #2 @ http://www.tomshardware.com/forum/8263-63-simple-free-guide-removing-malware and chase the pest away.
  2. Hi nikorr,

    i've just completed the steps you've suggested me. However, the problem still exists! It doesn't take as long to load content and such, but using google or any other search engine still redirects me. It's getting really frustrating. is anyone else having a similar issue?
  3. Delete the temp files. So what was the result of the scan?
  4. Deleting the temp files hasn't had any affect on the redirects. I'm looking over the txt file from the combofix scan and I'm not entirely sure what i'm looking within it. In the meantime, i'm updating everything from windows updates to other malware programs.
  5. * Superantispyware Free Edition
    http://www.superantispyware.com/index.html

    Try this ^
  6. Can u post that log file?
  7. hey nikorr,ComboFix 11-10-18.01 - The Camamas 10/18/2011 2:46.2.1 - x64 NETWORK
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3002.2459 [GMT -7:00]
    Running from: c:\users\The Camamas\Downloads\ComboFix.exe
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-09-18 to 2011-10-18 )))))))))))))))))))))))))))))))
    .
    .
    2011-10-18 09:50 . 2011-10-18 09:50 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-10-18 09:28 . 2011-10-18 09:28 -------- d--h--w- c:\programdata\CanonBJ
    2011-10-18 09:28 . 2008-02-26 12:00 82944 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPP9I.DLL
    2011-10-18 09:28 . 2008-02-26 12:00 27648 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPD9I.DLL
    2011-10-18 09:28 . 2011-10-18 09:28 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
    2011-10-18 09:28 . 2008-02-26 12:00 279040 ----a-w- c:\windows\system32\CNMLM9I.DLL
    2011-10-18 09:28 . 2008-02-08 22:38 236032 ----a-w- c:\windows\system32\CNC190L.DLL
    2011-10-18 09:28 . 2007-11-09 18:59 1335296 ----a-w- c:\windows\system32\CNC190C.DLL
    2011-10-18 09:28 . 2007-11-09 18:59 92672 ----a-w- c:\windows\system32\CNC190I.DLL
    2011-10-18 09:28 . 2007-03-15 21:13 229888 ----a-w- c:\windows\system32\CNC190O.DLL
    2011-10-18 09:28 . 2011-10-18 09:28 -------- d--h--w- c:\program files\CanonBJ
    2011-10-17 21:42 . 2011-10-17 21:42 -------- d-----w- c:\programdata\Malwarebytes
    2011-10-17 21:42 . 2011-10-17 21:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2011-10-17 21:42 . 2011-09-01 00:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-10-17 08:32 . 2011-10-17 08:32 -------- d-----w- c:\program files (x86)\Trend Micro
    2011-10-17 08:14 . 2011-10-17 08:14 -------- d-----w- c:\programdata\Norton
    2011-10-17 05:48 . 2011-10-17 05:48 -------- d-----w- c:\windows\NAPP_Dism_Log
    2011-10-17 05:22 . 2011-09-21 16:00 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D254122D-9E2C-42DE-B6D6-DFA4C26814A2}\mpengine.dll
    2011-10-17 05:22 . 2011-05-25 02:14 270720 ------w- c:\windows\system32\MpSigStub.exe
    2011-10-17 05:21 . 2006-11-29 20:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
    2011-10-17 05:21 . 2006-11-29 20:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
    2011-10-17 05:21 . 2011-10-17 05:21 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
    2011-10-17 05:19 . 2011-10-17 05:19 -------- d-----w- c:\program files (x86)\Microsoft
    2011-10-17 05:19 . 2011-10-17 05:19 -------- d-----w- c:\program files (x86)\Windows Live SkyDrive
    2011-10-17 05:18 . 2011-10-17 05:23 -------- d-----w- c:\program files (x86)\Windows Live
    2011-10-17 05:14 . 2011-10-17 05:14 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
    2011-10-17 05:13 . 2011-10-17 05:13 -------- d-----w- c:\program files (x86)\Common Files\CyberLink
    2011-10-17 05:12 . 2011-10-17 05:13 -------- d-----w- c:\program files (x86)\CyberLink
    2011-10-17 05:11 . 2011-10-17 05:10 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
    2011-10-17 05:11 . 2011-10-17 05:10 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll
    2011-10-17 05:11 . 2011-10-17 05:10 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll
    2011-10-17 05:07 . 2011-10-17 05:07 -------- d-----w- c:\program files\Synaptics
    2011-10-17 05:06 . 2011-10-17 05:06 -------- d-----w- c:\program files (x86)\Acer Crystal Eye webcam
    2011-10-17 05:06 . 2011-10-17 05:06 -------- d-----w- C:\MyWinLockerData
    2011-10-17 05:04 . 2011-10-17 05:04 -------- d-----w- c:\program files (x86)\Launch Manager
    2011-10-17 05:03 . 2011-10-17 05:03 -------- d---a-w- C:\book
    2011-10-17 05:02 . 2011-10-17 05:02 -------- d-----w- c:\program files (x86)\OEM
    2011-10-17 05:02 . 2011-10-17 05:02 -------- d-----w- c:\programdata\OEM_E471269A730D
    2011-10-17 04:59 . 2011-10-17 05:03 -------- d-----w- c:\users\The Camamas
    2011-10-17 04:59 . 2011-10-17 04:59 -------- d-----w- C:\Recovery
    2011-10-17 04:55 . 2011-10-17 04:55 3 ----a-w- c:\windows\system32\PLD_Framework.cmd
    2011-10-17 04:53 . 2011-10-17 04:53 -------- d-----w- c:\windows\SysWow64\x64
    2011-10-17 04:53 . 2011-10-17 04:53 -------- d-----w- c:\windows\SysWow64\Lang
    2011-10-17 04:53 . 2010-03-15 02:17 1002008 ----a-w- c:\windows\SysWow64\igxpun.exe
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2011-10-18_04.25.35 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2011-10-18 09:28 . 2006-11-06 23:13 98304 c:\windows\twain_32\MP190 series\softfare.dll
    + 2011-10-18 09:28 . 2006-01-12 21:22 73728 c:\windows\twain_32\MP190 series\RSTCOL.DLL
    + 2011-10-18 09:28 . 2007-11-07 19:02 38646 c:\windows\twain_32\MP190 series\IPM.DAT
    + 2011-10-18 09:28 . 2007-05-16 03:26 77824 c:\windows\twain_32\MP190 series\IJFSHLIB.DLL
    + 2011-10-18 09:28 . 2006-04-13 22:43 53248 c:\windows\twain_32\MP190 series\HSL.DLL
    + 2011-10-18 09:28 . 2008-02-13 21:07 49224 c:\windows\twain_32\MP190 series\CNC190P.DAT
    + 2011-10-18 09:28 . 2007-06-06 00:15 86016 c:\windows\twain_32\MP190 series\CAPS.DLL
    + 2011-10-18 09:28 . 2005-04-15 22:34 57344 c:\windows\twain_32\MP190 series\BaLCo.dll
    + 2011-10-18 09:28 . 2006-11-29 21:39 73728 c:\windows\twain_32\MP190 series\AG.DLL
    - 2011-10-17 05:08 . 2011-10-18 04:13 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    + 2011-10-17 05:08 . 2011-10-18 04:53 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    + 2011-10-17 07:06 . 2011-10-18 04:35 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012011101720111018\index.dat
    - 2011-10-17 07:06 . 2011-10-17 22:19 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012011101720111018\index.dat
    + 2011-10-17 05:09 . 2011-10-18 04:53 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat
    - 2011-10-17 05:09 . 2011-10-18 04:13 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat
    + 2009-07-14 05:10 . 2011-10-18 04:28 35806 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    + 2011-10-18 09:28 . 2008-02-26 12:00 11776 c:\windows\system32\spool\drivers\x64\3\CNMW69I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 11264 c:\windows\system32\spool\drivers\x64\3\CNMW39I.DLL
    + 2011-10-18 09:28 . 2008-02-25 15:49 47440 c:\windows\system32\spool\drivers\x64\3\CNMVS9I.EXE
    + 2011-10-18 09:28 . 2008-02-26 12:00 15360 c:\windows\system32\spool\drivers\x64\3\CNMVS9I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 77312 c:\windows\system32\spool\drivers\x64\3\CNMSR9I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 44544 c:\windows\system32\spool\drivers\x64\3\CNMSQ9I.DLL
    + 2011-10-18 09:28 . 2008-02-25 15:48 18768 c:\windows\system32\spool\drivers\x64\3\CNMSE9I.EXE
    + 2011-10-18 09:28 . 2008-02-26 12:00 49152 c:\windows\system32\spool\drivers\x64\3\CNMSD9I.DLL
    + 2011-10-18 09:28 . 2008-02-26 07:00 30320 c:\windows\system32\spool\drivers\x64\3\CNMP29I.DAT
    + 2011-10-18 09:28 . 2008-02-26 07:00 27140 c:\windows\system32\spool\drivers\x64\3\CNMP19I.DAT
    + 2011-10-18 09:28 . 2008-02-26 07:00 23280 c:\windows\system32\spool\drivers\x64\3\CNMP09I.DAT
    + 2011-10-18 09:28 . 2008-02-26 12:00 30208 c:\windows\system32\spool\drivers\x64\3\CNMOP9I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 71168 c:\windows\system32\spool\drivers\x64\3\CNMLH9I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 10240 c:\windows\system32\spool\drivers\x64\3\CNMFU9I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 33792 c:\windows\system32\spool\drivers\x64\3\CNMEI9I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 11264 c:\windows\system32\spool\drivers\x64\3\CNMBU9I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 38912 c:\windows\system32\spool\drivers\x64\3\CNMBS9I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 11264 c:\windows\system32\spool\drivers\x64\3\CNMBM9I.DLL
    + 2009-07-14 05:30 . 2011-10-18 09:35 86016 c:\windows\system32\DriverStore\infpub.dat
    - 2009-07-14 05:30 . 2011-10-17 05:09 86016 c:\windows\system32\DriverStore\infpub.dat
    + 2011-10-18 09:28 . 2006-11-06 23:13 98304 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\softfare.dll
    + 2011-10-18 09:28 . 2006-01-12 21:22 73728 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\RSTCOL.DLL
    + 2011-10-18 09:28 . 2007-05-16 03:26 77824 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\IJFSHLIB.DLL
    + 2011-10-18 09:28 . 2006-04-13 22:43 53248 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\HSL.DLL
    + 2011-10-18 09:28 . 2007-06-06 00:15 86016 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\CAPS.DLL
    + 2011-10-18 09:28 . 2005-04-15 22:34 57344 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\BaLCo.dll
    + 2011-10-18 09:28 . 2006-11-29 21:39 73728 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\AG.DLL
    + 2011-10-18 09:28 . 2007-11-09 18:59 92672 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\MP190\x64\CNC190I.DLL
    + 2011-10-18 09:28 . 2007-11-07 19:02 38646 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\MP190\IPM.DAT
    + 2011-10-18 09:28 . 2008-02-13 21:07 49224 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\MP190\CNC190P.DAT
    + 2011-10-18 09:28 . 2008-02-26 12:00 11776 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMW6.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 11264 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMW3.DLL
    + 2011-10-18 09:28 . 2008-02-25 15:49 47440 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMVS.EXE
    + 2011-10-18 09:28 . 2008-02-26 12:00 15360 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMVS.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 44032 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMSRJ.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 77312 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMSR.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 38912 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMSMSDK.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 49152 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMSMSD.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 33792 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMSMOPT.DLL
    + 2011-10-18 09:28 . 2008-02-25 15:48 18768 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMSE.EXE
    + 2011-10-18 09:28 . 2008-02-26 12:00 44544 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMQUEUE.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 82944 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMPP.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 11264 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMPMSDK.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 11264 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMPDSDK.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 27648 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMPD.DLL
    + 2011-10-18 09:28 . 2008-02-26 07:00 30320 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMP2.DAT
    + 2011-10-18 09:28 . 2008-02-26 07:00 27140 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMP1.DAT
    + 2011-10-18 09:28 . 2008-02-26 07:00 23280 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMP0.DAT
    + 2011-10-18 09:28 . 2008-02-26 12:00 30208 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMOP9I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 91136 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMLRJ.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 71168 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMLH.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 10240 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMFUS.DLL
    + 2009-07-14 00:35 . 2009-07-14 00:35 41984 c:\windows\system32\drivers\usbscan.sys
    - 2011-10-17 04:56 . 2011-10-17 22:57 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2011-10-17 04:56 . 2011-10-18 09:40 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2011-10-17 04:56 . 2011-10-17 22:57 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2011-10-17 04:56 . 2011-10-18 09:40 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2009-07-14 04:54 . 2011-10-18 09:40 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2009-07-14 04:54 . 2011-10-17 22:57 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2011-10-18 09:28 . 2008-02-14 18:56 49664 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series\RES\DLL\IJInstUS.dll
    + 2011-10-18 09:28 . 2008-02-14 18:56 38912 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series\RES\DLL\IJInstJP.dll
    - 2011-10-17 06:58 . 2011-10-18 04:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2011-10-17 06:58 . 2011-10-18 09:51 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2011-10-17 06:58 . 2011-10-18 04:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2011-10-17 06:58 . 2011-10-18 09:51 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2011-10-18 09:28 . 2007-01-26 22:44 4608 c:\windows\twain_32\MP190 series\USDRESUS.DLL
    + 2011-10-18 09:28 . 2007-01-26 22:44 4096 c:\windows\twain_32\MP190 series\USDRESJP.DLL
    + 2011-10-18 09:40 . 2011-10-18 09:40 1858 c:\windows\system32\wdi\ERCQueuedResolutions.dat
    + 2011-10-17 06:59 . 2011-10-18 04:29 3492 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-421085074-1657083802-1334669952-1001_UserData.bin
    + 2011-10-18 09:28 . 2008-02-26 12:00 9216 c:\windows\system32\spool\drivers\x64\3\CNML29I.DLL
    + 2011-10-18 09:23 . 2011-10-18 09:23 9560 c:\windows\system32\NetworkList\Icons\{9B9531B5-BB14-46E1-BFD6-85250DEC3F00}_48.bin
    + 2011-10-18 09:23 . 2011-10-18 09:23 4280 c:\windows\system32\NetworkList\Icons\{9B9531B5-BB14-46E1-BFD6-85250DEC3F00}_32.bin
    + 2011-10-18 09:23 . 2011-10-18 09:23 2456 c:\windows\system32\NetworkList\Icons\{9B9531B5-BB14-46E1-BFD6-85250DEC3F00}_24.bin
    + 2011-10-18 09:28 . 2007-01-26 22:44 4608 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\USDRESUS.DLL
    + 2011-10-18 09:28 . 2007-01-26 22:44 4096 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\USDRESJP.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 9216 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMLH2.DLL
    - 2011-10-18 04:12 . 2011-10-18 04:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2011-10-18 09:51 . 2011-10-18 09:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2011-10-18 09:51 . 2011-10-18 09:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2011-10-18 04:12 . 2011-10-18 04:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2011-10-18 09:28 . 2007-02-07 04:00 258048 c:\windows\twain_32\MP190 series\USIP.DLL
    + 2011-10-18 09:28 . 2007-11-07 17:28 524288 c:\windows\twain_32\MP190 series\TPM.DLL
    + 2011-10-18 09:28 . 2005-02-03 01:34 118784 c:\windows\twain_32\MP190 series\SCRPRMV.DLL
    + 2011-10-18 09:28 . 2007-11-07 17:27 147456 c:\windows\twain_32\MP190 series\SCANINTF.DLL
    + 2011-10-18 09:28 . 2006-12-13 18:28 122880 c:\windows\twain_32\MP190 series\MC2.DLL
    + 2011-10-18 09:28 . 2004-06-07 19:58 290816 c:\windows\twain_32\MP190 series\libBLC.dll
    + 2011-10-18 09:28 . 2004-08-27 00:07 114688 c:\windows\twain_32\MP190 series\ITLIB32.DLL
    + 2011-10-18 09:28 . 2007-11-07 17:27 135168 c:\windows\twain_32\MP190 series\IPM.DLL
    + 2011-10-18 09:28 . 2007-11-07 17:27 184320 c:\windows\twain_32\MP190 series\IOP.DLL
    + 2011-10-18 09:28 . 2007-03-19 21:06 143360 c:\windows\twain_32\MP190 series\CUBS.DLL
    + 2011-10-18 09:28 . 2005-08-24 22:51 126976 c:\windows\twain_32\MP190 series\CFine2.dll
    + 2011-10-17 10:39 . 2011-10-18 08:28 181688 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
    + 2011-10-18 09:28 . 2008-02-26 12:00 391168 c:\windows\system32\spool\drivers\x64\3\CNMUR9I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 309760 c:\windows\system32\spool\drivers\x64\3\CNMUB9I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 493056 c:\windows\system32\spool\drivers\x64\3\CNMSM9I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 814592 c:\windows\system32\spool\drivers\x64\3\CNMSB9I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 119296 c:\windows\system32\spool\drivers\x64\3\CNMPV9I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 165888 c:\windows\system32\spool\drivers\x64\3\CNMLR9I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 636928 c:\windows\system32\spool\drivers\x64\3\CNMDR9I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 298496 c:\windows\system32\spool\drivers\x64\3\CNMD59I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 101888 c:\windows\system32\spool\drivers\x64\3\CNMCP9I.DLL
    + 2009-07-14 02:36 . 2011-10-18 09:45 615122 c:\windows\system32\perfh009.dat
    + 2009-07-14 02:36 . 2011-10-18 09:45 103496 c:\windows\system32\perfc009.dat
    + 2009-07-14 05:30 . 2011-10-18 09:35 143360 c:\windows\system32\DriverStore\infstrng.dat
    - 2009-07-14 05:30 . 2011-10-17 05:09 143360 c:\windows\system32\DriverStore\infstrng.dat
    - 2009-07-14 05:30 . 2011-10-17 05:09 143360 c:\windows\system32\DriverStore\infstor.dat
    + 2009-07-14 05:30 . 2011-10-18 09:28 143360 c:\windows\system32\DriverStore\infstor.dat
    + 2011-10-18 09:28 . 2007-02-07 04:00 258048 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\USIP.DLL
    + 2011-10-18 09:28 . 2007-11-07 17:28 524288 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\TPM.DLL
    + 2011-10-18 09:28 . 2007-11-07 17:27 147456 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\SCANINTF.DLL
    + 2011-10-18 09:28 . 2006-12-13 18:28 122880 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\MC2.DLL
    + 2011-10-18 09:28 . 2004-06-07 19:58 290816 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\libBLC.dll
    + 2011-10-18 09:28 . 2004-08-27 00:07 114688 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\ITLIB32.DLL
    + 2011-10-18 09:28 . 2007-11-07 17:27 135168 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\IPM.DLL
    + 2011-10-18 09:28 . 2007-11-07 17:27 184320 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\IOP.DLL
    + 2011-10-18 09:28 . 2007-03-19 21:06 143360 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\CUBS.DLL
    + 2011-10-18 09:28 . 2005-08-24 22:51 126976 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\CFine2.dll
    + 2011-10-18 09:28 . 2007-03-15 21:13 229888 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x64\cncisco.dll
    + 2011-10-18 09:28 . 2005-02-03 01:34 118784 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\MP190\x86\SCRPRMV.DLL
    + 2011-10-18 09:28 . 2008-02-08 22:38 236032 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\MP190\x64\CNC190L.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 282624 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMURJ.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 391168 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMUR.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 493056 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMSTMN.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 119296 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMPV.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 814592 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMP_342.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 165888 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMLR.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 279040 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMLMON2.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 298496 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMDUMP5.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 636928 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMDRV.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 309760 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMBR342.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 101888 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNM_0342.DLL
    + 2011-10-18 09:28 . 2009-05-26 17:21 936792 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series\DelDrv.exe
    + 2011-10-18 08:45 . 2011-10-18 04:12 245760 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    + 2011-10-18 09:28 . 2007-11-07 17:29 1175552 c:\windows\twain_32\MP190 series\SGUI.DLL
    + 2011-10-18 09:28 . 2007-11-07 17:27 1040384 c:\windows\twain_32\MP190 series\SGRES_US.DLL
    + 2011-10-18 09:28 . 2007-11-07 17:27 1011712 c:\windows\twain_32\MP190 series\SGRES_JP.DLL
    + 2011-10-18 09:28 . 2006-12-01 16:24 1159168 c:\windows\twain_32\MP190 series\SGCFLTR.DLL
    + 2011-10-18 09:28 . 2008-02-21 18:29 3724256 c:\windows\twain_32\MP190 series\CNC190.DAT
    + 2011-10-18 09:28 . 2008-02-26 12:00 2793984 c:\windows\system32\spool\drivers\x64\3\CNMUI9I.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 1599488 c:\windows\system32\spool\drivers\x64\3\CNMCB9I.DLL
    + 2011-10-18 09:28 . 2007-11-07 17:29 1175552 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\SGUI.DLL
    + 2011-10-18 09:28 . 2007-11-07 17:27 1040384 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\SGRES_US.DLL
    + 2011-10-18 09:28 . 2007-11-07 17:27 1011712 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\SGRES_JP.DLL
    + 2011-10-18 09:28 . 2006-12-01 16:24 1159168 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\SGCOMMON\x86\SGCFLTR.DLL
    + 2011-10-18 09:28 . 2007-11-09 18:59 1335296 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\MP190\x64\CNC190C.DLL
    + 2011-10-18 09:28 . 2008-02-21 18:29 3724256 c:\windows\system32\DriverStore\FileRepository\mp190sc.inf_amd64_neutral_7518ca73be2f8c69\SCN\MP190\CNC190.DAT
    + 2011-10-18 09:28 . 2008-02-26 12:00 2793984 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMUI.DLL
    + 2011-10-18 09:28 . 2008-02-26 12:00 1599488 c:\windows\system32\DriverStore\FileRepository\mp190pr.inf_amd64_neutral_9775439292063425\PRNXPX64\CNMPCOM2.DLL
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
    @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
    [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
    2010-02-01 18:03 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-04-08 39408]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-24 284696]
    "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-02-01 337264]
    "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512]
    "EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192]
    "BkupTray"="c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-07 34040]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
    "BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
    "NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-24 588648]
    "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-17 135664]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-17 135664]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 225280]
    R4 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2010-04-08 332272]
    S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
    S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
    S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
    S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
    S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-06 865824]
    S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-24 13336]
    S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520]
    S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368]
    S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-07 50424]
    S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
    S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
    S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
    .
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-17 05:08]
    .
    2011-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-17 05:08]
    .
    2011-10-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421085074-1657083802-1334669952-1001Core.job
    - c:\users\The Camamas\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-17 05:07]
    .
    2011-10-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421085074-1657083802-1334669952-1001UA.job
    - c:\users\The Camamas\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-17 05:07]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
    2010-04-08 05:00 750064 ----a-w- c:\programdata\Partner\Partner64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
    @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
    [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
    2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-23 10134560]
    "mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-02-01 349552]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-15 165912]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-15 387608]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-15 365592]
    "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
    "Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-06 860192]
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5334&r=27361011y415l0474z195t45i2m885
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5334&r=27361011y415l0474z195t45i2m885
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    TCP: DhcpNameServer = 192.168.2.1
    FF - ProfilePath - c:\users\The Camamas\AppData\Roaming\Mozilla\Firefox\Profiles\1qg95ftv.default\
    FF - prefs.js: browser.startup.homepage - hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5334&r=27361011y415l0474z195t45i2m885
    FF - prefs.js: network.proxy.type - 0
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker3"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files (x86)\Launch Manager\LMworker.exe
    c:\windows\SysWOW64\ping.exe
    .
    **************************************************************************
    .
    Completion time: 2011-10-18 02:56:48 - machine was rebooted
    ComboFix-quarantined-files.txt 2011-10-18 09:56
    ComboFix2.txt 2011-10-18 04:31
    .
    Pre-Run: 206,691,573,760 bytes free
    Post-Run: 206,654,103,552 bytes free
    .
    - - End Of File - - D6EAF0398CBF975EAD088050DB4EFD84


    here's the txt file from the combofix scan:

    Area51: i'll try that program out asap. thanks for the suggestion, and i'll let you know the result. Appreciating all your help, guys :)
  8. It's getting really wearisome. In my view you should eliminate the temp files.


    ___________________________
    Search Engine
Ask a new question

Read More

Internet Applications Search Engine Apps