Malware redirects Google Search Results

**GreenWithEnvy** · 2012-04-18, 14:24

ComboFix 12-04-17.01 - Mike Hoover 04/18/2012 7:28.6.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.76 [GMT -4:00]
Running from: c:\temp\ComboFix.exe
Command switches used :: c:\documents and settings\Mike Hoover\Desktop\CFScript.txt
FW: Sunbelt Personal Firewall *Enabled* {BFD080F6-3BF0-40E1-9507-9CA969C35870}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\dllcache\qedit.dll.new
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-03-18 to 2012-04-18 )))))))))))))))))))))))))))))))
.
.
2012-04-17 09:12 . 2012-04-17 09:12 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Seagate
2012-04-17 01:48 . 2012-04-17 01:48 -------- d-----w- c:\documents and settings\All Users\Application Data\MemeoCommon
2012-04-17 01:47 . 2012-04-17 09:13 -------- d-----w- c:\documents and settings\Mike Hoover\Application Data\Memeo
2012-04-17 01:47 . 2012-04-17 01:47 -------- d-----w- c:\documents and settings\Mike Hoover\Application Data\Seagate
2012-04-17 01:47 . 2012-04-17 01:47 -------- d-----w- c:\documents and settings\LocalService\Application Data\Seagate
2012-04-17 01:45 . 2012-04-17 01:45 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ServiceTest
2012-04-17 01:45 . 2012-04-17 01:47 -------- d-----w- c:\program files\Common Files\Memeo
2012-04-17 01:45 . 2012-04-17 01:46 -------- d-----w- c:\program files\Memeo
2012-04-17 01:45 . 2012-04-17 01:45 -------- d-----w- c:\documents and settings\Mike Hoover\Local Settings\Application Data\temp
2012-04-15 15:39 . 2012-04-15 15:39 -------- d-----w- c:\windows\system32\wbem\Repository
2012-04-15 12:15 . 2012-04-18 11:23 -------- d-----w- c:\windows\system32\CatRoot2
2012-04-15 12:08 . 2001-08-18 02:36 7168 ----a-w- c:\windows\system32\dllcache\EXCH_snprfdll.dll
2012-04-15 12:08 . 2001-08-18 02:36 12288 ----a-w- c:\windows\system32\dllcache\EXCH_smtpctrs.dll
2012-04-15 12:08 . 2001-08-18 02:36 26112 ----a-w- c:\windows\system32\dllcache\EXCH_seos.dll
2012-04-15 12:08 . 2001-08-18 02:36 57856 ----a-w- c:\windows\system32\dllcache\EXCH_scripto.dll
2012-04-15 12:08 . 2001-08-18 02:36 23040 ----a-w- c:\windows\system32\dllcache\EXCH_regtrace.exe
2012-04-15 12:07 . 2001-08-18 02:36 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2012-04-15 12:06 . 2001-08-18 02:36 65536 ----a-w- c:\windows\system32\dllcache\EXCH_mailmsg.dll
2012-04-15 12:04 . 2001-08-17 17:28 595647 ----a-w- c:\windows\system32\dllcache\es56cvmp.sys
2012-04-15 12:03 . 2001-08-18 02:36 32256 ----a-w- c:\windows\system32\dllcache\diapi2NT.dll
2012-04-15 12:02 . 2008-04-13 18:40 12288 ----a-w- c:\windows\system32\dllcache\4mmdat.sys
2012-04-15 12:02 . 2001-08-17 18:55 689216 ----a-w- c:\windows\system32\dllcache\3dfxvs.dll
2012-04-15 12:02 . 2001-08-17 16:48 148352 ----a-w- c:\windows\system32\dllcache\3dfxvsm.sys
2012-04-15 12:02 . 2001-08-17 18:06 11264 ----a-w- c:\windows\system32\dllcache\1394vdbg.sys
2012-04-15 12:02 . 2001-08-17 17:28 762780 ----a-w- c:\windows\system32\dllcache\3cwmcru.sys
2012-04-14 18:48 . 2012-04-15 12:38 -------- d-----w- C:\ERDNT
2012-04-14 17:34 . 2012-04-14 17:34 -------- d-----w- c:\program files\Broadcom
2012-04-14 17:26 . 2002-08-29 10:00 18944 ----a-w- c:\windows\system32\simptcp.dll
2012-04-14 13:55 . 2012-04-14 13:55 -------- d-----w- c:\program files\CONEXANT
2012-04-14 13:55 . 2002-10-07 16:29 11027 ----a-w- c:\windows\system32\drivers\mdmxsdk.sys
2012-04-14 13:55 . 2002-10-07 16:17 69632 ----a-w- c:\windows\system32\mdmxsdk.dll
2012-04-14 13:55 . 2002-10-09 17:50 170499 ----a-w- c:\windows\system32\drivers\HSFHWBS2.sys
2012-04-14 13:55 . 2002-10-09 17:50 1175536 ----a-w- c:\windows\system32\drivers\HSF_DP.sys
2012-04-14 13:55 . 2002-10-09 17:44 604240 ----a-w- c:\windows\system32\drivers\HSF_CNXT.sys
2012-04-14 13:46 . 2002-09-26 22:04 27786 ----a-w- c:\windows\system32\HSFCI004.dll
2012-04-14 13:45 . 2001-08-22 12:42 13632 ----a-w- c:\windows\system32\drivers\omci.sys
2012-04-13 22:34 . 2006-03-02 00:30 618880 ----a-w- c:\windows\system32\drivers\IntelC52.sys
2012-04-13 22:34 . 2005-05-06 18:42 1339776 ----a-w- c:\windows\system32\drivers\IntelC51.sys
2012-04-13 22:34 . 2005-05-06 18:40 47360 ----a-w- c:\windows\system32\drivers\IntelC53.sys
2012-04-13 22:34 . 2005-05-06 18:40 36880 ----a-w- c:\windows\system32\drivers\mohfilt.sys
2012-04-13 22:34 . 2005-05-06 18:39 172032 ----a-w- c:\windows\system32\intelmoh.dll
2012-04-13 22:34 . 2005-05-06 18:39 49152 ----a-w- c:\windows\system32\mhwt.dll
2012-04-11 12:00 . 2012-04-11 12:00 1409 ----a-w- c:\windows\QTFont.for
2012-04-10 21:16 . 2011-08-17 13:49 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2012-04-10 21:16 . 2011-08-17 13:49 138496 ----a-w- c:\windows\system32\dllcache\afd.sys
2012-04-10 19:55 . 2007-04-26 14:21 302000 ----a-w- c:\windows\system32\drivers\fwdrv.sys
2012-04-08 23:44 . 2012-04-08 23:44 205072 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2012-04-08 20:26 . 2012-04-08 20:26 -------- d-----w- c:\program files\ERUNT
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-07 11:34 . 2008-03-18 23:50 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-07 11:34 . 2010-08-03 01:12 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-04 19:56 . 2010-05-01 12:23 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-01 01:25 . 2004-08-24 00:32 832512 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 01:25 . 2010-06-24 23:50 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-03-01 01:25 . 2002-08-29 10:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2012-03-01 01:25 . 2002-08-29 10:00 17408 ----a-w- c:\windows\system32\corpol.dll
2012-02-29 14:10 . 2002-08-29 10:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2002-08-29 10:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-25 13:11 . 2011-05-23 10:35 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-03 09:22 . 2002-08-29 10:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2001-02-27 00:16 . 2010-05-23 01:29 53295 ----a-w- c:\program files\opera\program\plugins\PlugDef.dll
.
.

Thread: Malware redirects Google Search Results

Thread Tools

Display

Threaded View

Posting Permissions