| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 86047 | 2008-01-01 18:28:00 | Offline pop-ups and sound bites | tamiw2007 (13239) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 626564 | 2008-01-01 20:10:00 | I uninstalled the Norton AV. I still have Yahoo. MSN Messenger shows that it's disabled, although I saw it in the log also. Windows Messenger wasn't even on the list. |
tamiw2007 (13239) | ||
| 626565 | 2008-01-01 20:10:00 | Any 'browser companion', right down to good-natured software like the Google or Yahoo toolbar, is not required on your system and could be the cause of any unwanted advertising. The formula I use is to always take heed of the word 'helper' or 'companion' and imagine the mind of the person who wrote the software... "It will HELP us get our advertising out there" or "Our advertising is a good COMPANION for this desktop"... |
KerryDP (13174) | ||
| 626566 | 2008-01-01 20:22:00 | Windows Messenger wasn't even on the list.Windows Messenger is listed under Messenger in your Services. | Greg (193) | ||
| 626567 | 2008-01-01 20:35:00 | Put hijackthis in its own folder tick these entries. Then tick fix checked Close browser/s. O2 - BHO: rightonads optimizer - {10F3E8BD-257A-4702-A2F5-DC02055B068C} - C:\WINDOWS\system32\gzmrt.dll O4 - HKLM\..\Run: [postSetupCheck] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\gzmrt.dll" DllStart O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - a532.g.akamai.net You dont need 2 AV programs uninstall one I would get something better than Yahoo and CA. Get something like Avast Home if you want something free. Or NOD32 if you want to pay for it. Get trojan remover and rogueremover in my sig. See if they pick anything else up. |
Speedy Gonzales (78) | ||
| 626568 | 2008-01-01 22:57:00 | You have a Vundo infection.There are many files that need to be removed. This will help to identify malware on your system. Please download Combofix from any of these locations: Here (download.bleepingcomputer.com) or Here (www.forospyware.com) Save ComboFix to the desktop and please ensure that you disable realtime security/virus programs that monitors your PC while CF is running. 1. Double click on combo.exe & follow the prompts. 2. When finished, it will produce a logfile located at C:\ComboFix.txt. 3. Copy and Paste the contents of that log in your next reply with a new hijackthis log. Do not use Code or html unless asked for. Note: Do not mouseclick combofix's window while it is running. That may cause your system to stall/hang. Caution...Never run and remove files using ComboFix without being supervised by a security analyst. |
Pancake (6359) | ||
| 626569 | 2008-01-01 23:13:00 | when you have followed the above suggestions repost your new hijack this log also regarding Nortons, sometimes it leaves behind stray bits and bobs (or at least it used to), so the new hijack this log should let us know if there are any of that left |
Morgenmuffel (187) | ||
| 626570 | 2008-01-01 23:34:00 | Nigel... When ComboFix runs it automaticlly produces a HJ log... |
Pancake (6359) | ||
| 626571 | 2008-01-01 23:49:00 | Nigel... When ComboFix runs it automaticlly produces a HJ log... I didn't realise that, should have read a bit more carefully |
Morgenmuffel (187) | ||
| 626572 | 2008-01-02 23:36:00 | ComboFix 08-01-03 . 3 - Tami 2008-01-02 17:26:44 . 1 - NTFSx86 Microsoft Windows XP Home Edition 5 . 1 . 2600 . 2 . 1252 . 1 . 1033 . 18 . 101 [GMT -6:00] Running from: C:\Documents and Settings\Tami\Local Settings\Temporary Internet Files\Content . IE5\F4NM1KCV\ComboFix[1] . exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67 C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\music\mainmenu music . ogg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\areabomb . o gg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\beetlezap . ogg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\bonusrow . o gg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\bonustimer . ogg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\bucketfill ed . ogg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\clearpyram id . ogg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\cleartrian gle1a . ogg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\cleartrian gle1b . ogg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\cleartrian gle1c . ogg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\cleartrian gle2a . ogg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\cleartrian gle2b . ogg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\cleartrian gle2c . ogg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\colorchain . ogg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\dialogbox . ogg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\drumbeat . o gg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\fillrow . og g C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\gateopen . o gg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\helptip . og g C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\powerup . og g C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\rotateboar dleft . ogg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\timerup . og g C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\warning . og g C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\audio\sfx\warning2 . o gg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\backgrounds\artifact s-bb . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\backgrounds\bar . jpg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\backgrounds\chamber0 . jpg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\backgrounds\chamber1 . jpg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\backgrounds\circledo or . jpg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\backgrounds\full_scr een_dialog . jpg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\backgrounds\global-hs-bb_large . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\backgrounds\global-hs-bb_small . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\backgrounds\help-bb_large . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\backgrounds\help-bb_small . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\backgrounds\hexfield . jpg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\backgrounds\hidden-artifact_icon . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\backgrounds\large_di alog . jpg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\backgrounds\local-hs-bb . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\backgrounds\mainmenu . jpg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\backgrounds\small_di alog . jpg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\backgrounds\textfiel d . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\backgrounds\trifield . jpg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\beetles\beetlehover1 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\beetles\beetlehover2 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\beetles\beetlehover3 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\beetles\beetlehover4 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\beetles\beetleshock1 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\beetles\beetleshock2 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\beetles\beetleshock3 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\beetles\beetleshock4 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\beetles\beetletatoo . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\beetles\dirt . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\beetles\scarabpost . p ng C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\beetles\scarabpostov r . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\beetles\tritop . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\arrowdown_do wn . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\arrowdown_ov er . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\arrowdown_up . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\arrowleft_do wn . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\arrowleft_ov er . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\arrowleft_up . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\arrowright_d own . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\arrowright_o ver . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\arrowright_u p . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\arrowup_down . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\arrowup_over . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\arrowup_up . p ng C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\bluearrowlef t_down . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\bluearrowlef t_over . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\bluearrowlef t_up . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\bluearrowrig ht_down . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\bluearrowrig ht_over . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\bluearrowrig ht_up . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\checkdown . pn g C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\checkup . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\long_button_ down . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\long_button_ over . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\long_button_ up . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\orange-button_down . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\orange-button_over . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\orange-button_up . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\rotleft_down . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\rotleft_over . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\rotleft_up . p ng C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\rotright_dow n . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\rotright_ove r . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\rotright_up . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\simplebutton _down . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\simplebutton _over . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\simplebutton _up . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\sliderknob . p ng C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\sliderknobov er . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\buttons\sliderrail . p ng C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\characters\anwar\loo k\pl0001 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\characters\bast\look \bl0001 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\characters\kristine\ look\kl0001 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\crackedstopper . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\cursor . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\doorlights . txt C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\fonts\jackarmstrong . mvec C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\fonts\lithos . mvec C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\greybomb . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\helptips\arrowkeys . p ng C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\helptips\helptip . jpg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\levels\levels . dat C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\models\disk . mesh C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\models\equilateraltr iangle . mesh C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\models\flattri . mesh C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\models\pyramid . mesh C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\models\quad . mesh C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\models\rotatingpyram id . mesh C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\models\scarabpanel . m esh C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\p1icon . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\scenes\page1-0 . xml C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\scenes\page1-1 . xml C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\scenes\panel1-0-1 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\scenes\panel1-1-1 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\scorecloud . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\setup . xml C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\sfx\areashockwave . pn g C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\sfx\bolt_1 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\sfx\bolt_2 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\sfx\bolt_3 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\sfx\bolt_4 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\sfx\bolt_starter . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\sfx\bolt_tail . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\sfx\flash . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\sfx\rubble . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\sfx\smoke . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\sfx\smoke2 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\sfx\smoke3 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\splash\aol_logo . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\splash\playfirst_log o . jpg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\statues\statue0\snak e_dirty . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\statues\statue1\arm0 1_dirty . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\statues\statue1\mask 01_1 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\statues\statue1\stat ue01_dirty . jpg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\stopper . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\timer . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\timerglow . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\timericon . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\tm . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\trails\mouseblue1 . pn g C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\trails\mouseblue2 . pn g C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\trails\mouseblue3 . pn g C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\trails\mousegreen1 . p ng C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\trails\mousegreen2 . p ng C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\trails\mousegreen3 . p ng C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\trails\mousered1 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\trails\mousered2 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\trails\mousered3 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\trails\mouseyellow1 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\trails\mouseyellow2 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\trails\mouseyellow3 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\areabomb . p ng C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\areabombro llover . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\blue . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\bluerollov er . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\boardfill . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\brick . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\brick1 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\brick2 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\brick3 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\bricktip . p ng C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\clearanim\ cleared1 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\clearanim\ cleared2 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\clearanim\ cleared3 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\clearanim\ cleared4 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\clearanim\ cleared5 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\clearanim\ cleared6 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\eye1 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\eye2 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\eye3 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\eye4 . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\green . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\greenrollo ver . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\plain_tri-blue . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\plain_tri-bluerollover . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\plain_tri-green . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\plain_tri-greenrollover . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\plain_tri-red . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\plain_tri-redrollover . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\plain_tri-yellow . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\plain_tri-yellowrollover . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\red . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\redrollove r . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\wild . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\wildrollov er . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\yellow . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\triangles\yellowroll over . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\upsell\image0 . jpg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\upsell\image1 . jpg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\upsell\image2 . jpg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\upsell\image3 . jpg C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\urns\bluebucket . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\urns\buckettriangle . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\urns\chainlink . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\urns\chaintip . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\urns\genericbucket . p ng C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\urns\greenbucket . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\urns\redbucket . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\urns\smallblue . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\urns\smallgreen . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\urns\smallred . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\urns\smallyellow . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\urns\urnglow . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\urns\urnplatform . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\urns\yellowbucket . pn g C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\assets\warning . png C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\error . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\game . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\gameover . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\hiscore . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\hiscoreinfo . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\hiscoresubmit . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\instructions . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\leveldesign . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\levelover . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\mainarcade . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\mainconfirm . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\maincontinue . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\maingames . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\mainpuzzle . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\maphelptip . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\options . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\pause . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\quitconfirm . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\start . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\storyplayer . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\style . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\screens\upsell . lua C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\strings . xml C:\WINDOWS\Downloaded Program Files\TriJinx . 1 . 0 . 0 . 67\TriJinx . exe C:\WINDOWS\system32\_000110_ . tmp . dll C:\WINDOWS\system32\gzmrt . dll D:\Autorun . inf . ((((((((((((((((((((((((( Files Created from 2007-12-03 to 2008-01-03 ))))))))))))))))))))))))))))))) . 2008-01-02 17:25 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd . exe 2008-01-02 17:24 . 2008-01-02 17:24 <DIR> d-------- C:\Program Files\RogueRemover FREE 2008-01-02 17:09 . 2008-01-02 17:18 <DIR> d-------- C:\Program Files\Trojan Remover 2008-01-02 17:09 . 2008-01-02 17:09 <DIR> d-------- C:\Documents and Settings\Tami\Application Data\Simply Super Software 2008-01-02 17:09 . 2008-01-02 17:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software 2008-01-02 17:09 . 2006-05-25 14:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36 . dll 2008-01-02 17:09 . 2003-02-02 19:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3 . dll 2008-01-02 17:09 . 2005-08-26 00:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26 . dll 2008-01-02 17:09 . 2002-03-06 00:00 75,264 --a------ C:\WINDOWS\system32\unacev2 . dll 2008-01-02 17:09 . 2006-06-19 12:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet . dll 2007-12-31 16:45 . 1999-05-26 09:46 212,480 --a------ C:\WINDOWS\pcdlib32 . dll 2007-12-31 15:34 . 2007-12-31 15:34 <DIR> d-------- C:\Documents and Settings\Tami\Application Data\Symantec 2007-12-29 20:05 . 2007-12-29 20:05 77,353 --a------ C:\WINDOWS\system32\adssite_sidebar_uninstall . exe 2007-12-29 20:04 . 2007-12-29 20:04 79,875 --a------ C:\WINDOWS\system32\adssite-remove . exe 2007-12-29 20:04 . 2007-12-29 20:26 40,737 --a------ C:\WINDOWS\system32\rightonadz-uninst . exe 2007-12-25 09:55 . 2008-01-01 21:34 <DIR> d-------- C:\Program Files\IntelligentAdvisor 2007-12-25 08:58 . 2007-12-25 08:58 <DIR> d-------- C:\Program Files\iPod 2007-12-25 08:57 . 2007-12-25 08:58 <DIR> d-------- C:\Program Files\iTunes 2007-12-25 08:32 . 2007-10-31 14:09 30,464 --a------ C:\WINDOWS\system32\drivers\usbaapl . sys 2007-12-25 08:31 . 2007-12-25 08:31 <DIR> d-------- C:\Program Files\Common Files\Apple 2007-12-24 18:17 . 2007-12-24 22:39 <DIR> d-------- C:\Program Files\Alltel Jump Music 2007-12-24 07:02 . 2007-12-24 07:02 319,488 --a------ C:\WINDOWS\system32\adssite_sidebar . dll 2007-12-22 09:01 . 2007-12-22 09:01 <DIR> d-------- C:\Documents and Settings\Tanner\Application Data\HP 2007-12-22 09:01 . 2007-12-22 09:01 <DIR> d-------- C:\Documents and Settings\Tanner\Application Data\CyberLink 2007-12-11 10:57 . 2007-12-11 10:57 65,536 --a------ C:\WINDOWS\system32\QuickTimeVR . qtx 2007-12-11 10:57 . 2007-12-11 10:57 49,152 --a------ C:\WINDOWS\system32\QuickTime . qts 2007-12-09 10:19 . 2007-12-09 10:19 <DIR> d-------- C:\WINDOWS\system32\Adobe 2007-12-07 21:03 . 2007-12-10 21:46 <DIR> d-------- C:\Documents and Settings\Tanner\Shared 2007-12-07 21:03 . 2007-12-10 21:46 <DIR> d-------- C:\Documents and Settings\Tanner\Incomplete 2007-12-07 21:03 . 2008-01-02 14:15 <DIR> d-------- C:\Documents and Settings\Tanner\Application Data\LimeWire . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )) . 2008-01-02 23:18 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-01-01 21:17 --------- d-----w C:\Documents and Settings\Tami\Application Data\LimeWire 2008-01-01 20:26 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-01-01 20:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2007-12-31 22:53 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-12-25 14:49 --------- d-----w C:\Program Files\QuickTime 2007-12-25 14:34 --------- d-----w C:\Program Files\Apple Software Update 2007-12-25 01:12 --------- d-----w C:\Documents and Settings\Tami\Application Data\Apple Computer 2007-12-24 04:13 6,768 ----a-w C:\Documents and Settings\All Users\Application Data\ypinfo . bin 2007-12-14 17:39 --------- d-----w C:\Program Files\Spade Buddy Yahoo 2007-12-11 03:43 --------- d-----w C:\Program Files\LimeWire 2007-12-09 16:19 --------- d-----w C:\Program Files\Common Files\Adobe 2007-12-01 19:43 --------- d-----w C:\Program Files\Quicken 2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv . sys 2007-10-30 23:42 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml . dll 2007-10-30 18:15 139,264 ----a-w C:\WINDOWS\system32\nse52 . dll . vir 2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz . dll 2007-10-29 22:43 1,287,680 ------w C:\WINDOWS\system32\dllcache\quartz . dll 2007-10-27 23:40 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf . dll 2007-10-27 23:40 222,720 ------w C:\WINDOWS\system32\wmasf . dll 2007-10-26 03:34 8,460,288 ----a-w C:\WINDOWS\system32\dllcache\shell32 . dll 2007-10-10 23:56 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet . dll 2007-10-10 23:56 232,960 ------w C:\WINDOWS\system32\dllcache\webcheck . dll 2007-10-10 23:56 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon . dll 2007-10-10 23:55 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime . dll 2007-10-10 23:55 63,488 ------w C:\WINDOWS\system32\dllcache\icardie . dll 2007-10-10 23:55 6,065,664 ------w C:\WINDOWS\system32\dllcache\ieframe . dll 2007-10-10 23:55 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs . dll 2007-10-10 23:55 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled . dll 2007-10-10 23:55 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds . dll 2007-10-10 23:55 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce . dll 2007-10-10 23:55 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32 . dll 2007-10-10 23:55 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr . dll 2007-10-10 23:55 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy . dll 2007-10-10 23:55 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil . dll 2007-10-10 23:55 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie . dll 2007-10-10 23:55 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans . dll 2007-10-10 23:55 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating . dll 2007-10-10 23:55 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng . dll 2007-10-10 23:55 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr . dll 2007-10-10 23:55 124,928 ------w C:\WINDOWS\system32\dllcache\advpack . dll 2007-10-10 23:55 105,984 ------w C:\WINDOWS\system32\dllcache\url . dll 2007-10-10 23:55 102,400 ------w C:\WINDOWS\system32\dllcache\occache . dll 2007-10-10 10:59 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit . exe 2007-10-10 10:59 625,152 ------w C:\WINDOWS\system32\dllcache\iexplore . exe 2007-10-10 10:59 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit . exe 2007-10-10 05:46 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui . dll 2007-06-16 00:19 95,136 ----a-w C:\Documents and Settings\Tami\Application Data\GDIPFONTCACHEV1 . DAT 2007-03-21 15:06 300,680 ------w C:\Documents and Settings\All Users\Application Data\arclib . dll 2005-09-24 07:49 12,288 ----a-w C:\WINDOWS\Fonts\RandFont . dll 2006-08-20 02:30 22 --sha-w C:\WINDOWS\SMINST\HPCD . sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs . exe" [2004-10-13 10:24 1694208] "ctfmon . exe"="C:\WINDOWS\system32\ctfmon . exe" [2004-08-04 02:00 15360] "SMSystemAnalyzer"="C:\Program Files\iolo\System Mechanic 6\SMSystemAnalyzer . exe" [2006-12-20 12:38 557056] "mSpotAlltelRemix"="C:\Program Files\Alltel Jump Music\Remix\msptcmd . exe" [2007-12-13 20:17 1503232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx . exe" [2005-07-13 22:05 344064] "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr . exe" [2005-02-02 06:12 102492] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh . exe" [2005-02-02 06:11 692316] "hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant . exe" [2005-11-16 09:30 503808] "eabconfg . cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr . exe" [2005-12-22 09:57 405504] "RecGuard"="C:\Windows\SMINST\RecGuard . exe" [2005-10-11 11:23 1187840] "CaAvTray"="C:\Program Files\Yahoo!\Antivirus\CAVTray . exe" [2006-08-19 21:19 230512] "CAVRID"="C:\Program Files\Yahoo!\Antivirus\CAVRID . exe" [2006-08-19 21:19 185456] "YOP"="C:\PROGRA~1\Yahoo!\YOP\yop . exe" [2005-04-22 18:49 397312] "Password Pal"="C:\Program Files\Dotted Decimal\Password Pal\PassPal . exe" [1997-08-11 01:12 69632] "YPC"="C:\PROGRA~1\Yahoo!\PARENT~1\ypc . exe" [2005-02-11 17:14 352256] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper . exe" [2007-12-11 12:10 267048] "TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan . exe" [2007-12-31 18:46 737872] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ HP Photosmart Premier Fast Start . lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08 . exe [2005-09-24 02:39:30] R3 HSFHWATI;HSFHWATI;C:\WINDOWS\system32\DRIVERS\HSFH WATI . sys [2004-12-15 09:18] *Newly Created Service* - PROCEXP90 . Contents of the 'Scheduled Tasks' folder "2007-12-25 14:34:38 C:\WINDOWS\Tasks\AppleSoftwareUpdate . job" - C:\Program Files\Apple Software Update\SoftwareUpdate . exe . ************************************************** ************************ catchme 0 . 3 . 1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www . gmer . net Rootkit scan 2008-01-03 17:31:57 Windows 5 . 1 . 2600 Service Pack 2 NTFS scanning hidden processes . . . scanning hidden autostart entries . . . scanning hidden files . . . scan completed successfully hidden files: 0 ************************************************** ************************ . Completion time: 2008-01-03 17:32:39 ComboFix-quarantined-files . txt 2008-01-03 23:32:22 . 2008-01-02 13:11:24 --- E O F --- |
tamiw2007 (13239) | ||
| 1 2 | |||||