NevadaDave

I downloaded and ran the Combofix program. It didn't solve the problem. I posted the log on BleepingComputer.com under the Win XP Pro subject. If you ca decifer anything out of it, here's the log; ComboFix 08-02-25.3 - Owner 2008-02-28 14:02:33.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.182 [GMT -8:00] Running from: C:\Documents and Settings\Owner.Cameron\Desktop\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\Helper C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55 C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\dirty_dishes.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\foodtray.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\heart1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\heart2.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\heart3.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\menu_down.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\menu_up.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\mop_prop.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\ticket.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\cafe\cafe_music_a1.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\cafe\cafe_music_a2.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\cafe\cafe_music_a3.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\cafe\cafe_music_a4.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\mainmenumusic.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\baby_cry.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\chef_cook1.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\closing_time.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\customer_ditch.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\dialog_down.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\dialog_up.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\drink_table.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\expert.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\highchair_deliver.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\highchair_pickup.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\keystroke2.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\level_lose.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\level_win.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\menu_click.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\menu_rollover.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\mop_pickup.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\mop_spill.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_bring_check_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_deliver_food_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_dropoff_drinks_1.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_food_ready_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_gain_heart_1.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_get_drinks_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_menu_down.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_party_arrive_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_pencil_write_2.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_pickup_food_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_seat_people_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\spill.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\table_drink.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\tip_2.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\flo_lose.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\flo_win.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\fullscreendialog.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\high_score_menu_bg.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\levelintro.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\levelintro.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\levelover.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\longdialog.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\longdialog.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\mainmenu.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\mainmenu_logo.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\popup.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\popup.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\textfield.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\upgrade_lines.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowdown_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowdown_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowdown_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowup_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowup_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowup_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\checkbox_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\checkbox_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\checkbox_rotated_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\checkbox_rotated_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\decor_highlight.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\decor_normal.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\decor_selected.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_large_1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_large_2.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_large_3.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_small_1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_small_2.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_small_3.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a2.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a3.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\left_arrow_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\left_arrow_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\left_arrow_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button1_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button1_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button1_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button1_mask.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button2_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button2_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button2_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button2_mask.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\map_button_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\map_button_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\map_button_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\right_arrow_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\right_arrow_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\right_arrow_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\upgrade_down.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\upgrade_over.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\upgrade_up.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\welcome_player.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\actionpoints.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\career.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\customer.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\endless.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\global.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\powerups.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cook\stove.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\arrow.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\click.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\click2.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\grab.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\open.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\anim.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\blue.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\blue_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\legs.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\red.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\red_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\anim.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\blue.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\blue_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\legs.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\red.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\red_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\anim.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\baby.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\baby.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\blue.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\blue_baby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\blue_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\legs.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\red.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\red_baby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\red_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\anim.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\blue.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\blue_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\legs.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\red.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\red_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\idle.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\idle.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\lower.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\lower.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\upper.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\upper.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\fonts\mercurius.mvec C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\bench.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\bench.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\blue_highchairbaby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\chair.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\chair.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\dirt2top.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\dirt4top.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\dishcart.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\dishcart.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\green_highchairbaby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\highchair_prop_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\highchair_prop_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\highchairbaby.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\highchairbaby.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\luxury_bench.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\luxury_bench.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\mop_station_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\mop_station_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\mop_station_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\podium.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\podium_heart.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\podium_heart.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\purple_highchairbaby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\radio.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\red_highchairbaby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\spill.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\spill.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\stereo.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\ticketstation.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\ticketstation.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\yellow_highchairbaby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\family.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help_dividerline.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help1_colormatch1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help1_colormatch2.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help1_noise.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help1_score.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_cleardishes.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_givecheck.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_pickupfood.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_servefood.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_takeorder.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\hiscore\local-hs-bb.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\hiscore\p1icon.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_1.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_2.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_3.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_4.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_5.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_6.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\endless_1_1.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\endless_1_1_a.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\endless_1_1_b.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\endless_1_1_c.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\playfirstlogo.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\background.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\blue.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\green.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\green.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\grey.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\red.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\food\cup1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\food\food.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\food\food.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\frames\2_0.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\frames\2_1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\furniture\drinkstation1_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\furniture\drinkstation1_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\furniture\drinkstation1_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\people\cook.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\people\cook.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\props\cup_prop1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\tables\2top.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\tables\2top.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\tables\4top.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\tables\4top.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\upgrade_icons\cafe_icon_2_0.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\upgrade_icons\cafe_icon_2_1.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\upgrades.xml C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\tableshadow.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\careerupgrade.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\choosedifficulty.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\closeconfirm.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\entername.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\game.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\getmoregames.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\help1.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\help2.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\hiscore.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\hiscoreinfo.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\hiscoresubmit.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\levelintro.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\levelover.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\loading.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\mainloop.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\mainmenu.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\ok.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\pause.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\style.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\upgrade.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\upsell.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\yesno.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\splash\aol_logo.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\splash\playfirst_logo.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\strings.xml C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\angersmoke.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\angersmoke.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\bubbles\request_bubble.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\bubbles\request_mop.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\bubbles\request_rejectmeal.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\chairflags.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\chairflags.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\check.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\checkmark.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\closed.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\coinflip.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\coinflip.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\decor_lines.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\dollar.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\expert.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\foodpoof.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\foodpoof.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\heartgrow.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\heartgrow.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\jar.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\jar.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\lives_icon.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\noisering.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_d.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_e.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_f.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\tablenumber_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\tablenumber_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\traynumber.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\tutorialarrow.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\tutorialbox.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\ui_base.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\ui_hand.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\ui_timer_off.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\ui_timer_on.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgradeanim.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_bench_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_bench_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_bench_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_drink_station1_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_drink_station1_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_drink_station1_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_luxury_bench_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_luxury_bench_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_luxury_bench_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_oven_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_oven_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_oven_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_podium_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_podium_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_podium_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_powerbars_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_powerbars_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_powerbars_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_radio_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_radio_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_radio_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_stereo_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_stereo_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_stereo_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_table_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_table_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_table_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\upsell\dd1.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\upsell\dd2.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\upsell\dd3.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\upsell\dd4.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\dinerdash2.exe D:\Autorun.inf . ((((((((((((((((((((((((( Files Created from 2008-01-28 to 2008-02-28 ))))))))))))))))))))))))))))))) . 2008-02-27 12:56 . 2008-02-27 13:01 2008-02-27 11:49 . 2008-02-27 12:21 2008-02-22 19:57 . 2008-02-22 19:57 2008-02-22 19:57 . 2004-06-14 14:56 427,864 --a------ C:\WINDOWS\system32\XceedZip.dll 2008-02-21 22:49 . 2008-02-25 15:33 2008-02-21 00:51 . 2008-02-26 15:19 2008-02-05 11:37 . 2008-02-05 11:37 664 --a------ C:\WINDOWS\system32\d3d9caps.dat . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-25 08:02 --------- d-----w C:\Program Files\Common Files\AOL 2008-02-22 19:09 --------- d-----w C:\Program Files\Common Files\Adobe 2008-02-21 08:57 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-02-21 08:53 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-01-27 00:30 --------- d-----w C:\Program Files\SUPERAntiSpyware 2008-01-27 00:30 --------- d-----w C:\Documents and Settings\Owner.Cameron\Application Data\SUPERAntiSpyware.com 2008-01-27 00:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2008-01-27 00:29 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-01-26 12:00 --------- d-----w C:\Program Files\Viewpoint 2008-01-26 12:00 --------- d-----w C:\Documents and Settings\Owner.Cameron\Application Data\acccore 2008-01-26 12:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint 2008-01-26 11:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL OCP 2008-01-26 11:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL 2008-01-26 00:11 --------- d-----w C:\Program Files\Apple Software Update 2008-01-26 00:10 --------- d-----w C:\Program Files\Common Files\Apple 2008-01-26 00:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple 2008-01-23 07:23 --------- d-----w C:\Documents and Settings\Owner.Cameron\Application Data\Move Networks 2008-01-10 09:26 --------- d-----w C:\Program Files\RapidTyping 2008-01-09 22:16 --------- d-----w C:\Program Files\Google 2007-12-29 02:47 --------- d-----w C:\Documents and Settings\Owner.Cameron\Application Data\LearnLift 2007-12-07 00:44 666,112 ----a-w C:\WINDOWS\system32\wininet.dll 2007-12-04 18:38 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [ ] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-01-25 10:11 1462272] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 20:05 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 19:24 32768] "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 15:47 98394] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 15:47 688218] "Recguard"="%WINDIR%\SMINST\RECGUARD.EXE" [ ] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-12-24 01:54 155648] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-12-24 01:54 118784] "MsgCenterExe"="C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" [ ] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 18:58 282624] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 09:36 256576] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46 57344] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-22 22:19 52840] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 03:00 132496] "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 17:30 517768] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ BigFix.lnk - C:\Program Files\BigFix\bigfix.exe [2006-06-20 08:22:35 2168360] Device Detector 3.lnk - C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe [2007-01-08 17:01:03 114688] Directrec Configuration Tool.lnk - C:\Program Files\Olympus\DSSPlayer\DirectrecConfig.exe [2007-01-08 17:00:58 122880] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"= "C:\\Program Files\\iTunes\\iTunes.exe"= R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 13:38] *Newly Created Service* - COMHOST . Contents of the 'Scheduled Tasks' folder "2007-03-08 16:36:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2006-06-20 03:08:53 C:\WINDOWS\Tasks\ISP signup reminder 1.job" - C:\WINDOWS\system32\OOBE\oobebaln.exe "2008-02-23 04:01:32 C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Owner.job" - C:\PROGRA~1\NORTON~2\NORTON~1\Navw32.exeh/TASK: . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-28 14:06:09 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-02-28 14:07:24 ComboFix-quarantined-files.txt 2008-02-28 22:07:03 . 2008-02-14 01:44:58 --- E O F ---

Tried everything but the Combofix and nothing helped. Problem still present. What is Combofix?

Thanks for the ideas, I'll try them. Can't do the system restore as my computer wasn't ever enabled to do it. Lesson learned. What is combofix and how do I access it? Thanks

LOL, porn would have been a lot better than the constant "your system is infected and you need to download this product" crap that I was getting. It seems to have destroyed two drivers. My Broadcom LAN and Broadcom wireless devices. I appreciate all your help.

And here's the scan log after I restored the items in quarentine and then rescan 02/26/08; SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 02/26/2008 at 03:15 PM Application Version : 4.0.1114 Core Rules Database Version : 3407 Trace Rules Database Version: 1399 Scan type : Complete Scan Total Scan Time : 00:09:02 Memory items scanned : 502 Memory threats detected : 4 Registry items scanned : 5785 Registry threats detected : 160 File items scanned : 1992 File threats detected : 21 Trojan.Media-Codec/V5 C:\PROGRAM FILES\NETPROJECT\SCIT.EXE C:\PROGRAM FILES\NETPROJECT\SCIT.EXE C:\PROGRAM FILES\NETPROJECT\SCM.EXE C:\PROGRAM FILES\NETPROJECT\SCM.EXE C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE C:\PROGRAM FILES\NETPROJECT\SBSM.EXE C:\PROGRAM FILES\NETPROJECT\SBSM.EXE [some] C:\PROGRAM FILES\NETPROJECT\SCIT.EXE [start] C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE HKLM\Software\Classes\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE} HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE} HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE} HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\Implemented Categories HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\Implemented Categories\{00021493-0000-0000-C000-000000000046} HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\InprocServer32 HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\InprocServer32#ThreadingModel C:\PROGRAM FILES\NETPROJECT\WAMDL.DLL HKLM\Software\Microsoft\Internet Explorer\Toolbar#{81705D67-3F73-4983-859B-97D0922E5ABE} C:\WINDOWS\Prefetch\SBMNTR.EXE-22367E87.pf C:\WINDOWS\Prefetch\SBSM.EXE-0482749B.pf C:\WINDOWS\Prefetch\SCIT.EXE-08C95C8D.pf C:\WINDOWS\Prefetch\SCM.EXE-10EE30C5.pf Unclassified.Unknown Origin HKLM\Software\Classes\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8} HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8} HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8} HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\InprocServer32 HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\InprocServer32#ThreadingModel HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\ProgID HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\Programmable HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\TypeLib HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\VersionIndependentProgID C:\PROGRAM FILES\HELPER\1203583939.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C566C34-7D72-4DC1-9BBE-1121A76698F8} Trojan.Media-Codec/V4 HKLM\Software\Classes\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}#xxx HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}\InprocServer32 HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}\InprocServer32#ThreadingModel C:\PROGRAM FILES\NETPROJECT\SBMDL.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run#some [ C:\Program Files\NetProject\scit.exe ] HKCR\multimediaControls.chl HKCR\multimediaControls.chl\CLSID HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#ProductionEnvironment HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#Publisher HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#UninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayIcon HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayVersion Trojan.Smitfraud Variant HKLM\Software\Classes\CLSID\{ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c} HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C} HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}\InProcServer32 HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}\InProcServer32#ThreadingModel C:\WINDOWS\SYSTEM32\WBCHHA.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler#{ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c} Trojan.Smitfraud Variant/IE Anti-Spyware HKLM\Software\Microsoft\Internet Explorer\Extensions\{9034A523-D068-4BE8-A284-9DF278BE776E} Trojan.Security Toolbar C:\Documents and Settings\All Users\Start Menu\Online Security Guide.url C:\Documents and Settings\All Users\Start Menu\Security Troubleshooting.url C:\Documents and Settings\All Users\Desktop\Security Troubleshooting.url C:\Documents and Settings\All Users\Desktop\Online Security Guide.url Trojan.DNSChanger-Codec HKCR\CLSID\E404.e404mgr HKCR\CLSID\E404.e404mgr#UserId Malware.SpyLocked HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert#UninstallString Adware.E404 Helper/Hij HKCR\E404.e404mgr HKCR\E404.e404mgr\CLSID HKCR\E404.e404mgr\CurVer HKCR\E404.e404mgr.1 HKCR\E404.e404mgr.1\CLSID HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB} HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0 HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0 HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0\win32 HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\FLAGS HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\HELPDIR HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836} HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\ProxyStubClsid HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\ProxyStubClsid32 HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\TypeLib HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\TypeLib#Version Adware.E404 Helper C:\Program Files\SOTFONE\1203583942.dll C:\Program Files\SOTFONE Rogue.VirusHeat HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1} HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}#AppID HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\cncmfw HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\dImf HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\edxnRFvhYvj HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\egBZA HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\LocalServer32 HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\LocalServer32#ThreadingModel HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\mHfHdQUMqdd HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\ProgID HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\VersionIndependentProgID HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF} HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0 HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\0 HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\0\win32 HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\FLAGS HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\HELPDIR HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2} HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\ProxyStubClsid HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\ProxyStubClsid32 HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\TypeLib HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\TypeLib#Version HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE} HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\ProxyStubClsid HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\ProxyStubClsid32 HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\TypeLib HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\TypeLib#Version HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0} HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\ProxyStubClsid HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\ProxyStubClsid32 HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\TypeLib HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\TypeLib#Version HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870} HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\ProxyStubClsid HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\ProxyStubClsid32 HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\TypeLib HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\TypeLib#Version HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8} HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\ProxyStubClsid HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\ProxyStubClsid32 HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\TypeLib HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\TypeLib#Version HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246} HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\ProxyStubClsid HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\ProxyStubClsid32 HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\TypeLib HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\TypeLib#Version HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7} HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\ProxyStubClsid HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\ProxyStubClsid32 HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\TypeLib HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\TypeLib#Version HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D} HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\ProxyStubClsid HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\ProxyStubClsid32 HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\TypeLib HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\TypeLib#Version HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4} HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\ProxyStubClsid HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\ProxyStubClsid32 HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\TypeLib HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\TypeLib#Version HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E} HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\ProxyStubClsid HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\ProxyStubClsid32 HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\TypeLib HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\TypeLib#Version HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C} HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\ProxyStubClsid HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\ProxyStubClsid32 HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\TypeLib HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\TypeLib#Version HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6} HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\ProxyStubClsid HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\ProxyStubClsid32 HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\TypeLib HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\TypeLib#Version HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF} HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\ProxyStubClsid HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\ProxyStubClsid32 HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\TypeLib HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\TypeLib#Version HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F} HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\ProxyStubClsid HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\ProxyStubClsid32 HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\TypeLib HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\TypeLib#Version HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9} HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\ProxyStubClsid HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\ProxyStubClsid32 HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\TypeLib HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\TypeLib#Version HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01} HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\ProxyStubClsid HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\ProxyStubClsid32 HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\TypeLib HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\TypeLib#Version C:\Program Files\VirusHeat 4.3\VirusHeat 4.3.exe C:\Program Files\VirusHeat 4.3 C:\WINDOWS\Prefetch\VIRUSHEAT 4.3.EXE-0D8A249B.pf

Here's the scan log on 02/21/08, the day the problem started; SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 02/21/2008 at 11:10 AM Application Version : 4.0.1114 Core Rules Database Version : 3407 Trace Rules Database Version: 1399 Scan type : Complete Scan Total Scan Time : 00:09:00 Memory items scanned : 516 Memory threats detected : 4 Registry items scanned : 5768 Registry threats detected : 160 File items scanned : 1993 File threats detected : 58 Trojan.Media-Codec/V5 C:\PROGRAM FILES\NETPROJECT\SCIT.EXE C:\PROGRAM FILES\NETPROJECT\SCIT.EXE C:\PROGRAM FILES\NETPROJECT\SCM.EXE C:\PROGRAM FILES\NETPROJECT\SCM.EXE C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE C:\PROGRAM FILES\NETPROJECT\SBSM.EXE C:\PROGRAM FILES\NETPROJECT\SBSM.EXE [some] C:\PROGRAM FILES\NETPROJECT\SCIT.EXE [start] C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE HKLM\Software\Classes\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE} HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE} HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE} HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\Implemented Categories HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\Implemented Categories\{00021493-0000-0000-C000-000000000046} HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\InprocServer32 HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\InprocServer32#ThreadingModel C:\PROGRAM FILES\NETPROJECT\WAMDL.DLL HKLM\Software\Microsoft\Internet Explorer\Toolbar#{81705D67-3F73-4983-859B-97D0922E5ABE} C:\WINDOWS\Prefetch\SBMNTR.EXE-22367E87.pf C:\WINDOWS\Prefetch\SBSM.EXE-0482749B.pf C:\WINDOWS\Prefetch\SCIT.EXE-08C95C8D.pf C:\WINDOWS\Prefetch\SCM.EXE-10EE30C5.pf Unclassified.Unknown Origin HKLM\Software\Classes\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8} HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8} HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8} HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\InprocServer32 HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\InprocServer32#ThreadingModel HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\ProgID HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\Programmable HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\TypeLib HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\VersionIndependentProgID C:\PROGRAM FILES\HELPER\1203583939.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C566C34-7D72-4DC1-9BBE-1121A76698F8} Trojan.Media-Codec/V4 HKLM\Software\Classes\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}#xxx HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}\InprocServer32 HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}\InprocServer32#ThreadingModel C:\PROGRAM FILES\NETPROJECT\SBMDL.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run#some [ C:\Program Files\NetProject\scit.exe ] HKCR\multimediaControls.chl HKCR\multimediaControls.chl\CLSID HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#ProductionEnvironment HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#Publisher HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#UninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayIcon HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayVersion Trojan.Smitfraud Variant HKLM\Software\Classes\CLSID\{ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c} HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C} HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}\InProcServer32 HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}\InProcServer32#ThreadingModel C:\WINDOWS\SYSTEM32\WBCHHA.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler#{ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c} Trojan.Smitfraud Variant/IE Anti-Spyware HKLM\Software\Microsoft\Internet Explorer\Extensions\{9034A523-D068-4BE8-A284-9DF278BE776E} Adware.Tracking Cookie C:\Documents and Settings\Owner.Cameron\Cookies\owner@cgi-bin[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@server.cpmstar[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@www.xxxlookups[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@rdr.hitmngr[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@programs.wegcash[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@revenue[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@www.malwarecore[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@tacoda[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@adserver[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@tribalfusion[3].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@advancedcleaner[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@2o7[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@specificclick[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@www.antispyshield[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@yadro[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@usatoday1.112.2o7[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@eb.adbureau[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@interclick[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@revsci[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@www.burstbeacon[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@collective-media[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@winpcdoctor[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@html[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@ads-dev.youporn[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@adopt.specificclick[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@sale.winspycontrol[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@burstnet[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@ad.us-ec.adtechus[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@www.burstnet[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@atwola[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@youporn[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@www.tns-counter[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@puresafetyhere[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@winspycontrol[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@anad.tacoda[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@wegcash[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@winsecureav[1].txt Trojan.Security Toolbar C:\Documents and Settings\All Users\Start Menu\Online Security Guide.url C:\Documents and Settings\All Users\Start Menu\Security Troubleshooting.url C:\Documents and Settings\All Users\Desktop\Security Troubleshooting.url C:\Documents and Settings\All Users\Desktop\Online Security Guide.url Trojan.DNSChanger-Codec HKCR\CLSID\E404.e404mgr HKCR\CLSID\E404.e404mgr#UserId Malware.SpyLocked HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert#UninstallString Adware.E404 Helper/Hij HKCR\E404.e404mgr HKCR\E404.e404mgr\CLSID HKCR\E404.e404mgr\CurVer HKCR\E404.e404mgr.1 HKCR\E404.e404mgr.1\CLSID HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB} HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0 HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0 HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0\win32 HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\FLAGS HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\HELPDIR HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836} HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\ProxyStubClsid HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\ProxyStubClsid32 HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\TypeLib HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\TypeLib#Version Adware.E404 Helper C:\Program Files\SOTFONE\1203583942.dll C:\Program Files\SOTFONE Rogue.VirusHeat HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1} HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}#AppID HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\cncmfw HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\dImf HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\edxnRFvhYvj HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\egBZA HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\LocalServer32 HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\LocalServer32#ThreadingModel HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\mHfHdQUMqdd HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\ProgID HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\VersionIndependentProgID HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF} HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0 HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\0 HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\0\win32 HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\FLAGS HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\HELPDIR HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2} HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\ProxyStubClsid HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\ProxyStubClsid32 HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\TypeLib HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\TypeLib#Version HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE} HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\ProxyStubClsid HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\ProxyStubClsid32 HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\TypeLib HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\TypeLib#Version HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0} HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\ProxyStubClsid HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\ProxyStubClsid32 HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\TypeLib HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\TypeLib#Version HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870} HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\ProxyStubClsid HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\ProxyStubClsid32 HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\TypeLib HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\TypeLib#Version HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8} HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\ProxyStubClsid HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\ProxyStubClsid32 HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\TypeLib HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\TypeLib#Version HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246} HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\ProxyStubClsid HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\ProxyStubClsid32 HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\TypeLib HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\TypeLib#Version HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7} HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\ProxyStubClsid HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\ProxyStubClsid32 HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\TypeLib HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\TypeLib#Version HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D} HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\ProxyStubClsid HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\ProxyStubClsid32 HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\TypeLib HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\TypeLib#Version HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4} HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\ProxyStubClsid HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\ProxyStubClsid32 HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\TypeLib HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\TypeLib#Version HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E} HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\ProxyStubClsid HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\ProxyStubClsid32 HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\TypeLib HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\TypeLib#Version HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C} HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\ProxyStubClsid HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\ProxyStubClsid32 HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\TypeLib HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\TypeLib#Version HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6} HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\ProxyStubClsid HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\ProxyStubClsid32 HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\TypeLib HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\TypeLib#Version HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF} HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\ProxyStubClsid HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\ProxyStubClsid32 HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\TypeLib HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\TypeLib#Version HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F} HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\ProxyStubClsid HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\ProxyStubClsid32 HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\TypeLib HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\TypeLib#Version HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9} HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\ProxyStubClsid HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\ProxyStubClsid32 HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\TypeLib HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\TypeLib#Version HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01} HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\ProxyStubClsid HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\ProxyStubClsid32 HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\TypeLib HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\TypeLib#Version C:\Program Files\VirusHeat 4.3\VirusHeat 4.3.exe C:\Program Files\VirusHeat 4.3 C:\WINDOWS\Prefetch\VIRUSHEAT 4.3.EXE-0D8A249B.pf

How do i find the scan Log?

The saga continues.... I reran SAS to remove the quarentined items I restored. After the scanning was complete, it asked to reboot which I did. Upon reboot, I got the blue screen of death again. It rebooted on it's own and took me into safe mode where i select "restore with last known good config". My system came back up normally but, again, without my LAN or wireless drivers or the ability to reinstall them. Still sound like SAS is part of the problem. Anyone have any idea why it would go to the blue screen after a scan / reboot? Thanks

Well, I restored my last quarentine. This is the one before I started having problems with the internet devices mentioned above. I still have the problems the restoration didn't have anything quarentined that would resolve my problem. Although the device drivers are listed, Windows is unable to load the drivers and gives me "error 31". It just seems wierd that these devices would go out right after doing a scan and repair with SAS. If anyone has any other ideas, they would be greatly appreciated. Thanks

Thanks, Is there anything in SAS that would disable my internet comnnection devices as a safeguard?

I had a spyware infection and SAS cleaned it up. When it was done scanning and cleaning, it looked like I got the blue screen of death. I managed to recover booting back up in the last known good configutration. My problem now is I lost the device drivers for my Broadcom LAN and Broadcom wireless devices. It keeps telling me it can't load the drivers. I've uninstalled each device and reloaded with existing drivers. I even went to Broadcom's site and downloaded replacement drivers but nothing works. My devices still won't work and I can't gain access to the internet from that computer brcause both the LAN and wireless devices have been disabled. Can anyone offer any ideas? Thanks