Jump to content
NevadaDave

Lost Device Drivers

Recommended Posts

I had a spyware infection and SAS cleaned it up. When it was done scanning and cleaning, it looked like I got the blue screen of death. I managed to recover booting back up in the last known good configutration. My problem now is I lost the device drivers for my Broadcom LAN and Broadcom wireless devices. It keeps telling me it can't load the drivers. I've uninstalled each device and reloaded with existing drivers. I even went to Broadcom's site and downloaded replacement drivers but nothing works. My devices still won't work and I can't gain access to the internet from that computer brcause both the LAN and wireless devices have been disabled.

Can anyone offer any ideas?

Thanks

Share this post


Link to post
Share on other sites
I had a spyware infection and SAS cleaned it up. When it was done scanning and cleaning, it looked like I got the blue screen of death. I managed to recover booting back up in the last known good configutration. My problem now is I lost the device drivers for my Broadcom LAN and Broadcom wireless devices. It keeps telling me it can't load the drivers. I've uninstalled each device and reloaded with existing drivers. I even went to Broadcom's site and downloaded replacement drivers but nothing works. My devices still won't work and I can't gain access to the internet from that computer brcause both the LAN and wireless devices have been disabled.

Can anyone offer any ideas?

Thanks

Anything SUPERAntiSpyware removed is in our quarantine and can be restored.

Share this post


Link to post
Share on other sites

Well, I restored my last quarentine. This is the one before I started having problems with the internet devices mentioned above. I still have the problems the restoration didn't have anything quarentined that would resolve my problem. Although the device drivers are listed, Windows is unable to load the drivers and gives me "error 31". It just seems wierd that these devices would go out right after doing a scan and repair with SAS.

If anyone has any other ideas, they would be greatly appreciated.

Thanks

Share this post


Link to post
Share on other sites

The saga continues....

I reran SAS to remove the quarentined items I restored. After the scanning was complete, it asked to reboot which I did. Upon reboot, I got the blue screen of death again. It rebooted on it's own and took me into safe mode where i select "restore with last known good config". My system came back up normally but, again, without my LAN or wireless drivers or the ability to reinstall them.

Still sound like SAS is part of the problem. Anyone have any idea why it would go to the blue screen after a scan / reboot?

Thanks

Share this post


Link to post
Share on other sites
The saga continues....

I reran SAS to remove the quarentined items I restored. After the scanning was complete, it asked to reboot which I did. Upon reboot, I got the blue screen of death again. It rebooted on it's own and took me into safe mode where i select "restore with last known good config". My system came back up normally but, again, without my LAN or wireless drivers or the ability to reinstall them.

Still sound like SAS is part of the problem. Anyone have any idea why it would go to the blue screen after a scan / reboot?

Thanks

Post your scan log from the most infected portion here please. It's likely the infection you have that is the problem.

Share this post


Link to post
Share on other sites

Here's the scan log on 02/21/08, the day the problem started;

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 02/21/2008 at 11:10 AM

Application Version : 4.0.1114

Core Rules Database Version : 3407

Trace Rules Database Version: 1399

Scan type : Complete Scan

Total Scan Time : 00:09:00

Memory items scanned : 516

Memory threats detected : 4

Registry items scanned : 5768

Registry threats detected : 160

File items scanned : 1993

File threats detected : 58

Trojan.Media-Codec/V5

C:\PROGRAM FILES\NETPROJECT\SCIT.EXE

C:\PROGRAM FILES\NETPROJECT\SCIT.EXE

C:\PROGRAM FILES\NETPROJECT\SCM.EXE

C:\PROGRAM FILES\NETPROJECT\SCM.EXE

C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE

C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE

C:\PROGRAM FILES\NETPROJECT\SBSM.EXE

C:\PROGRAM FILES\NETPROJECT\SBSM.EXE

[some] C:\PROGRAM FILES\NETPROJECT\SCIT.EXE

[start] C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE

HKLM\Software\Classes\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}

HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}

HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}

HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\Implemented Categories

HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\Implemented Categories\{00021493-0000-0000-C000-000000000046}

HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\InprocServer32

HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\InprocServer32#ThreadingModel

C:\PROGRAM FILES\NETPROJECT\WAMDL.DLL

HKLM\Software\Microsoft\Internet Explorer\Toolbar#{81705D67-3F73-4983-859B-97D0922E5ABE}

C:\WINDOWS\Prefetch\SBMNTR.EXE-22367E87.pf

C:\WINDOWS\Prefetch\SBSM.EXE-0482749B.pf

C:\WINDOWS\Prefetch\SCIT.EXE-08C95C8D.pf

C:\WINDOWS\Prefetch\SCM.EXE-10EE30C5.pf

Unclassified.Unknown Origin

HKLM\Software\Classes\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}

HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}

HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}

HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\InprocServer32

HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\InprocServer32#ThreadingModel

HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\ProgID

HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\Programmable

HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\TypeLib

HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\VersionIndependentProgID

C:\PROGRAM FILES\HELPER\1203583939.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}

Trojan.Media-Codec/V4

HKLM\Software\Classes\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}

HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}

HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}#xxx

HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}\InprocServer32

HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}\InprocServer32#ThreadingModel

C:\PROGRAM FILES\NETPROJECT\SBMDL.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run#some [ C:\Program Files\NetProject\scit.exe ]

HKCR\multimediaControls.chl

HKCR\multimediaControls.chl\CLSID

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#ProductionEnvironment

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayName

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#Publisher

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#UninstallString

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayIcon

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayVersion

Trojan.Smitfraud Variant

HKLM\Software\Classes\CLSID\{ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c}

HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}

HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}\InProcServer32

HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}\InProcServer32#ThreadingModel

C:\WINDOWS\SYSTEM32\WBCHHA.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler#{ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c}

Trojan.Smitfraud Variant/IE Anti-Spyware

HKLM\Software\Microsoft\Internet Explorer\Extensions\{9034A523-D068-4BE8-A284-9DF278BE776E}

Adware.Tracking Cookie

C:\Documents and Settings\Owner.Cameron\Cookies\owner@cgi-bin[2].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@server.cpmstar[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@www.xxxlookups[2].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@rdr.hitmngr[2].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@programs.wegcash[2].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@revenue[2].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@www.malwarecore[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@tacoda[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@adserver[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@tribalfusion[3].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@advancedcleaner[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@2o7[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@specificclick[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@www.antispyshield[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@yadro[2].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@usatoday1.112.2o7[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@eb.adbureau[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@interclick[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@revsci[2].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@www.burstbeacon[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@collective-media[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@winpcdoctor[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@html[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@ads-dev.youporn[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@adopt.specificclick[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@sale.winspycontrol[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@burstnet[2].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@ad.us-ec.adtechus[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@www.burstnet[2].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@atwola[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@youporn[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@www.tns-counter[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@puresafetyhere[2].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@winspycontrol[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@anad.tacoda[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@wegcash[1].txt

C:\Documents and Settings\Owner.Cameron\Cookies\owner@winsecureav[1].txt

Trojan.Security Toolbar

C:\Documents and Settings\All Users\Start Menu\Online Security Guide.url

C:\Documents and Settings\All Users\Start Menu\Security Troubleshooting.url

C:\Documents and Settings\All Users\Desktop\Security Troubleshooting.url

C:\Documents and Settings\All Users\Desktop\Online Security Guide.url

Trojan.DNSChanger-Codec

HKCR\CLSID\E404.e404mgr

HKCR\CLSID\E404.e404mgr#UserId

Malware.SpyLocked

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert#DisplayName

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert#UninstallString

Adware.E404 Helper/Hij

HKCR\E404.e404mgr

HKCR\E404.e404mgr\CLSID

HKCR\E404.e404mgr\CurVer

HKCR\E404.e404mgr.1

HKCR\E404.e404mgr.1\CLSID

HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}

HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0

HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0

HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0\win32

HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\FLAGS

HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\HELPDIR

HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}

HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\ProxyStubClsid

HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\ProxyStubClsid32

HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\TypeLib

HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\TypeLib#Version

Adware.E404 Helper

C:\Program Files\SOTFONE\1203583942.dll

C:\Program Files\SOTFONE

Rogue.VirusHeat

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}#AppID

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\cncmfw

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\dImf

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\edxnRFvhYvj

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\egBZA

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\LocalServer32

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\LocalServer32#ThreadingModel

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\mHfHdQUMqdd

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\ProgID

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\VersionIndependentProgID

HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}

HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0

HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\0

HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\0\win32

HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\FLAGS

HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\HELPDIR

HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}

HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\ProxyStubClsid

HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\ProxyStubClsid32

HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\TypeLib

HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\TypeLib#Version

HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}

HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\ProxyStubClsid

HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\ProxyStubClsid32

HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\TypeLib

HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\TypeLib#Version

HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}

HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\ProxyStubClsid

HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\ProxyStubClsid32

HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\TypeLib

HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\TypeLib#Version

HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}

HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\ProxyStubClsid

HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\ProxyStubClsid32

HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\TypeLib

HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\TypeLib#Version

HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}

HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\ProxyStubClsid

HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\ProxyStubClsid32

HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\TypeLib

HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\TypeLib#Version

HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}

HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\ProxyStubClsid

HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\ProxyStubClsid32

HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\TypeLib

HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\TypeLib#Version

HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}

HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\ProxyStubClsid

HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\ProxyStubClsid32

HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\TypeLib

HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\TypeLib#Version

HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}

HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\ProxyStubClsid

HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\ProxyStubClsid32

HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\TypeLib

HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\TypeLib#Version

HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}

HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\ProxyStubClsid

HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\ProxyStubClsid32

HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\TypeLib

HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\TypeLib#Version

HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}

HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\ProxyStubClsid

HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\ProxyStubClsid32

HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\TypeLib

HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\TypeLib#Version

HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}

HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\ProxyStubClsid

HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\ProxyStubClsid32

HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\TypeLib

HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\TypeLib#Version

HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}

HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\ProxyStubClsid

HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\ProxyStubClsid32

HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\TypeLib

HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\TypeLib#Version

HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}

HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\ProxyStubClsid

HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\ProxyStubClsid32

HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\TypeLib

HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\TypeLib#Version

HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}

HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\ProxyStubClsid

HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\ProxyStubClsid32

HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\TypeLib

HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\TypeLib#Version

HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}

HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\ProxyStubClsid

HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\ProxyStubClsid32

HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\TypeLib

HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\TypeLib#Version

HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}

HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\ProxyStubClsid

HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\ProxyStubClsid32

HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\TypeLib

HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\TypeLib#Version

C:\Program Files\VirusHeat 4.3\VirusHeat 4.3.exe

C:\Program Files\VirusHeat 4.3

C:\WINDOWS\Prefetch\VIRUSHEAT 4.3.EXE-0D8A249B.pf

Share this post


Link to post
Share on other sites

And here's the scan log after I restored the items in quarentine and then rescan 02/26/08;

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 02/26/2008 at 03:15 PM

Application Version : 4.0.1114

Core Rules Database Version : 3407

Trace Rules Database Version: 1399

Scan type : Complete Scan

Total Scan Time : 00:09:02

Memory items scanned : 502

Memory threats detected : 4

Registry items scanned : 5785

Registry threats detected : 160

File items scanned : 1992

File threats detected : 21

Trojan.Media-Codec/V5

C:\PROGRAM FILES\NETPROJECT\SCIT.EXE

C:\PROGRAM FILES\NETPROJECT\SCIT.EXE

C:\PROGRAM FILES\NETPROJECT\SCM.EXE

C:\PROGRAM FILES\NETPROJECT\SCM.EXE

C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE

C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE

C:\PROGRAM FILES\NETPROJECT\SBSM.EXE

C:\PROGRAM FILES\NETPROJECT\SBSM.EXE

[some] C:\PROGRAM FILES\NETPROJECT\SCIT.EXE

[start] C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE

HKLM\Software\Classes\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}

HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}

HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}

HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\Implemented Categories

HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\Implemented Categories\{00021493-0000-0000-C000-000000000046}

HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\InprocServer32

HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\InprocServer32#ThreadingModel

C:\PROGRAM FILES\NETPROJECT\WAMDL.DLL

HKLM\Software\Microsoft\Internet Explorer\Toolbar#{81705D67-3F73-4983-859B-97D0922E5ABE}

C:\WINDOWS\Prefetch\SBMNTR.EXE-22367E87.pf

C:\WINDOWS\Prefetch\SBSM.EXE-0482749B.pf

C:\WINDOWS\Prefetch\SCIT.EXE-08C95C8D.pf

C:\WINDOWS\Prefetch\SCM.EXE-10EE30C5.pf

Unclassified.Unknown Origin

HKLM\Software\Classes\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}

HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}

HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}

HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\InprocServer32

HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\InprocServer32#ThreadingModel

HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\ProgID

HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\Programmable

HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\TypeLib

HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\VersionIndependentProgID

C:\PROGRAM FILES\HELPER\1203583939.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}

Trojan.Media-Codec/V4

HKLM\Software\Classes\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}

HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}

HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}#xxx

HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}\InprocServer32

HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}\InprocServer32#ThreadingModel

C:\PROGRAM FILES\NETPROJECT\SBMDL.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run#some [ C:\Program Files\NetProject\scit.exe ]

HKCR\multimediaControls.chl

HKCR\multimediaControls.chl\CLSID

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#ProductionEnvironment

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayName

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#Publisher

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#UninstallString

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayIcon

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayVersion

Trojan.Smitfraud Variant

HKLM\Software\Classes\CLSID\{ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c}

HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}

HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}\InProcServer32

HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}\InProcServer32#ThreadingModel

C:\WINDOWS\SYSTEM32\WBCHHA.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler#{ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c}

Trojan.Smitfraud Variant/IE Anti-Spyware

HKLM\Software\Microsoft\Internet Explorer\Extensions\{9034A523-D068-4BE8-A284-9DF278BE776E}

Trojan.Security Toolbar

C:\Documents and Settings\All Users\Start Menu\Online Security Guide.url

C:\Documents and Settings\All Users\Start Menu\Security Troubleshooting.url

C:\Documents and Settings\All Users\Desktop\Security Troubleshooting.url

C:\Documents and Settings\All Users\Desktop\Online Security Guide.url

Trojan.DNSChanger-Codec

HKCR\CLSID\E404.e404mgr

HKCR\CLSID\E404.e404mgr#UserId

Malware.SpyLocked

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert#DisplayName

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert#UninstallString

Adware.E404 Helper/Hij

HKCR\E404.e404mgr

HKCR\E404.e404mgr\CLSID

HKCR\E404.e404mgr\CurVer

HKCR\E404.e404mgr.1

HKCR\E404.e404mgr.1\CLSID

HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}

HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0

HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0

HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0\win32

HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\FLAGS

HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\HELPDIR

HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}

HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\ProxyStubClsid

HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\ProxyStubClsid32

HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\TypeLib

HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\TypeLib#Version

Adware.E404 Helper

C:\Program Files\SOTFONE\1203583942.dll

C:\Program Files\SOTFONE

Rogue.VirusHeat

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}#AppID

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\cncmfw

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\dImf

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\edxnRFvhYvj

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\egBZA

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\LocalServer32

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\LocalServer32#ThreadingModel

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\mHfHdQUMqdd

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\ProgID

HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\VersionIndependentProgID

HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}

HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0

HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\0

HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\0\win32

HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\FLAGS

HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\HELPDIR

HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}

HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\ProxyStubClsid

HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\ProxyStubClsid32

HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\TypeLib

HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\TypeLib#Version

HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}

HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\ProxyStubClsid

HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\ProxyStubClsid32

HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\TypeLib

HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\TypeLib#Version

HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}

HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\ProxyStubClsid

HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\ProxyStubClsid32

HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\TypeLib

HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\TypeLib#Version

HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}

HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\ProxyStubClsid

HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\ProxyStubClsid32

HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\TypeLib

HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\TypeLib#Version

HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}

HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\ProxyStubClsid

HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\ProxyStubClsid32

HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\TypeLib

HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\TypeLib#Version

HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}

HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\ProxyStubClsid

HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\ProxyStubClsid32

HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\TypeLib

HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\TypeLib#Version

HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}

HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\ProxyStubClsid

HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\ProxyStubClsid32

HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\TypeLib

HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\TypeLib#Version

HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}

HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\ProxyStubClsid

HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\ProxyStubClsid32

HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\TypeLib

HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\TypeLib#Version

HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}

HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\ProxyStubClsid

HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\ProxyStubClsid32

HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\TypeLib

HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\TypeLib#Version

HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}

HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\ProxyStubClsid

HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\ProxyStubClsid32

HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\TypeLib

HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\TypeLib#Version

HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}

HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\ProxyStubClsid

HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\ProxyStubClsid32

HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\TypeLib

HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\TypeLib#Version

HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}

HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\ProxyStubClsid

HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\ProxyStubClsid32

HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\TypeLib

HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\TypeLib#Version

HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}

HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\ProxyStubClsid

HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\ProxyStubClsid32

HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\TypeLib

HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\TypeLib#Version

HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}

HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\ProxyStubClsid

HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\ProxyStubClsid32

HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\TypeLib

HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\TypeLib#Version

HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}

HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\ProxyStubClsid

HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\ProxyStubClsid32

HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\TypeLib

HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\TypeLib#Version

HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}

HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\ProxyStubClsid

HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\ProxyStubClsid32

HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\TypeLib

HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\TypeLib#Version

C:\Program Files\VirusHeat 4.3\VirusHeat 4.3.exe

C:\Program Files\VirusHeat 4.3

C:\WINDOWS\Prefetch\VIRUSHEAT 4.3.EXE-0D8A249B.pf

Share this post


Link to post
Share on other sites

LOL, porn would have been a lot better than the constant "your system is infected and you need to download this product" crap that I was getting. It seems to have destroyed two drivers. My Broadcom LAN and Broadcom wireless devices.

I appreciate all your help.

Share this post


Link to post
Share on other sites

1) Have you tried a system restore (if applicable) to a few days ago?

2) Reboot to safe mode, run SAS again, remove all infections found

3) Run combofix

4) It doesn't appear that the tcp/ip stack is hosed, but I would go to the SAS prefs > repairs > repair broken network connection anyhow :)

5) Uninstall the network devices in the device manager > reboot > reinstall

Share this post


Link to post
Share on other sites

Thanks for the ideas, I'll try them.

Can't do the system restore as my computer wasn't ever enabled to do it. Lesson learned.

What is combofix and how do I access it?

Thanks

Share this post


Link to post
Share on other sites

I downloaded and ran the Combofix program. It didn't solve the problem. I posted the log on BleepingComputer.com under the Win XP Pro subject. If you ca decifer anything out of it, here's the log;

ComboFix 08-02-25.3 - Owner 2008-02-28 14:02:33.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.182 [GMT -8:00]

Running from: C:\Documents and Settings\Owner.Cameron\Desktop\ComboFix.exe

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Program Files\Helper

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\dirty_dishes.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\foodtray.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\heart1.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\heart2.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\heart3.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\menu_down.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\menu_up.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\mop_prop.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\ticket.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\cafe\cafe_music_a1.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\cafe\cafe_music_a2.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\cafe\cafe_music_a3.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\cafe\cafe_music_a4.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\mainmenumusic.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\baby_cry.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\chef_cook1.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\closing_time.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\customer_ditch.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\dialog_down.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\dialog_up.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\drink_table.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\expert.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\highchair_deliver.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\highchair_pickup.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\keystroke2.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\level_lose.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\level_win.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\menu_click.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\menu_rollover.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\mop_pickup.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\mop_spill.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_bring_check_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_deliver_food_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_dropoff_drinks_1.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_food_ready_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_gain_heart_1.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_get_drinks_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_menu_down.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_party_arrive_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_pencil_write_2.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_pickup_food_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_seat_people_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\spill.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\table_drink.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\tip_2.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\flo_lose.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\flo_win.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\fullscreendialog.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\high_score_menu_bg.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\levelintro.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\levelintro.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\levelover.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\longdialog.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\longdialog.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\mainmenu.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\mainmenu_logo.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\popup.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\popup.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\textfield.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\upgrade_lines.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowdown_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowdown_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowdown_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowup_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowup_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowup_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\checkbox_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\checkbox_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\checkbox_rotated_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\checkbox_rotated_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\decor_highlight.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\decor_normal.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\decor_selected.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_large_1.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_large_2.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_large_3.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_small_1.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_small_2.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_small_3.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a1.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a2.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a3.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\left_arrow_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\left_arrow_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\left_arrow_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button1_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button1_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button1_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button1_mask.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button2_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button2_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button2_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button2_mask.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\map_button_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\map_button_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\map_button_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\right_arrow_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\right_arrow_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\right_arrow_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\upgrade_down.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\upgrade_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\upgrade_up.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\welcome_player.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\actionpoints.bin

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\career.bin

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\customer.bin

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\endless.bin

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\global.bin

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\powerups.bin

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cook\stove.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\arrow.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\click.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\click2.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\grab.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\open.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\anim.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\blue.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\blue_legs.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\red.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\red_legs.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\anim.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\blue.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\blue_legs.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\red.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\red_legs.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\anim.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\baby.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\baby.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\blue.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\blue_baby.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\blue_legs.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\red.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\red_baby.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\red_legs.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\anim.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\blue.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\blue_legs.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\red.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\red_legs.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\idle.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\idle.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\lower.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\lower.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\upper.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\upper.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\fonts\mercurius.mvec

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\bench.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\bench.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\blue_highchairbaby.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\chair.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\chair.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\dirt2top.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\dirt4top.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\dishcart.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\dishcart.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\green_highchairbaby.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\highchair_prop_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\highchair_prop_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\highchairbaby.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\highchairbaby.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\luxury_bench.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\luxury_bench.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\mop_station_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\mop_station_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\mop_station_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\podium.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\podium_heart.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\podium_heart.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\purple_highchairbaby.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\radio.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\red_highchairbaby.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\spill.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\spill.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\stereo.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\ticketstation.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\ticketstation.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\yellow_highchairbaby.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\family.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help_dividerline.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help1_colormatch1.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help1_colormatch2.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help1_noise.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help1_score.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_cleardishes.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_givecheck.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_pickupfood.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_servefood.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_takeorder.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\hiscore\local-hs-bb.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\hiscore\p1icon.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_1.bin

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_2.bin

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_3.bin

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_4.bin

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_5.bin

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_6.bin

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\endless_1_1.bin

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\endless_1_1_a.bin

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\endless_1_1_b.bin

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\endless_1_1_c.bin

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\playfirstlogo.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\background.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\blue.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\green.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\green.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\grey.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\red.pal

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\food\cup1.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\food\food.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\food\food.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\frames\2_0.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\frames\2_1.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\furniture\drinkstation1_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\furniture\drinkstation1_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\furniture\drinkstation1_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\people\cook.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\people\cook.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\props\cup_prop1.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\tables\2top.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\tables\2top.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\tables\4top.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\tables\4top.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\upgrade_icons\cafe_icon_2_0.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\upgrade_icons\cafe_icon_2_1.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\upgrades.xml

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\tableshadow.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\careerupgrade.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\choosedifficulty.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\closeconfirm.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\entername.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\game.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\getmoregames.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\help1.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\help2.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\hiscore.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\hiscoreinfo.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\hiscoresubmit.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\levelintro.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\levelover.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\loading.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\mainloop.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\mainmenu.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\ok.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\pause.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\style.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\upgrade.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\upsell.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\yesno.lua

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\splash\aol_logo.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\splash\playfirst_logo.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\strings.xml

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\angersmoke.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\angersmoke.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\bubbles\request_bubble.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\bubbles\request_mop.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\bubbles\request_rejectmeal.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\chairflags.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\chairflags.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\check.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\checkmark.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\closed.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\coinflip.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\coinflip.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\decor_lines.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\dollar.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\expert.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\foodpoof.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\foodpoof.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\heartgrow.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\heartgrow.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\jar.anm

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\jar.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\lives_icon.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\noisering.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_d.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_e.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_f.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\tablenumber_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\tablenumber_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\traynumber.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\tutorialarrow.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\tutorialbox.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\ui_base.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\ui_hand.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\ui_timer_off.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\ui_timer_on.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgradeanim.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_bench_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_bench_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_bench_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_drink_station1_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_drink_station1_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_drink_station1_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_luxury_bench_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_luxury_bench_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_luxury_bench_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_oven_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_oven_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_oven_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_podium_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_podium_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_podium_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_powerbars_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_powerbars_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_powerbars_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_radio_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_radio_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_radio_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_stereo_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_stereo_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_stereo_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_table_a.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_table_b.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_table_c.png

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\upsell\dd1.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\upsell\dd2.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\upsell\dd3.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\upsell\dd4.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\dinerdash2.exe

D:\Autorun.inf

.

((((((((((((((((((((((((( Files Created from 2008-01-28 to 2008-02-28 )))))))))))))))))))))))))))))))

.

2008-02-27 12:56 . 2008-02-27 13:01

2008-02-27 11:49 . 2008-02-27 12:21

2008-02-22 19:57 . 2008-02-22 19:57

2008-02-22 19:57 . 2004-06-14 14:56 427,864 --a------ C:\WINDOWS\system32\XceedZip.dll

2008-02-21 22:49 . 2008-02-25 15:33

2008-02-21 00:51 . 2008-02-26 15:19

2008-02-05 11:37 . 2008-02-05 11:37 664 --a------ C:\WINDOWS\system32\d3d9caps.dat

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-02-25 08:02 --------- d-----w C:\Program Files\Common Files\AOL

2008-02-22 19:09 --------- d-----w C:\Program Files\Common Files\Adobe

2008-02-21 08:57 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP

2008-02-21 08:53 --------- d-----w C:\Program Files\Common Files\Symantec Shared

2008-01-27 00:30 --------- d-----w C:\Program Files\SUPERAntiSpyware

2008-01-27 00:30 --------- d-----w C:\Documents and Settings\Owner.Cameron\Application Data\SUPERAntiSpyware.com

2008-01-27 00:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

2008-01-27 00:29 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard

2008-01-26 12:00 --------- d-----w C:\Program Files\Viewpoint

2008-01-26 12:00 --------- d-----w C:\Documents and Settings\Owner.Cameron\Application Data\acccore

2008-01-26 12:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint

2008-01-26 11:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL OCP

2008-01-26 11:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL

2008-01-26 00:11 --------- d-----w C:\Program Files\Apple Software Update

2008-01-26 00:10 --------- d-----w C:\Program Files\Common Files\Apple

2008-01-26 00:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple

2008-01-23 07:23 --------- d-----w C:\Documents and Settings\Owner.Cameron\Application Data\Move Networks

2008-01-10 09:26 --------- d-----w C:\Program Files\RapidTyping

2008-01-09 22:16 --------- d-----w C:\Program Files\Google

2007-12-29 02:47 --------- d-----w C:\Documents and Settings\Owner.Cameron\Application Data\LearnLift

2007-12-07 00:44 666,112 ----a-w C:\WINDOWS\system32\wininet.dll

2007-12-04 18:38 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [ ]

"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-01-25 10:11 1462272]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 20:05 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 19:24 32768]

"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 15:47 98394]

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 15:47 688218]

"Recguard"="%WINDIR%\SMINST\RECGUARD.EXE" [ ]

"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-12-24 01:54 155648]

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-12-24 01:54 118784]

"MsgCenterExe"="C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" [ ]

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 18:58 282624]

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 09:36 256576]

"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46 57344]

"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-22 22:19 52840]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 03:00 132496]

"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 17:30 517768]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\

BigFix.lnk - C:\Program Files\BigFix\bigfix.exe [2006-06-20 08:22:35 2168360]

Device Detector 3.lnk - C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe [2007-01-08 17:01:03 114688]

Directrec Configuration Tool.lnk - C:\Program Files\Olympus\DSSPlayer\DirectrecConfig.exe [2007-01-08 17:00:58 122880]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=

"C:\\Program Files\\iTunes\\iTunes.exe"=

R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 13:38]

*Newly Created Service* - COMHOST

.

Contents of the 'Scheduled Tasks' folder

"2007-03-08 16:36:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

"2006-06-20 03:08:53 C:\WINDOWS\Tasks\ISP signup reminder 1.job"

- C:\WINDOWS\system32\OOBE\oobebaln.exe

"2008-02-23 04:01:32 C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Owner.job"

- C:\PROGRA~1\NORTON~2\NORTON~1\Navw32.exeh/TASK:

.

**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-02-28 14:06:09

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-02-28 14:07:24

ComboFix-quarantined-files.txt 2008-02-28 22:07:03

.

2008-02-14 01:44:58 --- E O F ---

Share this post


Link to post
Share on other sites

I don't know if this is any help, or even if it will work for you, but I also got the blue screen following a reboot after scanning and deleting a huge amount of malware (a badly infected machine - not mine!!)

I rebooted again and the machine went into a reboot cycle so I managed to get it into safe mode, logged in as Aministrator then ran the scan again. More malware was found and deleted.

The machine then rebooted fine into normal XP.

The first scan was done in a normal boot while a whole load of malware pop-ups were going on - it was impossible to close them all before another popped up. I have a feeling that the problem was caused by this fact and that SAS couldn't delete everything, as it was active, and ended up half doing the job. Booting into safe mode made sure it could clean up properly - that's my assumption anyway. I may be totally off beam here but I think I'll run future scans - certainly on badly infected machines - in safe mode to start with.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×