Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trojan_clicker.Win32.Delf.Cbe also known as Troj_Vundo.Anl

Started by Babeagle , May 07 2009 09:21 AM

  • Please log in to reply

#1
Babeagle
Posted 07 May 2009 - 09:21 AM

Babeagle

    New Member

  • Member
  • Pip
  • 1 posts
I saw some threads over this same virus. I did the first step you had listed for them.. I downloaded the ComboFix and ran it. this is the results.

ComboFix 09-05-06.08 - BLWD 05/07/2009 9:28.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.735.364 [GMT -5:00]
Running from: c:\documents and settings\BLWD\Desktop\ComboFix.exe
AV: ZoneAlarm Security Suite Antivirus *On-access scanning disabled* (Updated)
FW: ZoneAlarm Security Suite Firewall *disabled*
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\BLWD\LOCALS~1\Temp\iexplore.exe
c:\temp\isgTi19
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\music\mainmenumusic.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\areabomb.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\beetlezap.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\bonusrow.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\bonustimer.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\bucketfilled.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\clearpyramid.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle1a.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle1b.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle1c.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle2a.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle2b.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle2c.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\colorchain.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\dialogbox.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\drumbeat.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\fillrow.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\gateopen.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\helptip.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\powerup.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\rotateboardleft.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\timerup.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\warning.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\warning2.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\artifacts-bb.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\bar.jpg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\chamber0.jpg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\chamber1.jpg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\circledoor.jpg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\full_screen_dialog.jpg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\global-hs-bb_large.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\global-hs-bb_small.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\help-bb_large.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\help-bb_small.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\hexfield.jpg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\hidden-artifact_icon.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\large_dialog.jpg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\local-hs-bb.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\mainmenu.jpg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\small_dialog.jpg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\textfield.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\trifield.jpg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetlehover1.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetlehover2.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetlehover3.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetlehover4.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetleshock1.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetleshock2.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetleshock3.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetleshock4.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetletatoo.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\dirt.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\scarabpost.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\scarabpostovr.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\tritop.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowdown_down.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowdown_over.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowdown_up.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowleft_down.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowleft_over.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowleft_up.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowright_down.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowright_over.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowright_up.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowup_down.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowup_over.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowup_up.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\bluearrowleft_down.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\bluearrowleft_over.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\bluearrowleft_up.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\bluearrowright_down.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\bluearrowright_over.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\bluearrowright_up.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\checkdown.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\checkup.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\long_button_down.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\long_button_over.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\long_button_up.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\orange-button_down.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\orange-button_over.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\orange-button_up.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\rotleft_down.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\rotleft_over.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\rotleft_up.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\rotright_down.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\rotright_over.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\rotright_up.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\simplebutton_down.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\simplebutton_over.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\simplebutton_up.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\sliderknob.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\sliderknobover.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\sliderrail.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\characters\anwar\look\pl0001.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\characters\bast\look\bl0001.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\characters\kristine\look\kl0001.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\crackedstopper.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\cursor.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\doorlights.txt
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\fonts\jackarmstrong.mvec
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\fonts\lithos.mvec
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\greybomb.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\helptips\arrowkeys.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\helptips\helptip.jpg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\levels\levels.dat
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\disk.mesh
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\equilateraltriangle.mesh
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\flattri.mesh
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\pyramid.mesh
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\quad.mesh
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\rotatingpyramid.mesh
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\scarabpanel.mesh
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\p1icon.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\scenes\page1-0.xml
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\scenes\page1-1.xml
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\scenes\panel1-0-1.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\scenes\panel1-1-1.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\scorecloud.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\setup.xml
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\areashockwave.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\bolt_1.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\bolt_2.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\bolt_3.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\bolt_4.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\bolt_starter.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\bolt_tail.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\flash.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\rubble.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\smoke.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\smoke2.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\smoke3.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\splash\playfirst_logo.jpg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\statues\statue0\snake_dirty.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\statues\statue1\arm01_dirty.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\statues\statue1\mask01_1.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\statues\statue1\statue01_dirty.jpg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\stopper.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\timer.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\timerglow.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\timericon.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\tm.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mouseblue1.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mouseblue2.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mouseblue3.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mousegreen1.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mousegreen2.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mousegreen3.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mousered1.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mousered2.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mousered3.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mouseyellow1.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mouseyellow2.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mouseyellow3.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\areabomb.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\areabombrollover.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\blue.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\bluerollover.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\boardfill.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\brick.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\brick1.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\brick2.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\brick3.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\bricktip.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\clearanim\cleared1.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\clearanim\cleared2.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\clearanim\cleared3.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\clearanim\cleared4.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\clearanim\cleared5.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\clearanim\cleared6.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\eye1.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\eye2.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\eye3.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\eye4.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\green.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\greenrollover.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-blue.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-bluerollover.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-green.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-greenrollover.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-red.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-redrollover.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-yellow.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-yellowrollover.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\red.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\redrollover.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\wild.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\wildrollover.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\yellow.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\yellowrollover.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\upsell\image0.jpg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\upsell\image1.jpg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\upsell\image2.jpg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\upsell\image3.jpg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\bluebucket.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\buckettriangle.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\chainlink.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\chaintip.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\genericbucket.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\greenbucket.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\redbucket.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\smallblue.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\smallgreen.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\smallred.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\smallyellow.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\urnglow.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\urnplatform.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\yellowbucket.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\warning.png
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\logfile.txt
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\error.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\game.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\gameover.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\hiscore.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\hiscoreinfo.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\hiscoresubmit.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\instructions.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\leveldesign.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\levelover.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\mainarcade.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\mainconfirm.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\maincontinue.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\maingames.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\mainpuzzle.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\maphelptip.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\options.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\pause.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\quitconfirm.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\start.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\storyplayer.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\style.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\upsell.lua
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\strings.xml
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\TriJinx.exe
c:\windows\hosts
c:\windows\IE4 Error Log.txt
c:\windows\start.exe
c:\windows\system32\nGpxx01
c:\windows\system32\pac.txt
c:\windows\Tasks\At1.job
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\windows\Web\default.htt
c:\windows\system32\dkparxon.dll . . . . failed to delete
c:\windows\system32\gyzmuzn.dll . . . . failed to delete

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_TFAVMTTK
-------\Service_tfavmttk


((((((((((((((((((((((((( Files Created from 2009-04-07 to 2009-05-07 )))))))))))))))))))))))))))))))
.

2009-05-07 14:40 . 2009-05-07 14:40 -------- d-----w c:\windows\system32\config\systemprofile\Application Data\TeamViewer
2009-05-07 13:32 . 2009-05-07 13:32 -------- d-----w c:\documents and settings\NetworkService\Application Data\eskmlvpv
2009-05-07 13:32 . 2009-05-07 13:32 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\eskmlvpv
2009-05-07 10:12 . 2009-05-07 10:12 -------- d-----w c:\documents and settings\BLWD\Application Data\eskmlvpv
2009-05-07 10:12 . 2009-05-07 10:12 -------- d-----w c:\documents and settings\BLWD\Application Data\eskmlvpv
2009-05-06 21:28 . 2009-05-06 21:28 -------- d-----w c:\documents and settings\QBDataServiceUser17\Application Data\TeamViewer
2009-05-06 14:28 . 2009-05-06 14:28 -------- d-----w c:\documents and settings\BLWD\.housecall6.6
2009-05-06 13:25 . 2004-08-04 03:58 5504 ----a-w c:\windows\system32\dllcache\mstee.sys
2009-05-06 13:25 . 2004-08-04 03:58 5504 ----a-w c:\windows\system32\drivers\MSTEE.sys
2009-05-06 13:25 . 2004-08-04 04:10 10880 ----a-w c:\windows\system32\dllcache\ndisip.sys
2009-05-06 13:25 . 2004-08-04 04:10 10880 ----a-w c:\windows\system32\drivers\NdisIP.sys
2009-05-06 13:25 . 2004-08-04 04:10 15360 ----a-w c:\windows\system32\dllcache\streamip.sys
2009-05-06 13:25 . 2004-08-04 04:10 15360 ----a-w c:\windows\system32\drivers\StreamIP.sys
2009-05-06 13:25 . 2004-08-04 04:10 11136 ----a-w c:\windows\system32\dllcache\slip.sys
2009-05-06 13:25 . 2004-08-04 04:10 11136 ----a-w c:\windows\system32\drivers\SLIP.sys
2009-05-06 13:25 . 2004-08-04 04:10 19328 ----a-w c:\windows\system32\dllcache\wstcodec.sys
2009-05-06 13:25 . 2004-08-04 04:10 19328 ----a-w c:\windows\system32\drivers\WSTCODEC.SYS
2009-05-06 13:25 . 2004-08-04 04:10 85376 ----a-w c:\windows\system32\dllcache\nabtsfec.sys
2009-05-06 13:25 . 2004-08-04 04:10 85376 ----a-w c:\windows\system32\drivers\NABTSFEC.sys
2009-05-06 13:24 . 2004-08-04 04:10 17024 ----a-w c:\windows\system32\dllcache\ccdecode.sys
2009-05-06 13:24 . 2004-08-04 04:10 17024 ----a-w c:\windows\system32\drivers\CCDECODE.sys
2009-05-06 13:24 . 2008-07-26 15:23 195096 ----a-r c:\windows\system32\lvci11801048.dll
2009-05-06 13:24 . 2008-07-26 15:26 41752 ----a-r c:\windows\system32\drivers\LVUSBSta.sys
2009-05-06 13:24 . 2008-07-26 15:26 465432 ----a-r c:\windows\system32\LVUI2RC.dll
2009-05-06 13:24 . 2008-07-26 15:26 490008 ----a-r c:\windows\system32\LVUI2.dll
2009-05-06 13:24 . 2008-07-26 15:23 416280 ----a-r c:\windows\system32\lvcodec2.dll
2009-05-06 13:24 . 2008-07-26 15:22 2570520 ----a-r c:\windows\system32\drivers\LV302V32.SYS
2009-05-06 13:24 . 2004-08-04 05:56 53760 ----a-w c:\windows\system32\dllcache\vfwwdm32.dll
2009-05-06 13:24 . 2004-08-04 05:56 53760 ----a-w c:\windows\system32\vfwwdm32.dll
2009-05-06 13:18 . 2009-05-06 13:18 -------- d-----w c:\program files\Common Files\LogiShrd
2009-05-05 20:38 . 2009-05-05 20:38 -------- d-----w c:\documents and settings\TEMP
2009-04-30 16:15 . 2009-04-30 16:15 181 ----a-w C:\43454354.bat
2009-04-24 20:15 . 2009-04-24 20:15 -------- d-----w c:\program files\AskBarDis
2009-04-10 20:40 . 2009-04-10 20:40 -------- d-----w c:\documents and settings\BLWD\Application Data\TeamViewer
2009-04-10 20:40 . 2009-04-10 20:40 -------- d-----w c:\documents and settings\BLWD\Application Data\TeamViewer
2009-04-10 20:40 . 2009-04-10 20:40 -------- d-----w c:\program files\TeamViewer
2009-04-10 20:40 . 2009-04-10 20:40 -------- d-----w c:\documents and settings\BLWD\temp

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-07 14:39 . 2007-09-06 13:14 8508818 ------w c:\windows\Internet Logs\tvDebug.Zip
2009-05-07 14:35 . 2007-02-13 16:17 32 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-05-07 14:35 . 2007-02-13 16:17 32 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-05-07 14:33 . 2001-08-23 17:00 143872 ----a-w c:\windows\system32\dkparxon.dll
2009-05-07 14:32 . 2001-08-23 17:00 104448 ----a-w c:\windows\system32\pilnnru.dll
2009-05-05 18:55 . 2009-05-05 18:59 2432000 ------w c:\windows\Internet Logs\xDB14.tmp
2009-04-29 13:24 . 2007-01-18 13:23 86712 ----a-w c:\documents and settings\BLWD\Application Data\GDIPFONTCACHEV1.DAT
2009-04-29 13:24 . 2007-01-18 13:23 86712 ----a-w c:\documents and settings\BLWD\Application Data\GDIPFONTCACHEV1.DAT
2009-04-21 13:11 . 2007-02-13 16:06 4212 ---ha-w c:\windows\system32\zllictbl.dat
2009-04-03 15:46 . 2009-04-03 15:46 49954 ------w c:\windows\Internet Logs\vsmon_2nd_2009_04_03_10_39_40_small.dmp.zip
2009-04-03 15:46 . 2009-04-03 15:46 49999 ------w c:\windows\Internet Logs\vsmon_2nd_2009_04_03_10_39_36_small.dmp.zip
2009-04-03 15:46 . 2009-04-03 15:46 49986 ------w c:\windows\Internet Logs\vsmon_2nd_2009_04_03_10_39_38_small.dmp.zip
2009-04-03 15:46 . 2009-04-03 15:46 49986 ------w c:\windows\Internet Logs\vsmon_2nd_2009_04_03_10_39_34_small.dmp.zip
2009-04-03 15:46 . 2009-04-03 15:46 49995 ------w c:\windows\Internet Logs\vsmon_2nd_2009_04_03_10_39_49_small.dmp.zip
2009-04-03 15:46 . 2009-04-03 15:46 43641 ------w c:\windows\Internet Logs\vsmon_2nd_2009_04_03_10_39_33_small.dmp.zip
2009-04-03 15:46 . 2009-04-03 15:46 13398374 ------w c:\windows\Internet Logs\vsmon_2nd_2009_04_03_10_39_51_full.dmp.zip
2009-04-03 15:46 . 2009-04-03 15:46 49983 ------w c:\windows\Internet Logs\vsmon_2nd_2009_04_03_10_39_47_small.dmp.zip
2009-04-03 15:46 . 2009-04-03 15:46 50040 ------w c:\windows\Internet Logs\vsmon_2nd_2009_04_03_10_39_42_small.dmp.zip
2009-04-03 15:46 . 2009-04-03 15:46 50009 ------w c:\windows\Internet Logs\vsmon_2nd_2009_04_03_10_39_45_small.dmp.zip
2009-04-03 13:23 . 2009-04-03 15:41 2363904 ------w c:\windows\Internet Logs\xDB13.tmp
2009-04-01 00:20 . 2005-10-14 18:33 72584 ----a-w c:\windows\zllsputility.exe
2009-04-01 00:20 . 2008-11-12 20:23 1221512 ----a-w c:\windows\system32\zpeng25.dll
2009-03-17 16:18 . 2009-03-17 16:20 2359296 ------w c:\windows\Internet Logs\xDB12.tmp
2008-03-19 13:23 . 2008-03-19 13:23 0 ----a-w c:\program files\temp01
2006-03-23 17:59 . 2006-03-23 17:59 81920 ----a-w c:\program files\CALENDAR CREATOR 7.mdb
2003-07-09 16:55 . 2003-07-09 16:55 271 --sh--w c:\program files\desktop.ini
2003-07-09 16:55 . 2003-07-09 16:55 23357 ---h--w c:\program files\folder.htt
2009-01-09 16:42 . 2009-01-09 16:41 0 --sha-w c:\windows\DRM\Cache\Indiv02.tmp
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0448671C-627B-4137-AF42-AB7B38573CDd}]
2009-05-07 14:33 143872 ----a-w c:\windows\system32\dkparxon.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-07-17 22:20 279944 ----a-w c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31D8AD79-AD01-4C60-B31E-EBD0FBC7DB9B}]
2001-08-23 17:00 104448 ----a-w c:\windows\system32\gyzmuzn.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2002-09-12 1101824]
"PayClockServer"="c:\payclock\PCSCMGR.EXE" [2006-05-31 352256]
"ToolBoxFX"="c:\program files\Hewlett-Packard\hp LaserJet 1160_1320 series\ToolBoxFX\bin\HPTLBXFX.exe" [2006-06-15 49152]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-04-01 982408]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2007-05-30 5419008]

c:\documents and settings\BLWD\Start Menu\Programs\Startup\
Logitech . Product Registration.lnk - c:\program files\Logitech\QuickCam\eReg.exe [2008-2-13 493832]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2009-4-9 972064]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-3-10 692224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Canon iC D800 Status Window.LNK]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Canon iC D800 Status Window.LNK
backup=c:\windows\pss\Canon iC D800 Status Window.LNKCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd
"LWBMOUSE"=c:\program files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
"TomcatStartup 2.5"=c:\program files\Hewlett-Packard\Toolbox\hpbpsttp.exe
"TaskMonitor"=c:\windows\taskmon.exe
"PCHealth"=c:\windows\PCHealth\Support\PCHSchd.exe -s
"LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
"StatusClient 2.6"=c:\program files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
"IrMon"=irmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"InCD"=c:\program files\Ahead\InCD\InCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices-]
"LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
"HP Port Resolver"=c:\windows\SYSTEM\hpbpro.exe
"HP Status Server"=c:\windows\SYSTEM\hpboid.exe
"SchedulingAgent"=mstask.exe
"*StateMgr"=c:\windows\System\Restore\StateMgr.exe
"StillImageMonitor"=c:\windows\SYSTEM32\STIMON.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Hewlett-Packard\\Toolbox\\jre\\bin\\javaw.exe"=
"c:\\PAYCLOCK\\MAPDB.exe"=
"c:\\PAYCLOCK\\MapDBWizard.exe"=
"c:\\PAYCLOCK\\Bteng32m.exe"=
"c:\\PAYCLOCK\\RBEdit.exe"=
"c:\\PAYCLOCK\\Pcihsv.exe"=
"c:\\PAYCLOCK\\Pcscmgr.exe"=
"c:\\PAYCLOCK\\dbmgr.exe"=
"c:\\PAYCLOCK\\RENYRUN.exe"=
"c:\\PAYCLOCK\\TERMMGR.exe"=
"c:\\PAYCLOCK\\Export32.exe"=
"c:\\PAYCLOCK\\LicMgr32.exe"=
"c:\\PAYCLOCK\\Reny.exe"=
"c:\\PAYCLOCK\\RepWrite.exe"=
"c:\\PAYCLOCK\\Register32.exe"=
"c:\\PAYCLOCK\\QB02Sync.exe"=
"c:\\PAYCLOCK\\QB03Sync.exe"=
"c:\\PAYCLOCK\\QBSetup.exe"=
"c:\\PAYCLOCK\\QB03Wiz.exe"=
"c:\\PAYCLOCK\\MsgCheck.exe"=
"c:\\Program Files\\Intuit\\QuickBooks 2007\\QBDBMgrN.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\WINDOWS\\System32\\ZoneLabs\\vsmon.exe"=

R0 BsStor;InCD Storage Helper Driver;c:\windows\SYSTEM32\DRIVERS\bsstor.sys [1/17/2007 11:13 AM 9344]
R0 ivzzpmue;ivzzpmue;c:\windows\SYSTEM32\DRIVERS\ivzzpmue.sys [8/23/2001 12:00 PM 23424]
R2 BsUDF;InCD UDF Driver;c:\windows\SYSTEM32\DRIVERS\bsudf.sys [1/17/2007 11:13 AM 448640]
R2 PayClockServer;PayClock Database Service;c:\payclock\Bteng32m.exe [11/8/2007 2:58 PM 200763]
R2 QuickBooksDB17;QuickBooksDB17;c:\progra~1\Intuit\QUICKB~1\QBDBMgrN.exe -hvQuickBooksDB17 --> c:\progra~1\Intuit\QUICKB~1\QBDBMgrN.exe -hvQuickBooksDB17 [?]
R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [3/23/2009 3:35 AM 185640]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\SYSTEM32\DRIVERS\motccgp.sys [3/13/2008 9:46 AM 18176]
S3 motccgpfl;MotCcgpFlService;c:\windows\SYSTEM32\DRIVERS\motccgpfl.sys [3/13/2008 9:46 AM 7680]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8c8fb36e-6942-11dd-89a1-00e04c95f93c}]
\Shell\AutoRun\command - F:\setupSNK.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
"c:\progra~1\OUTLOO~1\setup50.exe" /APP:OE /CALLER:WIN9X /user /install

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
"c:\progra~1\OUTLOO~1\setup50.exe" /APP:OE /CALLER:WIN9X /user /install
"c:\progra~1\OUTLOO~1\setup50.exe" /APP:OE /CALLER:IE50 /user /install

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
"c:\progra~1\OUTLOO~1\setup50.exe" /APP:WAB /CALLER:WIN9X /user /install

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
"c:\progra~1\OUTLOO~1\setup50.exe" /APP:WAB /CALLER:WIN9X /user /install
"c:\progra~1\OUTLOO~1\setup50.exe" /APP:WAB /CALLER:IE50 /user /install

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}]
c:\windows\SYSTEM32\UPDCRL.EXE -e -u c:\windows\SYSTEM\verisignpub1.crl
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mLocal Page = c:\windows\SYSTEM\blank.htm
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
TCP: {70ED319E-088B-4D3D-99E7-2D5469E64D8B} = 192.168.1.1
DPF: DirectAnimation Java Classes - file://c:\windows\SYSTEM\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso4.cab
DPF: Win32 Classes
DPF: {D40F5876-A494-4124-8161-82625BB28C06} - hxxp://games.bigfishgames.com/en_chocolatier-2-secret-ingredients/online/Chocolatier2Web.1.0.0.10.cab
FF - ProfilePath - c:\documents and settings\BLWD\Application Data\Mozilla\Firefox\Profiles\ajgc4ain.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-07 09:43
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PayClockServer]
"ImagePath"="c:\payclock\BTENG32M.EXE /SCN:PayClockServer"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3052)
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\progra~1\Intuit\QUICKB~1\QBDBMgrN.exe
c:\program files\TeamViewer\Version4\TeamViewer.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-05-07 9:46 - machine was rebooted
ComboFix-quarantined-files.txt 2009-05-07 14:46

Pre-Run: 23,379,836,928 bytes free
Post-Run: 23,557,439,488 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout = 30
default = multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS = "Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

526


Where do I go from here?

Thanks for any and all help you can provide.
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP