Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: 1 [2] 3  All   Go Down

Author Topic: various trojan infection warnings and cannot download .exe  (Read 16116 times)

0 Members and 1 Guest are viewing this topic.

bobbysgirlonly

    Topic Starter


    Rookie

    Re: various trojan infection warnings and cannot download .exe
    « Reply #15 on: August 29, 2008, 01:48:03 AM »
    PART 1, HAVE TO DO THIS IS SEPERATE POSTS...........


    i had to run this from the other user account, i was still getting the error

    ComboFix 08-08-28.04 - test 2008-08-29  2:07:36.1 - NTFSx86
    Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1033.18.675 [GMT -4:00]
    Running from: C:\Documents and Settings\test\Desktop\ComboFix.exe
    Command switches used :: C:\Documents and Settings\test\Desktop\cfscript.txt
     * Created a new restore point

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

    FILE ::
    C:\WINNT\system32\AFinding.exe
    C:\WINNT\system32\afisicx.exe
    C:\WINNT\system32\macidwe.exe
    C:\WINNT\system32\Nobicyt.exe
    C:\WINNT\system32\noxtcyr.exe
    C:\WINNT\system32\perfs.exe
    C:\WINNT\system32\routing.exe
    C:\WINNT\system32\roxtctm.exe
    C:\WINNT\system32\sobicyt.exe
    C:\WINNT\system32\tdxdowkc.exe
    C:\WINNT\system32\WServing.exe
    C:\WINNT\system32\wsldoekd.exe
    .

    (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
    C:\Documents and Settings\All Users\Application Data\ZangoSA
    C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA.dat
    C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA_kyf.dat
    C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAAbout.mht
    C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAau.dat
    C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAEula.mht
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\DriveCleaner HomePage.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\DriveCleaner Online Manual.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\DriveCleaner Online Support.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\DriveCleaner.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\Uninstall DriveCleaner.lnk
    C:\Documents and Settings\LocalService\Application Data\macromedia\Flash Player\#SharedObjects\2CH5FVZ4\bin.clearspring.com
    C:\Documents and Settings\LocalService\Application Data\macromedia\Flash Player\#SharedObjects\2CH5FVZ4\bin.clearspring.com\clearspring.sol
    C:\Documents and Settings\LocalService\Application Data\macromedia\Flash Player\#SharedObjects\2CH5FVZ4\interclick.com
    C:\Documents and Settings\LocalService\Application Data\macromedia\Flash Player\#SharedObjects\2CH5FVZ4\interclick.com\ud.sol
    C:\Documents and Settings\LocalService\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin.clearspring.com
    C:\Documents and Settings\LocalService\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin.clearspring.com\settings.sol
    C:\Documents and Settings\LocalService\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
    C:\Documents and Settings\LocalService\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
    C:\Documents and Settings\LocalService\Application Data\NetMon
    C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt
    C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt
    C:\Documents and Settings\Owner\Application Data\DriveCleaner Free
    C:\Documents and Settings\Owner\Application Data\DriveCleaner Free\Logs\update.log
    C:\Documents and Settings\Owner\err.log
    C:\Documents and Settings\Owner\ResErrors.log
    C:\Program Files\Common Files\DriveCleaner Free
    C:\Program Files\outlook
    C:\Program Files\outlook\p.zip
    C:\Program Files\Screensavers.com
    C:\Program Files\screensavers.com\Installer\bin\siuninst.exe
    C:\Program Files\winupdate
    C:\RECYCLER\desktop.ini
    C:\setup.exe
    C:\WINNT\Downloaded Program Files\setup.inf
    Logged

    bobbysgirlonly

      Topic Starter


      Rookie

      Re: various trojan infection warnings and cannot download .exe
      « Reply #16 on: August 29, 2008, 01:49:58 AM »
      PART 2..........

      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\music\mainmenumusic.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\areabomb.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\beetlezap.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\bonusrow.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\bonustimer.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\bucketfilled.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\clearpyramid.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle1a.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle1b.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle1c.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle2a.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle2b.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle2c.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\colorchain.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\dialogbox.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\drumbeat.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\fillrow.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\gateopen.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\helptip.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\powerup.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\rotateboardleft.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\timerup.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\warning.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\warning2.ogg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\artifacts-bb.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\bar.jpg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\chamber0.jpg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\chamber1.jpg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\circledoor.jpg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\full_screen_dialog.jpg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\global-hs-bb_large.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\global-hs-bb_small.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\help-bb_large.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\help-bb_small.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\hexfield.jpg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\hidden-artifact_icon.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\large_dialog.jpg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\local-hs-bb.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\mainmenu.jpg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\small_dialog.jpg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\textfield.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\trifield.jpg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetlehover1.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetlehover2.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetlehover3.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetlehover4.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetleshock1.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetleshock2.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetleshock3.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetleshock4.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetletatoo.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\dirt.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\scarabpost.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\scarabpostovr.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\tritop.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowdown_down.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowdown_over.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowdown_up.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowleft_down.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowleft_over.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowleft_up.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowright_down.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowright_over.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowright_up.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowup_down.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowup_over.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowup_up.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\bluearrowleft_down.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\bluearrowleft_over.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\bluearrowleft_up.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\bluearrowright_down.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\bluearrowright_over.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\bluearrowright_up.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\checkdown.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\checkup.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\long_button_down.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\long_button_over.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\long_button_up.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\orange-button_down.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\orange-button_over.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\orange-button_up.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\rotleft_down.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\rotleft_over.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\rotleft_up.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\rotright_down.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\rotright_over.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\rotright_up.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\simplebutton_down.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\simplebutton_over.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\simplebutton_up.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\sliderknob.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\sliderknobover.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\sliderrail.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\characters\anwar\look\pl0001.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\characters\bast\look\bl0001.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\characters\kristine\look\kl0001.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\crackedstopper.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\cursor.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\doorlights.txt
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\fonts\jackarmstrong.mvec
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\fonts\lithos.mvec
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\greybomb.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\helptips\arrowkeys.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\helptips\helptip.jpg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\levels\levels.dat
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\disk.mesh
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\equilateraltriangle.mesh
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\flattri.mesh
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\pyramid.mesh
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\quad.mesh
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\rotatingpyramid.mesh
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\scarabpanel.mesh
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\p1icon.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\scenes\page1-0.xml
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\scenes\page1-1.xml
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\scenes\panel1-0-1.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\scenes\panel1-1-1.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\scorecloud.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\setup.xml
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\areashockwave.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\bolt_1.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\bolt_2.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\bolt_3.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\bolt_4.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\bolt_starter.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\bolt_tail.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\flash.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\rubble.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\smoke.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\smoke2.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\smoke3.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\splash\playfirst_logo.jpg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\statues\statue0\snake_dirty.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\statues\statue1\arm01_dirty.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\statues\statue1\mask01_1.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\statues\statue1\statue01_dirty.jpg
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\stopper.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\timer.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\timerglow.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\timericon.png
      C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\tm.png
      Logged

      bobbysgirlonly

        Topic Starter


        Rookie

        Re: various trojan infection warnings and cannot download .exe
        « Reply #17 on: August 29, 2008, 01:51:03 AM »
        PART 3...........



        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mouseblue1.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mouseblue2.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mouseblue3.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mousegreen1.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mousegreen2.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mousegreen3.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mousered1.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mousered2.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mousered3.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mouseyellow1.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mouseyellow2.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mouseyellow3.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\areabomb.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\areabombrollover.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\blue.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\bluerollover.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\boardfill.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\brick.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\brick1.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\brick2.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\brick3.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\bricktip.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\clearanim\cleared1.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\clearanim\cleared2.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\clearanim\cleared3.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\clearanim\cleared4.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\clearanim\cleared5.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\clearanim\cleared6.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\eye1.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\eye2.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\eye3.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\eye4.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\green.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\greenrollover.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-blue.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-bluerollover.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-green.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-greenrollover.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-red.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-redrollover.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-yellow.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-yellowrollover.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\red.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\redrollover.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\wild.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\wildrollover.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\yellow.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\yellowrollover.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\upsell\image0.jpg
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\upsell\image1.jpg
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\upsell\image2.jpg
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\upsell\image3.jpg
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\bluebucket.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\buckettriangle.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\chainlink.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\chaintip.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\genericbucket.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\greenbucket.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\redbucket.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\smallblue.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\smallgreen.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\smallred.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\smallyellow.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\urnglow.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\urnplatform.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\yellowbucket.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\assets\warning.png
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\error.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\game.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\gameover.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\hiscore.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\hiscoreinfo.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\hiscoresubmit.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\instructions.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\leveldesign.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\levelover.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\mainarcade.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\mainconfirm.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\maincontinue.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\maingames.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\mainpuzzle.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\maphelptip.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\options.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\pause.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\quitconfirm.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\start.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\storyplayer.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\style.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\screens\upsell.lua
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\strings.xml
        C:\WINNT\Downloaded Program Files\TriJinx.1.0.0.55\TriJinx.exe
        Logged

        bobbysgirlonly

          Topic Starter


          Rookie

          Re: various trojan infection warnings and cannot download .exe
          « Reply #18 on: August 29, 2008, 01:51:44 AM »
          PART 4.........

          C:\WINNT\Install.txt
          C:\WINNT\SNMPAPI.DLL
          C:\WINNT\system32\atsxyzd.sys
          C:\WINNT\system32\comsa32.sys
          C:\WINNT\system32\KBPK080812.log
          C:\WINNT\system32\roxtctm.exe
          C:\WINNT\system32\rtl60.bpl
          C:\WINNT\system32\sotpeca.exe
          C:\WINNT\system32\syspilog.pil
          C:\WINNT\system32\tmp0_239842534757.bk
          C:\WINNT\system32\tmp0_298631483972.bk
          C:\WINNT\system32\tmp0_362277416365.bk
          C:\WINNT\system32\tmp0_483464206746.bk
          C:\WINNT\system32\tmp0_752986259741.bk
          C:\WINNT\system32\tmp1_2683186973.bk
          C:\WINNT\system32\tmp1_279757721191.bk
          C:\WINNT\system32\tmp1_280093609914.bk
          C:\WINNT\system32\tmp1_348577106913.bk
          C:\WINNT\system32\tmp1_85396553527.bk

          .
          (((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
          .

          -------\Legacy_AFISICX
          -------\Legacy_MACIDWE
          -------\Legacy_NOXTCYR
          -------\Legacy_ROXTCTM
          -------\Legacy_SEUICTOL
          -------\Legacy_SOBICYT
          -------\Legacy_SOTPECA
          -------\Legacy_TDXDOWKC
          -------\Legacy_WSLDOEKD
          -------\Service_seuictol
          -------\Service_sotpeca


          (((((((((((((((((((((((((   Files Created from 2008-07-28 to 2008-08-29  )))))))))))))))))))))))))))))))
          .

          2008-08-24 14:33 . 2008-08-24 14:33   <DIR>   d---s----   C:\Documents and Settings\Administrator\UserData
          2008-08-19 02:00 . 2008-08-28 08:46   <DIR>   d--h-----   C:\$AVG8.VAULT$
          2008-08-19 01:58 . 2008-08-19 02:00   <DIR>   d--------   C:\Documents and Settings\Owner\Application Data\AVGTOOLBAR
          2008-08-19 01:52 . 2008-08-29 01:14   <DIR>   d--------   C:\WINNT\system32\drivers\Avg
          2008-08-19 01:52 . 2008-08-19 01:56   <DIR>   d--------   C:\Documents and Settings\test\Application Data\AVGTOOLBAR
          2008-08-19 01:52 . 2008-08-29 01:11   97,928   --a------   C:\WINNT\system32\drivers\avgldx86.sys
          2008-08-19 01:52 . 2008-08-19 01:52   76,040   --a------   C:\WINNT\system32\drivers\avgtdix.sys
          2008-08-19 01:52 . 2008-08-19 01:52   10,520   --a------   C:\WINNT\system32\avgrsstx.dll
          2008-08-19 01:51 . 2008-08-19 01:51   <DIR>   d--------   C:\Program Files\AVG
          2008-08-19 01:41 . 2008-08-19 01:41   <DIR>   d---s----   C:\Documents and Settings\test\UserData
          2008-08-19 00:32 . 2008-08-19 00:32   0   --a------   C:\WINNT\system32\Je5qtC11.exe.a_a
          2008-08-17 22:26 . 2008-06-19 17:24   28,544   --a------   C:\WINNT\system32\drivers\pavboot.sys
          2008-08-17 12:29 . 2008-08-17 12:29   <DIR>   d---s----   C:\Documents and Settings\LocalService\UserData
          2008-08-17 11:49 . 2008-08-17 11:49   <DIR>   d--------   C:\Documents and Settings\LocalService\Application Data\AdobeUM
          2008-08-16 21:30 . 2003-08-02 12:52   <DIR>   d--------   C:\Documents and Settings\test\Application Data\Symantec
          2008-08-16 21:30 . 2003-08-02 12:50   <DIR>   d--------   C:\Documents and Settings\test\Application Data\InterTrust
          2008-08-16 21:30 . 2008-08-19 01:41   <DIR>   d--------   C:\Documents and Settings\test
          2008-08-16 19:13 . 2008-08-19 01:51   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Avg8
          2008-08-16 16:05 . 2008-05-01 10:30   331,776   ---------   C:\WINNT\system32\dllcache\msadce.dll
          2008-08-13 13:39 . 2008-08-13 13:39   <DIR>   d--------   C:\windows
          2008-08-06 17:38 . 2008-08-06 17:38   <DIR>   d--------   C:\Documents and Settings\Owner\Application Data\UNOUndercover

          .
          ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          2008-08-29 05:08   ---------   d-----w   C:\Documents and Settings\Owner\Application Data\WeatherBug
          2008-08-28 23:53   ---------   d-----w   C:\Program Files\Java
          2008-08-28 06:24   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
          2008-08-19 06:02   ---------   d---a-w   C:\Documents and Settings\All Users\Application Data\TEMP
          2008-08-19 05:47   ---------   d-----w   C:\Program Files\SpywareBlaster
          2008-08-17 01:30   ---------   d-----w   C:\Program Files\Web Publish
          2008-08-16 00:54   ---------   d-----w   C:\Program Files\Google
          2008-08-09 17:47   ---------   d-----w   C:\Program Files\IncrediMail
          2008-08-06 21:36   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\MumboJumbo
          2008-08-04 19:32   ---------   d-----w   C:\Documents and Settings\Owner\Application Data\Sheeplings
          2008-07-26 19:20   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\DVD Shrink
          2008-07-07 20:32   253,952   ----a-w   C:\WINNT\system32\es.dll
          2008-07-07 20:32   253,952   ------w   C:\WINNT\system32\dllcache\es.dll
          2008-06-24 16:23   74,240   ----a-w   C:\WINNT\system32\mscms.dll
          2008-06-24 16:23   74,240   ------w   C:\WINNT\system32\dllcache\mscms.dll
          2008-06-23 09:49   18,432   ------w   C:\WINNT\system32\dllcache\iedw.exe
          2008-06-20 17:41   245,248   ----a-w   C:\WINNT\system32\mswsock.dll
          2008-06-20 17:41   245,248   ----a-w   C:\WINNT\system32\dllcache\mswsock.dll
          2008-06-20 17:41   148,992   ----a-w   C:\WINNT\system32\dllcache\dnsapi.dll
          2008-06-20 10:45   360,320   ----a-w   C:\WINNT\system32\dllcache\tcpip.sys
          2008-06-20 10:44   138,368   ------w   C:\WINNT\system32\dllcache\afd.sys
          2008-06-20 09:52   225,920   ----a-w   C:\WINNT\system32\dllcache\tcpip6.sys
          2008-06-13 13:10   272,128   ------w   C:\WINNT\system32\dllcache\bthport.sys
          2007-11-10 18:55   115,176   ----a-w   C:\Documents and Settings\Owner\Application Data\GDIPFONTCACHEV1.DAT
          2006-04-04 20:39   212   ----a-w   C:\Program Files\regfix.reg
          2006-04-01 20:10   220   ----a-w   C:\Documents and Settings\Owner\n.bat
          2006-03-30 07:46   774,144   ----a-w   C:\Program Files\RngInterstitial.dll
          2003-03-04 13:14   45,568   ----a-w   C:\Documents and Settings\Owner\onuninst.dll
          1998-07-03 20:27   7,488   ----a-w   C:\WINNT\inf\unregpn.exe
          2007-08-02 07:55   80   --sh--r   C:\WINNT\system32\C54E22B8EC.dll
          .

          (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          .
          *Note* empty entries & legit default entries are not shown
          REGEDIT4

          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24 1694208]
          "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2008-07-24 14:22 243072]

          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "GWMDMpi"="C:\WINNT\GWMDMpi.exe" [2002-08-06 15:24 53248]
          "EPSON Stylus Photo RX600"="C:\WINNT\System32\spool\DRIVERS\W32X86\3\E_S4I2M1.EXE" [2003-09-10 03:00 99840]
          "IgfxTray"="C:\WINNT\system32\igfxtray.exe" [2005-06-21 17:48 155648]
          "HotKeysCmds"="C:\WINNT\system32\hkcmd.exe" [2005-06-21 17:44 126976]
          "NeroFilterCheck"="C:\WINNT\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
          "EPSON Stylus Photo RX600 (Copy 1)"="C:\WINNT\System32\spool\DRIVERS\W32X86\3\E_S4I2M1.EXE" [2003-09-10 03:00 99840]
          "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-05-23 09:48 282624]
          "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-08-29 01:11 1235736]
          "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
          "Hot Key Kbd 9910 Daemon"="SK9910DM.EXE" [2001-01-03 14:50 66048 C:\WINNT\system32\SK9910DM.EXE]
          "Logitech Utility"="Logi_MwX.Exe" [2002-11-08 05:50 19968 C:\WINNT\LOGI_MWX.EXE]
          "GWMDMMSG"="GWMDMMSG.exe" [2002-08-06 15:24 90112 C:\WINNT\GWMDMMSG.exe]

          [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
          "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2008-07-24 14:22 243072]

          [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
          "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-24 13:06 77824]

          [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
          2007-04-27 18:21 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

          [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
          "AppInit_DLLs"=AVGRSSTX.DLL,avgrsstx.dll

          [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
          "VIDC.VDOM"= vdowave.drv

          [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
          path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
          backup=C:\WINNT\pss\Adobe Gamma Loader.lnkCommon Startup

          [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
          path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
          backup=C:\WINNT\pss\Adobe Reader Speed Launch.lnkCommon Startup

          [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
          path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
          backup=C:\WINNT\pss\Microsoft Office.lnkCommon Startup

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
          --a------ 2005-06-07 00:46 57344 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
          --a------ 2006-05-23 09:48 282624 C:\Program Files\QuickTime\qttask.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
          --a------ 2005-01-12 04:01 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
          --a------ 2007-03-27 16:22 4670968 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\security center]
          "AntiVirusDisableNotify"=dword:00000001

          [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
          "EnableFirewall"= 0 (0x0)

          [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
          "%windir%\\system32\\sessmgr.exe"=
          "C:\\WINNT\\system32\\LEXPPS.EXE"=
          "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
          "C:\\StubInstaller.exe"=
          "C:\\Program Files\\PopCap Games\\Zuma Deluxe\\Zuma.exe"=
          "C:\\Program Files\\BearShare\\BearShare.exe"=
          "C:\\Program Files\\Real\\RealOne Player\\realplay.exe"=
          "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
          "C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
          "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
          "C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
          "C:\\Program Files\\Real\\RealOne Player\\trueplay.exe"=
          "C:\\Program Files\\Magentic\\bin\\MgImp.exe"=
          "C:\\Program Files\\Magentic\\bin\\Magentic.exe"=
          "C:\\Program Files\\Magentic\\bin\\MgApp.exe"=
          "C:\\Program Files\\IncrediMail\\bin\\ImLc.exe"=
          "C:\\Program Files\\Zone.com Deluxe Games\\Wheel of Fortune Deluxe\\Wheel of Fortune Deluxe.exe"=
          "C:\\Program Files\\Yahoo! Games\\JEOPARDY!\\JEOPARDY!.exe"=
          "C:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe"=
          "C:\\Program Files\\IncrediMail\\bin\\ImSc.exe"=
          "C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
          "C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

          [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
          "9420:TCP"= 9420:TCP:Red Swoosh
          "5000:UDP"= 5000:UDP:Red Swoosh

          R0 pavboot;pavboot;C:\WINNT\system32\drivers\pavboot.sys [2008-06-19 17:24]
          R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINNT\system32\Drivers\avgldx86.sys [2008-08-29 01:11]
          R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-10-02 15:46]
          R2 avg8emc;AVG Free8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-08-29 01:11]
          R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-29 01:11]
          R2 AvgTdiX;AVG Free8 Network Redirector;C:\WINNT\system32\Drivers\avgtdix.sys [2008-08-19 01:52]
          S3 PCDRDRV;Pcdr Helper Driver;C:\PROGRA~1\PC-DOC~1\DIAGNO~1\PCDRDRV.sys []
          S3 StreamSurge;StreamSurge Driver (miniport);C:\WINNT\system32\DRIVERS\ss.sys []

          [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\d2d5a19a-7530-43d2-baca-7a9ef323da99]
          C:\WINNT\system32\wqxuxz.exe
          .
          Contents of the 'Scheduled Tasks' folder
          .
          - - - - ORPHANS REMOVED - - - -

          MSConfigStartUp-AOLDialer - C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
          MSConfigStartUp-DAEMON Tools Lite - C:\Program Files\DAEMON Tools Lite\daemon.exe
          MSConfigStartUp-WeatherDPA - C:\Program Files\Zango\bin\10.3.37.0\Weather.exe
          MSConfigStartUp-ZangoSA - C:\Program Files\Zango\bin\10.3.37.0\ZangoSA.exe



          **************************************************************************

          catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
          Rootkit scan 2008-08-29 02:18:20
          Windows 5.1.2600 Service Pack 2 NTFS

          scanning hidden processes ...

          scanning hidden autostart entries ...

          scanning hidden files ...

          scan completed successfully
          hidden files: 0

          **************************************************************************
          .
          ------------------------ Other Running Processes ------------------------
          .
          C:\WINNT\system32\LEXBCES.EXE
          C:\WINNT\system32\LEXPPS.EXE
          C:\Program Files\Common Files\LightScribe\LSSrvc.exe
          C:\WINNT\system32\wscntfy.exe
          C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
          C:\Program Files\IncrediMail\bin\IMApp.exe
          C:\Program Files\AVG\AVG8\avgrsx.exe
          C:\Program Files\AVG\AVG8\avgrsx.exe
          .
          **************************************************************************
          .
          Completion time: 2008-08-29  2:30:19 - machine was rebooted
          ComboFix-quarantined-files.txt  2008-08-29 06:30:01

          Pre-Run: 17,453,203,456 bytes free
          Post-Run: 17,586,393,088 bytes free

          506   --- E O F ---   2008-08-17 09:06:45
          Logged

          evilfantasy

          • Malware Removal Specialist
          • Moderator


            • Genius
          • Calm like a bomb
            • Thanked: 493
          • Experience: Experienced
          • OS: Windows 11
          Re: various trojan infection warnings and cannot download .exe
          « Reply #19 on: August 29, 2008, 12:34:26 PM »
            Download
          OTMoveIt2 by OldTimer
          • Save it to your desktop.
          Note: If you are running on Vista, right-click on OTMoveIt2.exe and choose Run As Administrator.

          • Double-click OTMoveIt2.exe to run it.
          • Copy the lines in the codebox below.
          [/list]
          Code: [Select]
          [kill explorer]
          HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\d2d5a19a-7530-43d2-baca-7a9ef323da99
          C:\WINNT\system32\Je5qtC11.exe.a_a
          EmptyTemp
          [start explorer]
          • Return to OTMoveIt2, right click in the Paste List of Files/Folders to Move window (under the yellow bar) and choose Paste
          • Click the red Moveit! button.
          • Copy everything in the Results window (under the green bar) and paste it in your next reply.
          • Close OTMoveIt2
          Logged

          bobbysgirlonly

            Topic Starter


            Rookie

            Re: various trojan infection warnings and cannot download .exe
            « Reply #20 on: August 29, 2008, 02:17:58 PM »
            like before, i h ad to log on under another iser to be able to download an run the application.......


            Explorer killed successfully
            < HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\d2d5a19a-7530-43d2-baca-7a9ef323da99 >
            Registry key HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\d2d5a19a-7530-43d2-baca-7a9ef323da99\\ deleted successfully.
            C:\WINNT\system32\Je5qtC11.exe.a_a moved successfully.
            < EmptyTemp >
            File delete failed. C:\WINNT\temp\IM\img66.htm scheduled to be deleted on reboot.
            File delete failed. C:\WINNT\temp\IM\imgF5.htm scheduled to be deleted on reboot.
            File delete failed. C:\WINNT\temp\slu1624.tmp\CATALOG.DAT scheduled to be deleted on reboot.
            File delete failed. C:\WINNT\temp\slu1624.tmp\CCERASER.DLL scheduled to be deleted on reboot.
            Temp folders emptied.
            IE temp folders emptied.
            Explorer started successfully
             
            OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08292008_161556
            Logged

            bobbysgirlonly

              Topic Starter


              Rookie

              Re: various trojan infection warnings and cannot download .exe
              « Reply #21 on: August 29, 2008, 02:24:05 PM »
              here is the log after reboot

              Explorer killed successfully
              < HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\d2d5a19a-7530-43d2-baca-7a9ef323da99 >
              Registry key HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\d2d5a19a-7530-43d2-baca-7a9ef323da99\\ deleted successfully.
              C:\WINNT\system32\Je5qtC11.exe.a_a moved successfully.
              < EmptyTemp >
              File delete failed. C:\WINNT\temp\IM\img66.htm scheduled to be deleted on reboot.
              File delete failed. C:\WINNT\temp\IM\imgF5.htm scheduled to be deleted on reboot.
              File delete failed. C:\WINNT\temp\slu1624.tmp\CATALOG.DAT scheduled to be deleted on reboot.
              File delete failed. C:\WINNT\temp\slu1624.tmp\CCERASER.DLL scheduled to be deleted on reboot.
              Temp folders emptied.
              IE temp folders emptied.
              Explorer started successfully
               
              OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08292008_161556

              Files moved on Reboot...
              File move failed. C:\WINNT\temp\IM\img66.htm scheduled to be moved on reboot.
              File move failed. C:\WINNT\temp\IM\imgF5.htm scheduled to be moved on reboot.
              File move failed. C:\WINNT\temp\slu1624.tmp\CATALOG.DAT scheduled to be moved on reboot.
              DllUnregisterServer procedure not found in C:\WINNT\temp\slu1624.tmp\CCERASER.DLL
              C:\WINNT\temp\slu1624.tmp\CCERASER.DLL NOT unregistered.
              File move failed. C:\WINNT\temp\slu1624.tmp\CCERASER.DLL scheduled to be moved on reboot.
              Logged

              bobbysgirlonly

                Topic Starter


                Rookie

                Re: various trojan infection warnings and cannot download .exe
                « Reply #22 on: August 29, 2008, 02:31:11 PM »
                i tried this again in case i did something wrong, but still got the same results
                Logged

                evilfantasy

                • Malware Removal Specialist
                • Moderator


                  • Genius
                • Calm like a bomb
                  • Thanked: 493
                • Experience: Experienced
                • OS: Windows 11
                Re: various trojan infection warnings and cannot download .exe
                « Reply #23 on: August 29, 2008, 07:17:25 PM »
                You may end up deleting the account and creating a new one. Sounds like it is corrupted.

                Download ATF Cleaner by Atribune to your Desktop.

                Alternate download link

                Note: Vista users must use Run As Administrator
                • Under Main: Select Files to Delete choose: Select All.
                • Click the Empty Selected button.
                • If you use Firefox browser click Firefox at the top and choose: Select All
                • Click the Empty Selected button.
                  If you would like to keep your saved passwords click No at the prompt.
                • If you use Opera browser click Opera at the top and choose: Select All
                • Click the Empty Selected button.
                  If you would like to keep your saved passwords click No at the prompt.
                • Click Exit on the Main menu to close the program.
                Note that your system will run slower for a reboot or two after having used this tool so don't panic.

                Important: Restart the computer before continuing.

                ----------

                Run the Kaspersky Online Scanner

                In Microsoft Windows Vista, you must open the Web browser using the Run as Administrator command. From the Desktop right click the icon to open the browser and choose Run as Administrator.

                • Click on SCAN NOW
                • Click Accept.
                • The program will then begin downloading the latest definition files.
                • Once the files have been downloaded locate the Scan Settings and have it scan My Computer.
                • The scan will take a while, so be patient and let it finish.
                When the scan is done, in the Scan is complete window, any infection is displayed.
                There is no option to clean/disinfect, however, we need to analyze the information on the report.

                To obtain the report:
                Click on: Save Report As
                • Next, in the Save as prompt, Save in area, select: Desktop.
                • In the File name area use KScan, or something similar.
                • In Save as type: click the drop arrow and select: Text file [*.txt]
                • Then, click: Save


                Copy and paste the Kaspersky Online Scanner Report in your next reply.

                Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.
                Logged

                bobbysgirlonly

                  Topic Starter


                  Rookie

                  Re: various trojan infection warnings and cannot download .exe
                  « Reply #24 on: August 30, 2008, 09:40:00 PM »
                  i think i know the answer, but my electric went out this morning before i got to save the log from the online scanner, do i have to do that all over again to get the log?
                  Logged

                  evilfantasy

                  • Malware Removal Specialist
                  • Moderator


                    • Genius
                  • Calm like a bomb
                    • Thanked: 493
                  • Experience: Experienced
                  • OS: Windows 11
                  Re: various trojan infection warnings and cannot download .exe
                  « Reply #25 on: August 30, 2008, 09:41:18 PM »
                  Without the log we will never know if anything is still infected.
                  Logged

                  bobbysgirlonly

                    Topic Starter


                    Rookie

                    Re: various trojan infection warnings and cannot download .exe
                    « Reply #26 on: August 31, 2008, 02:32:36 PM »
                    it saved as a html doc, so i just copied and pasted, let me know if this is ok..........  thanks again for everything so far!!


                    KASPERSKY ONLINE SCANNER 7 REPORT 
                    Sunday, August 31, 2008
                    Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
                    Kaspersky Online Scanner 7 version: 7.0.25.0
                    Program database last update: Sunday, August 31, 2008 05:30:26
                    Records in database: 1171636
                     
                     
                    Scan settings
                    Scan using the following database extended
                    Scan archives yes
                    Scan mail databases yes
                     
                    Scan area My Computer
                    C:\
                    D:\
                    E:\
                    F:\
                    H:\ 
                     
                    Scan statistics
                    Files scanned 210324
                    Threat name 29
                    Infected objects 34
                    Suspicious objects 0
                    Duration of the scan 04:34:30

                    File name Threat name Threats count
                    C:\Documents and Settings\Owner\Desktop\Utilities\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1 
                     
                    C:\Program Files\AWS\WeatherBug\WeatherBugInstall.exe Infected: not-a-virus:AdWare.Win32.MyWay.j 1 
                     
                    C:\Program Files\BearShare\Installer\BSInstall5.2.5.1.exe Infected: not-a-virus:AdWare.Win32.180Solutions.ao 1 
                     
                    C:\QooBox\Quarantine\C\WINNT\system32\roxtctm.exe.vir Infected: Trojan.Win32.Agent.abaw 1 
                     
                    C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP530\A0053771.exe Infected: Trojan.Win32.Agent.zja 1 
                     
                    C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP530\A0053772.exe Infected: Trojan.Win32.Agent.zpq 1 
                     
                    C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP530\A0053774.exe Infected: Trojan.Win32.Agent.aasl 1 
                     
                    C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP531\A0053864.exe Infected: Trojan.Win32.Agent.zja 1 
                     
                    C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP531\A0053866.exe Infected: Trojan.Win32.Agent.zgg 1 
                     
                    C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP532\A0053919.exe Infected: Trojan.Win32.Agent.zja 1 
                     
                    C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP532\A0053921.exe Infected: Trojan.Win32.Agent.ziy 1 
                     
                    C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP532\A0053934.exe Infected: Trojan.Win32.Agent.znh 1 
                     
                    C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP535\A0053966.exe Infected: Trojan.Win32.Agent.zrw 1 
                     
                    C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP542\A0054094.exe Infected: Trojan.Win32.Agent.aame 1 
                     
                    C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP542\A0054095.exe Infected: Trojan.Win32.Agent.aawv 1 
                     
                    C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP542\A0054097.exe Infected: Trojan.Win32.Agent.abay 1 
                     
                    C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP542\A0054099.sys Infected: Trojan-Clicker.Win32.VB.buv 1 
                     
                    C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP542\A0054100.exe Infected: Trojan.Win32.Agent.abax 1 
                     
                    C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP542\A0054102.exe Infected: Trojan.Win32.Agent.abbh 1 
                     
                    C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP542\A0054105.sys Infected: Trojan-Clicker.Win32.VB.bvz 1 
                     
                    C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP548\A0054413.exe Infected: Trojan.Win32.Agent.abaw 1 
                     
                    C:\WINNT\system32\tmpxr_834124770098.bk Infected: Trojan.Win32.Agent.zjb 1 
                     
                    C:\WINNT\system32\tpszxyd.sys Infected: Trojan.Win32.DNSChanger.iez 1 
                     
                    C:\WINNT\system32\xdufytw.sys Infected: Trojan-Clicker.Win32.VB.bvy 1 
                     
                    F:\Games\Fish Tycoon\FishTycoon.exe Infected: Trojan-Downloader.Win32.Agent.aekl 1 
                     
                    F:\Games\Fishing Craze\FishingCraze.exe Infected: Trojan-Downloader.Win32.Agent.adup 1 
                     
                    F:\Games\IQ Identity Quest\I.Q. Identity Quest.exe Infected: Trojan-Downloader.Win32.Agent.adtb 1 
                     
                    F:\Games\Mystery Case Files Prime Suspects\PrimeSuspects.exe.bak Infected: Trojan-Downloader.Win32.Agent.adla 1 
                     
                    F:\Games\Pat Sajaks Lucky Letters TV Guide Edition\Lucky_Letters_TVG.exe Infected: Trojan-Downloader.Win32.Agent.adpm 1 
                     
                    F:\Games\Pat Sajaks Trivia Gems\TriviaGems.exe Infected: Trojan-Downloader.Win32.Agent.adpm 1 
                     
                    F:\Games\Saints And Sinners Bingo\SSBingo.exe Infected: Trojan-Downloader.Win32.Agent.adnf 1 
                     
                    F:\Games\Sallys Spa\SallysSpa.exe Infected: Trojan-Downloader.Win32.Agent.adis 1 
                     
                    F:\Games\Slingo Quest\SlingoQuest.exe Infected: Trojan-Downloader.Win32.Agent.adnf 1 
                     
                    F:\Games\Yumsters\Yumsters.exe Infected: Trojan-Downloader.Win32.Agent.aefk 1 
                     
                    The selected area was scanned.
                    Logged

                    evilfantasy

                    • Malware Removal Specialist
                    • Moderator


                      • Genius
                    • Calm like a bomb
                      • Thanked: 493
                    • Experience: Experienced
                    • OS: Windows 11
                    Re: various trojan infection warnings and cannot download .exe
                    « Reply #27 on: August 31, 2008, 02:44:39 PM »
                    Uninstall ComboFix

                    • Click START then RUN
                    • Now type Combofix /u in the runbox
                    • Make sure there's a space between Combofix and /u
                    • Then hit Enter.
                    .
                    ----------

                    • Double-click OTMoveIt2.exe to run it.
                    • Copy the lines in the codebox below.
                    Code: [Select]
                    [kill explorer]
                    C:\Program Files\BearShare\Installer\BSInstall5.2.5.1.exe
                    C:\WINNT\system32\tmpxr_834124770098.bk
                    C:\WINNT\system32\tpszxyd.sys
                    C:\WINNT\system32\xdufytw.sys
                    F:\Games\Fish Tycoon\FishTycoon.exe
                    F:\Games\Fishing Craze\FishingCraze.exe
                    F:\Games\IQ Identity Quest\I.Q. Identity Quest.exe
                    F:\Games\Mystery Case Files Prime Suspects\PrimeSuspects.exe.bak
                    F:\Games\Pat Sajaks Lucky Letters TV Guide Edition\Lucky_Letters_TVG.exe
                    F:\Games\Pat Sajaks Trivia Gems\TriviaGems.exe
                    F:\Games\Saints And Sinners Bingo\SSBingo.exe
                    F:\Games\Sallys Spa\SallysSpa.exe
                    F:\Games\Slingo Quest\SlingoQuest.exe
                    F:\Games\Yumsters\Yumsters.exe
                    EmptyTemp
                    [start explorer]
                    • Return to OTMoveIt2, right click in the Paste List of Files/Folders to Move window (under the yellow bar) and choose Paste
                    • Click the red Moveit! button.
                    • Copy everything in the Results window (under the green bar) and paste it in your next reply.
                    • Close OTMoveIt2
                    Logged

                    bobbysgirlonly

                      Topic Starter


                      Rookie

                      Re: various trojan infection warnings and cannot download .exe
                      « Reply #28 on: August 31, 2008, 02:57:56 PM »
                      Explorer killed successfully
                      C:\Program Files\BearShare\Installer\BSInstall5.2.5.1.exe moved successfully.
                      C:\WINNT\system32\tmpxr_834124770098.bk moved successfully.
                      C:\WINNT\system32\tpszxyd.sys moved successfully.
                      C:\WINNT\system32\xdufytw.sys moved successfully.
                      F:\Games\Fish Tycoon\FishTycoon.exe moved successfully.
                      F:\Games\Fishing Craze\FishingCraze.exe moved successfully.
                      F:\Games\IQ Identity Quest\I.Q. Identity Quest.exe moved successfully.
                      F:\Games\Mystery Case Files Prime Suspects\PrimeSuspects.exe.bak moved successfully.
                      F:\Games\Pat Sajaks Lucky Letters TV Guide Edition\Lucky_Letters_TVG.exe moved successfully.
                      F:\Games\Pat Sajaks Trivia Gems\TriviaGems.exe moved successfully.
                      F:\Games\Saints And Sinners Bingo\SSBingo.exe moved successfully.
                      F:\Games\Sallys Spa\SallysSpa.exe moved successfully.
                      F:\Games\Slingo Quest\SlingoQuest.exe moved successfully.
                      F:\Games\Yumsters\Yumsters.exe moved successfully.
                      < EmptyTemp >
                      File delete failed. C:\WINNT\temp\IM\img66.htm scheduled to be deleted on reboot.
                      File delete failed. C:\WINNT\temp\IM\imgF5.htm scheduled to be deleted on reboot.
                      File delete failed. C:\WINNT\temp\slu1624.tmp\CATALOG.DAT scheduled to be deleted on reboot.
                      File delete failed. C:\WINNT\temp\slu1624.tmp\CCERASER.DLL scheduled to be deleted on reboot.
                      Temp folders emptied.
                      IE temp folders emptied.
                      Explorer started successfully
                       
                      OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08312008_165439
                      Logged

                      evilfantasy

                      • Malware Removal Specialist
                      • Moderator


                        • Genius
                      • Calm like a bomb
                        • Thanked: 493
                      • Experience: Experienced
                      • OS: Windows 11
                      Re: various trojan infection warnings and cannot download .exe
                      « Reply #29 on: August 31, 2008, 03:02:52 PM »
                      Looks good. Time to cleanup.

                      1. Double click OTMoveIt2.exe to launch it.
                      If using Vista Right-Click OTMoveIt and choose Run As Administrator
                      2. Click on the CleanUp! button.
                      3. OTMoveIt2 will download a list from the Internet, if your firewall or other defensive programs alerts you, allow it access.
                      4. Click YES at the next prompt (list downloaded, Do you want to begin cleanup process?)
                      • When finished exit out of OTMoveIt2
                      .
                      ----------

                      Set a New Restore Point to prevent possible reinfection from an old one
                      Setting a new restore point AFTER cleaning your system will enable your computer to roll-back to a clean working state if needed.
                      • Go to Start > Programs > Accessories > System Tools and click System Restore
                      • Choose the radio button marked Create a Restore Point on the first screen then click Next Give the Restore Point a name then click Create.
                      • The new restore point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
                      • Next go to Start > Run and type Cleanmgr
                      • Click OK
                      • Click the More Options Tab.
                      • Click Clean Up in the System Restore section to remove all previous restore points except the newly created clean one.
                      You can find instructions on how to enable and re-enable system restore here:

                      Windows XP System Restore Guide or Windows Vista System Restore Guide
                      .
                      ----------

                      Use the Secunia Software Inspector to check for out of date software.
                      • Click Start Now
                      • Check the box next to Enable thorough system inspection.
                      • Click Start
                      • Allow the scan to finish and scroll down to see if any updates are needed.
                      • Update anything listed.
                      .
                      ----------

                      Important: You Need to Update Windows and Internet Explorer regularly to protect your computer from the malware and other security threats that are on the Internet. Go to Microsoft Windows Update and get all critical updates.

                      ----------

                      To prevent unknown applications from being installed on your computer install WinPatrol 2008
                      * Using Winpatrol to protect your computer from malicious software

                      I suggest using SiteAdvisor. SiteAdvisor rates sites on business practices and spam. Safety ratings from McAfee SiteAdvisor are based on automated safety tests of Web sites.

                      SpywareBlaster - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
                      * Using SpywareBlaster to protect your computer from Spyware and Malware
                      * If you don't know what ActiveX controls are, see here

                      Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

                      Also see Slow Computer? It May Not Be Malware for free cleaning/maintenance tools to help keep your computer running smooth.
                      Logged
                      Pages: 1 [2] 3  All   Go Up
                      « previous next »