NevadaDave Posted February 26, 2008 I had a spyware infection and SAS cleaned it up. When it was done scanning and cleaning, it looked like I got the blue screen of death. I managed to recover booting back up in the last known good configutration. My problem now is I lost the device drivers for my Broadcom LAN and Broadcom wireless devices. It keeps telling me it can't load the drivers. I've uninstalled each device and reloaded with existing drivers. I even went to Broadcom's site and downloaded replacement drivers but nothing works. My devices still won't work and I can't gain access to the internet from that computer brcause both the LAN and wireless devices have been disabled. Can anyone offer any ideas? Thanks Share this post Link to post Share on other sites
SUPERAntiSpy Posted February 26, 2008 I had a spyware infection and SAS cleaned it up. When it was done scanning and cleaning, it looked like I got the blue screen of death. I managed to recover booting back up in the last known good configutration. My problem now is I lost the device drivers for my Broadcom LAN and Broadcom wireless devices. It keeps telling me it can't load the drivers. I've uninstalled each device and reloaded with existing drivers. I even went to Broadcom's site and downloaded replacement drivers but nothing works. My devices still won't work and I can't gain access to the internet from that computer brcause both the LAN and wireless devices have been disabled.Can anyone offer any ideas? Thanks Anything SUPERAntiSpyware removed is in our quarantine and can be restored. Share this post Link to post Share on other sites
NevadaDave Posted February 26, 2008 Thanks, Is there anything in SAS that would disable my internet comnnection devices as a safeguard? Share this post Link to post Share on other sites
SUPERAntiSpy Posted February 26, 2008 Thanks,Is there anything in SAS that would disable my internet comnnection devices as a safeguard? Nope, not at all. Share this post Link to post Share on other sites
NevadaDave Posted February 26, 2008 Well, I restored my last quarentine. This is the one before I started having problems with the internet devices mentioned above. I still have the problems the restoration didn't have anything quarentined that would resolve my problem. Although the device drivers are listed, Windows is unable to load the drivers and gives me "error 31". It just seems wierd that these devices would go out right after doing a scan and repair with SAS. If anyone has any other ideas, they would be greatly appreciated. Thanks Share this post Link to post Share on other sites
NevadaDave Posted February 26, 2008 The saga continues.... I reran SAS to remove the quarentined items I restored. After the scanning was complete, it asked to reboot which I did. Upon reboot, I got the blue screen of death again. It rebooted on it's own and took me into safe mode where i select "restore with last known good config". My system came back up normally but, again, without my LAN or wireless drivers or the ability to reinstall them. Still sound like SAS is part of the problem. Anyone have any idea why it would go to the blue screen after a scan / reboot? Thanks Share this post Link to post Share on other sites
SUPERAntiSpy Posted February 26, 2008 The saga continues....I reran SAS to remove the quarentined items I restored. After the scanning was complete, it asked to reboot which I did. Upon reboot, I got the blue screen of death again. It rebooted on it's own and took me into safe mode where i select "restore with last known good config". My system came back up normally but, again, without my LAN or wireless drivers or the ability to reinstall them. Still sound like SAS is part of the problem. Anyone have any idea why it would go to the blue screen after a scan / reboot? Thanks Post your scan log from the most infected portion here please. It's likely the infection you have that is the problem. Share this post Link to post Share on other sites
NevadaDave Posted February 26, 2008 How do i find the scan Log? Share this post Link to post Share on other sites
SUPERAntiSpy Posted February 26, 2008 How do i find the scan Log? Under the SUPERAntiSpyware Preferences->Logs Share this post Link to post Share on other sites
NevadaDave Posted February 26, 2008 Here's the scan log on 02/21/08, the day the problem started; SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 02/21/2008 at 11:10 AM Application Version : 4.0.1114 Core Rules Database Version : 3407 Trace Rules Database Version: 1399 Scan type : Complete Scan Total Scan Time : 00:09:00 Memory items scanned : 516 Memory threats detected : 4 Registry items scanned : 5768 Registry threats detected : 160 File items scanned : 1993 File threats detected : 58 Trojan.Media-Codec/V5 C:\PROGRAM FILES\NETPROJECT\SCIT.EXE C:\PROGRAM FILES\NETPROJECT\SCIT.EXE C:\PROGRAM FILES\NETPROJECT\SCM.EXE C:\PROGRAM FILES\NETPROJECT\SCM.EXE C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE C:\PROGRAM FILES\NETPROJECT\SBSM.EXE C:\PROGRAM FILES\NETPROJECT\SBSM.EXE [some] C:\PROGRAM FILES\NETPROJECT\SCIT.EXE [start] C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE HKLM\Software\Classes\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE} HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE} HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE} HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\Implemented Categories HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\Implemented Categories\{00021493-0000-0000-C000-000000000046} HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\InprocServer32 HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\InprocServer32#ThreadingModel C:\PROGRAM FILES\NETPROJECT\WAMDL.DLL HKLM\Software\Microsoft\Internet Explorer\Toolbar#{81705D67-3F73-4983-859B-97D0922E5ABE} C:\WINDOWS\Prefetch\SBMNTR.EXE-22367E87.pf C:\WINDOWS\Prefetch\SBSM.EXE-0482749B.pf C:\WINDOWS\Prefetch\SCIT.EXE-08C95C8D.pf C:\WINDOWS\Prefetch\SCM.EXE-10EE30C5.pf Unclassified.Unknown Origin HKLM\Software\Classes\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8} HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8} HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8} HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\InprocServer32 HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\InprocServer32#ThreadingModel HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\ProgID HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\Programmable HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\TypeLib HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\VersionIndependentProgID C:\PROGRAM FILES\HELPER\1203583939.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C566C34-7D72-4DC1-9BBE-1121A76698F8} Trojan.Media-Codec/V4 HKLM\Software\Classes\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}#xxx HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}\InprocServer32 HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}\InprocServer32#ThreadingModel C:\PROGRAM FILES\NETPROJECT\SBMDL.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run#some [ C:\Program Files\NetProject\scit.exe ] HKCR\multimediaControls.chl HKCR\multimediaControls.chl\CLSID HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#ProductionEnvironment HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#Publisher HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#UninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayIcon HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayVersion Trojan.Smitfraud Variant HKLM\Software\Classes\CLSID\{ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c} HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C} HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}\InProcServer32 HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}\InProcServer32#ThreadingModel C:\WINDOWS\SYSTEM32\WBCHHA.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler#{ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c} Trojan.Smitfraud Variant/IE Anti-Spyware HKLM\Software\Microsoft\Internet Explorer\Extensions\{9034A523-D068-4BE8-A284-9DF278BE776E} Adware.Tracking Cookie C:\Documents and Settings\Owner.Cameron\Cookies\owner@cgi-bin[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@server.cpmstar[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@www.xxxlookups[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@rdr.hitmngr[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@programs.wegcash[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@revenue[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@www.malwarecore[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@tacoda[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@adserver[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@tribalfusion[3].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@advancedcleaner[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@2o7[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@specificclick[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@www.antispyshield[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@yadro[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@usatoday1.112.2o7[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@eb.adbureau[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@interclick[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@revsci[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@www.burstbeacon[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@collective-media[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@winpcdoctor[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@html[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@ads-dev.youporn[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@adopt.specificclick[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@sale.winspycontrol[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@burstnet[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@ad.us-ec.adtechus[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@www.burstnet[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@atwola[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@youporn[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@www.tns-counter[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@puresafetyhere[2].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@winspycontrol[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@anad.tacoda[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@wegcash[1].txt C:\Documents and Settings\Owner.Cameron\Cookies\owner@winsecureav[1].txt Trojan.Security Toolbar C:\Documents and Settings\All Users\Start Menu\Online Security Guide.url C:\Documents and Settings\All Users\Start Menu\Security Troubleshooting.url C:\Documents and Settings\All Users\Desktop\Security Troubleshooting.url C:\Documents and Settings\All Users\Desktop\Online Security Guide.url Trojan.DNSChanger-Codec HKCR\CLSID\E404.e404mgr HKCR\CLSID\E404.e404mgr#UserId Malware.SpyLocked HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert#UninstallString Adware.E404 Helper/Hij HKCR\E404.e404mgr HKCR\E404.e404mgr\CLSID HKCR\E404.e404mgr\CurVer HKCR\E404.e404mgr.1 HKCR\E404.e404mgr.1\CLSID HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB} HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0 HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0 HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0\win32 HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\FLAGS HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\HELPDIR HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836} HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\ProxyStubClsid HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\ProxyStubClsid32 HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\TypeLib HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\TypeLib#Version Adware.E404 Helper C:\Program Files\SOTFONE\1203583942.dll C:\Program Files\SOTFONE Rogue.VirusHeat HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1} HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}#AppID HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\cncmfw HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\dImf HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\edxnRFvhYvj HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\egBZA HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\LocalServer32 HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\LocalServer32#ThreadingModel HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\mHfHdQUMqdd HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\ProgID HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\VersionIndependentProgID HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF} HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0 HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\0 HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\0\win32 HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\FLAGS HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\HELPDIR HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2} HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\ProxyStubClsid HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\ProxyStubClsid32 HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\TypeLib HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\TypeLib#Version HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE} HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\ProxyStubClsid HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\ProxyStubClsid32 HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\TypeLib HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\TypeLib#Version HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0} HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\ProxyStubClsid HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\ProxyStubClsid32 HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\TypeLib HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\TypeLib#Version HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870} HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\ProxyStubClsid HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\ProxyStubClsid32 HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\TypeLib HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\TypeLib#Version HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8} HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\ProxyStubClsid HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\ProxyStubClsid32 HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\TypeLib HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\TypeLib#Version HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246} HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\ProxyStubClsid HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\ProxyStubClsid32 HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\TypeLib HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\TypeLib#Version HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7} HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\ProxyStubClsid HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\ProxyStubClsid32 HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\TypeLib HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\TypeLib#Version HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D} HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\ProxyStubClsid HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\ProxyStubClsid32 HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\TypeLib HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\TypeLib#Version HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4} HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\ProxyStubClsid HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\ProxyStubClsid32 HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\TypeLib HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\TypeLib#Version HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E} HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\ProxyStubClsid HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\ProxyStubClsid32 HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\TypeLib HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\TypeLib#Version HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C} HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\ProxyStubClsid HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\ProxyStubClsid32 HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\TypeLib HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\TypeLib#Version HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6} HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\ProxyStubClsid HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\ProxyStubClsid32 HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\TypeLib HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\TypeLib#Version HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF} HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\ProxyStubClsid HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\ProxyStubClsid32 HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\TypeLib HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\TypeLib#Version HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F} HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\ProxyStubClsid HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\ProxyStubClsid32 HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\TypeLib HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\TypeLib#Version HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9} HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\ProxyStubClsid HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\ProxyStubClsid32 HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\TypeLib HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\TypeLib#Version HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01} HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\ProxyStubClsid HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\ProxyStubClsid32 HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\TypeLib HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\TypeLib#Version C:\Program Files\VirusHeat 4.3\VirusHeat 4.3.exe C:\Program Files\VirusHeat 4.3 C:\WINDOWS\Prefetch\VIRUSHEAT 4.3.EXE-0D8A249B.pf Share this post Link to post Share on other sites
NevadaDave Posted February 26, 2008 And here's the scan log after I restored the items in quarentine and then rescan 02/26/08; SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 02/26/2008 at 03:15 PM Application Version : 4.0.1114 Core Rules Database Version : 3407 Trace Rules Database Version: 1399 Scan type : Complete Scan Total Scan Time : 00:09:02 Memory items scanned : 502 Memory threats detected : 4 Registry items scanned : 5785 Registry threats detected : 160 File items scanned : 1992 File threats detected : 21 Trojan.Media-Codec/V5 C:\PROGRAM FILES\NETPROJECT\SCIT.EXE C:\PROGRAM FILES\NETPROJECT\SCIT.EXE C:\PROGRAM FILES\NETPROJECT\SCM.EXE C:\PROGRAM FILES\NETPROJECT\SCM.EXE C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE C:\PROGRAM FILES\NETPROJECT\SBSM.EXE C:\PROGRAM FILES\NETPROJECT\SBSM.EXE [some] C:\PROGRAM FILES\NETPROJECT\SCIT.EXE [start] C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE HKLM\Software\Classes\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE} HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE} HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE} HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\Implemented Categories HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\Implemented Categories\{00021493-0000-0000-C000-000000000046} HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\InprocServer32 HKCR\CLSID\{81705D67-3F73-4983-859B-97D0922E5ABE}\InprocServer32#ThreadingModel C:\PROGRAM FILES\NETPROJECT\WAMDL.DLL HKLM\Software\Microsoft\Internet Explorer\Toolbar#{81705D67-3F73-4983-859B-97D0922E5ABE} C:\WINDOWS\Prefetch\SBMNTR.EXE-22367E87.pf C:\WINDOWS\Prefetch\SBSM.EXE-0482749B.pf C:\WINDOWS\Prefetch\SCIT.EXE-08C95C8D.pf C:\WINDOWS\Prefetch\SCM.EXE-10EE30C5.pf Unclassified.Unknown Origin HKLM\Software\Classes\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8} HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8} HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8} HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\InprocServer32 HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\InprocServer32#ThreadingModel HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\ProgID HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\Programmable HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\TypeLib HKCR\CLSID\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}\VersionIndependentProgID C:\PROGRAM FILES\HELPER\1203583939.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C566C34-7D72-4DC1-9BBE-1121A76698F8} Trojan.Media-Codec/V4 HKLM\Software\Classes\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}#xxx HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}\InprocServer32 HKCR\CLSID\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}\InprocServer32#ThreadingModel C:\PROGRAM FILES\NETPROJECT\SBMDL.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run#some [ C:\Program Files\NetProject\scit.exe ] HKCR\multimediaControls.chl HKCR\multimediaControls.chl\CLSID HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#ProductionEnvironment HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#Publisher HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#UninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayIcon HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayVersion Trojan.Smitfraud Variant HKLM\Software\Classes\CLSID\{ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c} HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C} HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}\InProcServer32 HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}\InProcServer32#ThreadingModel C:\WINDOWS\SYSTEM32\WBCHHA.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler#{ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c} Trojan.Smitfraud Variant/IE Anti-Spyware HKLM\Software\Microsoft\Internet Explorer\Extensions\{9034A523-D068-4BE8-A284-9DF278BE776E} Trojan.Security Toolbar C:\Documents and Settings\All Users\Start Menu\Online Security Guide.url C:\Documents and Settings\All Users\Start Menu\Security Troubleshooting.url C:\Documents and Settings\All Users\Desktop\Security Troubleshooting.url C:\Documents and Settings\All Users\Desktop\Online Security Guide.url Trojan.DNSChanger-Codec HKCR\CLSID\E404.e404mgr HKCR\CLSID\E404.e404mgr#UserId Malware.SpyLocked HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert#UninstallString Adware.E404 Helper/Hij HKCR\E404.e404mgr HKCR\E404.e404mgr\CLSID HKCR\E404.e404mgr\CurVer HKCR\E404.e404mgr.1 HKCR\E404.e404mgr.1\CLSID HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB} HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0 HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0 HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0\win32 HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\FLAGS HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\HELPDIR HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836} HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\ProxyStubClsid HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\ProxyStubClsid32 HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\TypeLib HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\TypeLib#Version Adware.E404 Helper C:\Program Files\SOTFONE\1203583942.dll C:\Program Files\SOTFONE Rogue.VirusHeat HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1} HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}#AppID HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\cncmfw HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\dImf HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\edxnRFvhYvj HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\egBZA HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\LocalServer32 HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\LocalServer32#ThreadingModel HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\mHfHdQUMqdd HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\ProgID HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\VersionIndependentProgID HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF} HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0 HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\0 HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\0\win32 HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\FLAGS HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\HELPDIR HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2} HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\ProxyStubClsid HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\ProxyStubClsid32 HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\TypeLib HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\TypeLib#Version HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE} HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\ProxyStubClsid HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\ProxyStubClsid32 HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\TypeLib HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\TypeLib#Version HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0} HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\ProxyStubClsid HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\ProxyStubClsid32 HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\TypeLib HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\TypeLib#Version HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870} HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\ProxyStubClsid HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\ProxyStubClsid32 HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\TypeLib HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\TypeLib#Version HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8} HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\ProxyStubClsid HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\ProxyStubClsid32 HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\TypeLib HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\TypeLib#Version HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246} HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\ProxyStubClsid HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\ProxyStubClsid32 HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\TypeLib HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\TypeLib#Version HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7} HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\ProxyStubClsid HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\ProxyStubClsid32 HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\TypeLib HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\TypeLib#Version HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D} HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\ProxyStubClsid HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\ProxyStubClsid32 HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\TypeLib HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\TypeLib#Version HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4} HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\ProxyStubClsid HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\ProxyStubClsid32 HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\TypeLib HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\TypeLib#Version HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E} HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\ProxyStubClsid HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\ProxyStubClsid32 HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\TypeLib HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\TypeLib#Version HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C} HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\ProxyStubClsid HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\ProxyStubClsid32 HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\TypeLib HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\TypeLib#Version HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6} HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\ProxyStubClsid HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\ProxyStubClsid32 HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\TypeLib HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\TypeLib#Version HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF} HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\ProxyStubClsid HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\ProxyStubClsid32 HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\TypeLib HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\TypeLib#Version HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F} HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\ProxyStubClsid HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\ProxyStubClsid32 HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\TypeLib HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\TypeLib#Version HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9} HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\ProxyStubClsid HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\ProxyStubClsid32 HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\TypeLib HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\TypeLib#Version HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01} HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\ProxyStubClsid HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\ProxyStubClsid32 HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\TypeLib HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\TypeLib#Version C:\Program Files\VirusHeat 4.3\VirusHeat 4.3.exe C:\Program Files\VirusHeat 4.3 C:\WINDOWS\Prefetch\VIRUSHEAT 4.3.EXE-0D8A249B.pf Share this post Link to post Share on other sites
SUPERAntiSpy Posted February 27, 2008 Classic Porn Infection. My guess is the spyware has damaged one of the drivers. I will see what can be done. Share this post Link to post Share on other sites
NevadaDave Posted February 27, 2008 LOL, porn would have been a lot better than the constant "your system is infected and you need to download this product" crap that I was getting. It seems to have destroyed two drivers. My Broadcom LAN and Broadcom wireless devices. I appreciate all your help. Share this post Link to post Share on other sites
EliteKiller Posted February 27, 2008 1) Have you tried a system restore (if applicable) to a few days ago? 2) Reboot to safe mode, run SAS again, remove all infections found 3) Run combofix 4) It doesn't appear that the tcp/ip stack is hosed, but I would go to the SAS prefs > repairs > repair broken network connection anyhow 5) Uninstall the network devices in the device manager > reboot > reinstall Share this post Link to post Share on other sites
NevadaDave Posted February 27, 2008 Thanks for the ideas, I'll try them. Can't do the system restore as my computer wasn't ever enabled to do it. Lesson learned. What is combofix and how do I access it? Thanks Share this post Link to post Share on other sites
EliteKiller Posted February 27, 2008 Click on combofix since it is a URL. Share this post Link to post Share on other sites
NevadaDave Posted February 27, 2008 Tried everything but the Combofix and nothing helped. Problem still present. What is Combofix? Share this post Link to post Share on other sites
EliteKiller Posted February 28, 2008 Click on combofix since it is a URL. http://www.bleepingcomputer.com/combofi ... e-combofix Share this post Link to post Share on other sites
NevadaDave Posted February 28, 2008 I downloaded and ran the Combofix program. It didn't solve the problem. I posted the log on BleepingComputer.com under the Win XP Pro subject. If you ca decifer anything out of it, here's the log; ComboFix 08-02-25.3 - Owner 2008-02-28 14:02:33.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.182 [GMT -8:00] Running from: C:\Documents and Settings\Owner.Cameron\Desktop\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\Helper C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55 C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\dirty_dishes.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\foodtray.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\heart1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\heart2.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\heart3.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\menu_down.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\menu_up.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\mop_prop.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\ticket.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\cafe\cafe_music_a1.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\cafe\cafe_music_a2.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\cafe\cafe_music_a3.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\cafe\cafe_music_a4.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\mainmenumusic.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\baby_cry.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\chef_cook1.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\closing_time.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\customer_ditch.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\dialog_down.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\dialog_up.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\drink_table.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\expert.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\highchair_deliver.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\highchair_pickup.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\keystroke2.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\level_lose.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\level_win.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\menu_click.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\menu_rollover.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\mop_pickup.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\mop_spill.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_bring_check_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_deliver_food_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_dropoff_drinks_1.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_food_ready_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_gain_heart_1.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_get_drinks_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_menu_down.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_party_arrive_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_pencil_write_2.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_pickup_food_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_seat_people_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\spill.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\table_drink.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\tip_2.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\flo_lose.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\flo_win.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\fullscreendialog.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\high_score_menu_bg.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\levelintro.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\levelintro.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\levelover.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\longdialog.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\longdialog.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\mainmenu.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\mainmenu_logo.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\popup.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\popup.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\textfield.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\upgrade_lines.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowdown_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowdown_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowdown_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowup_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowup_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowup_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\checkbox_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\checkbox_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\checkbox_rotated_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\checkbox_rotated_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\decor_highlight.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\decor_normal.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\decor_selected.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_large_1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_large_2.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_large_3.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_small_1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_small_2.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_small_3.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a2.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a3.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\left_arrow_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\left_arrow_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\left_arrow_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button1_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button1_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button1_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button1_mask.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button2_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button2_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button2_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button2_mask.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\map_button_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\map_button_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\map_button_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\right_arrow_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\right_arrow_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\right_arrow_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\upgrade_down.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\upgrade_over.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\upgrade_up.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\welcome_player.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\actionpoints.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\career.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\customer.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\endless.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\global.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\powerups.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cook\stove.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\arrow.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\click.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\click2.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\grab.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\open.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\anim.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\blue.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\blue_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\legs.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\red.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\red_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\anim.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\blue.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\blue_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\legs.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\red.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\red_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\anim.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\baby.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\baby.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\blue.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\blue_baby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\blue_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\legs.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\red.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\red_baby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\red_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\anim.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\blue.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\blue_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\legs.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\red.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\red_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\idle.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\idle.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\lower.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\lower.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\upper.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\upper.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\fonts\mercurius.mvec C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\bench.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\bench.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\blue_highchairbaby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\chair.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\chair.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\dirt2top.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\dirt4top.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\dishcart.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\dishcart.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\green_highchairbaby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\highchair_prop_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\highchair_prop_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\highchairbaby.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\highchairbaby.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\luxury_bench.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\luxury_bench.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\mop_station_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\mop_station_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\mop_station_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\podium.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\podium_heart.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\podium_heart.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\purple_highchairbaby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\radio.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\red_highchairbaby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\spill.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\spill.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\stereo.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\ticketstation.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\ticketstation.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\yellow_highchairbaby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\family.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help_dividerline.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help1_colormatch1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help1_colormatch2.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help1_noise.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help1_score.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_cleardishes.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_givecheck.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_pickupfood.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_servefood.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_takeorder.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\hiscore\local-hs-bb.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\hiscore\p1icon.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_1.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_2.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_3.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_4.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_5.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_6.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\endless_1_1.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\endless_1_1_a.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\endless_1_1_b.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\endless_1_1_c.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\playfirstlogo.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\background.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\blue.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\green.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\green.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\grey.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\red.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\food\cup1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\food\food.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\food\food.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\frames\2_0.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\frames\2_1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\furniture\drinkstation1_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\furniture\drinkstation1_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\furniture\drinkstation1_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\people\cook.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\people\cook.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\props\cup_prop1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\tables\2top.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\tables\2top.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\tables\4top.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\tables\4top.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\upgrade_icons\cafe_icon_2_0.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\upgrade_icons\cafe_icon_2_1.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\upgrades.xml C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\tableshadow.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\careerupgrade.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\choosedifficulty.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\closeconfirm.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\entername.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\game.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\getmoregames.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\help1.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\help2.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\hiscore.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\hiscoreinfo.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\hiscoresubmit.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\levelintro.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\levelover.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\loading.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\mainloop.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\mainmenu.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\ok.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\pause.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\style.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\upgrade.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\upsell.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\yesno.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\splash\aol_logo.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\splash\playfirst_logo.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\strings.xml C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\angersmoke.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\angersmoke.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\bubbles\request_bubble.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\bubbles\request_mop.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\bubbles\request_rejectmeal.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\chairflags.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\chairflags.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\check.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\checkmark.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\closed.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\coinflip.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\coinflip.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\decor_lines.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\dollar.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\expert.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\foodpoof.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\foodpoof.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\heartgrow.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\heartgrow.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\jar.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\jar.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\lives_icon.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\noisering.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_d.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_e.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_f.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\tablenumber_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\tablenumber_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\traynumber.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\tutorialarrow.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\tutorialbox.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\ui_base.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\ui_hand.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\ui_timer_off.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\ui_timer_on.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgradeanim.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_bench_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_bench_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_bench_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_drink_station1_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_drink_station1_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_drink_station1_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_luxury_bench_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_luxury_bench_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_luxury_bench_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_oven_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_oven_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_oven_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_podium_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_podium_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_podium_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_powerbars_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_powerbars_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_powerbars_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_radio_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_radio_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_radio_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_stereo_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_stereo_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_stereo_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_table_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_table_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_table_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\upsell\dd1.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\upsell\dd2.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\upsell\dd3.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\assets\upsell\dd4.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.55\dinerdash2.exe D:\Autorun.inf . ((((((((((((((((((((((((( Files Created from 2008-01-28 to 2008-02-28 ))))))))))))))))))))))))))))))) . 2008-02-27 12:56 . 2008-02-27 13:01 2008-02-27 11:49 . 2008-02-27 12:21 2008-02-22 19:57 . 2008-02-22 19:57 2008-02-22 19:57 . 2004-06-14 14:56 427,864 --a------ C:\WINDOWS\system32\XceedZip.dll 2008-02-21 22:49 . 2008-02-25 15:33 2008-02-21 00:51 . 2008-02-26 15:19 2008-02-05 11:37 . 2008-02-05 11:37 664 --a------ C:\WINDOWS\system32\d3d9caps.dat . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-25 08:02 --------- d-----w C:\Program Files\Common Files\AOL 2008-02-22 19:09 --------- d-----w C:\Program Files\Common Files\Adobe 2008-02-21 08:57 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-02-21 08:53 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-01-27 00:30 --------- d-----w C:\Program Files\SUPERAntiSpyware 2008-01-27 00:30 --------- d-----w C:\Documents and Settings\Owner.Cameron\Application Data\SUPERAntiSpyware.com 2008-01-27 00:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2008-01-27 00:29 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-01-26 12:00 --------- d-----w C:\Program Files\Viewpoint 2008-01-26 12:00 --------- d-----w C:\Documents and Settings\Owner.Cameron\Application Data\acccore 2008-01-26 12:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint 2008-01-26 11:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL OCP 2008-01-26 11:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL 2008-01-26 00:11 --------- d-----w C:\Program Files\Apple Software Update 2008-01-26 00:10 --------- d-----w C:\Program Files\Common Files\Apple 2008-01-26 00:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple 2008-01-23 07:23 --------- d-----w C:\Documents and Settings\Owner.Cameron\Application Data\Move Networks 2008-01-10 09:26 --------- d-----w C:\Program Files\RapidTyping 2008-01-09 22:16 --------- d-----w C:\Program Files\Google 2007-12-29 02:47 --------- d-----w C:\Documents and Settings\Owner.Cameron\Application Data\LearnLift 2007-12-07 00:44 666,112 ----a-w C:\WINDOWS\system32\wininet.dll 2007-12-04 18:38 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [ ] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-01-25 10:11 1462272] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 20:05 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 19:24 32768] "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 15:47 98394] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 15:47 688218] "Recguard"="%WINDIR%\SMINST\RECGUARD.EXE" [ ] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-12-24 01:54 155648] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-12-24 01:54 118784] "MsgCenterExe"="C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" [ ] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 18:58 282624] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 09:36 256576] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46 57344] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-22 22:19 52840] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 03:00 132496] "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 17:30 517768] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ BigFix.lnk - C:\Program Files\BigFix\bigfix.exe [2006-06-20 08:22:35 2168360] Device Detector 3.lnk - C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe [2007-01-08 17:01:03 114688] Directrec Configuration Tool.lnk - C:\Program Files\Olympus\DSSPlayer\DirectrecConfig.exe [2007-01-08 17:00:58 122880] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"= "C:\\Program Files\\iTunes\\iTunes.exe"= R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 13:38] *Newly Created Service* - COMHOST . Contents of the 'Scheduled Tasks' folder "2007-03-08 16:36:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2006-06-20 03:08:53 C:\WINDOWS\Tasks\ISP signup reminder 1.job" - C:\WINDOWS\system32\OOBE\oobebaln.exe "2008-02-23 04:01:32 C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Owner.job" - C:\PROGRA~1\NORTON~2\NORTON~1\Navw32.exeh/TASK: . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-28 14:06:09 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-02-28 14:07:24 ComboFix-quarantined-files.txt 2008-02-28 22:07:03 . 2008-02-14 01:44:58 --- E O F --- Share this post Link to post Share on other sites
PAZ Posted March 4, 2008 I don't know if this is any help, or even if it will work for you, but I also got the blue screen following a reboot after scanning and deleting a huge amount of malware (a badly infected machine - not mine!!) I rebooted again and the machine went into a reboot cycle so I managed to get it into safe mode, logged in as Aministrator then ran the scan again. More malware was found and deleted. The machine then rebooted fine into normal XP. The first scan was done in a normal boot while a whole load of malware pop-ups were going on - it was impossible to close them all before another popped up. I have a feeling that the problem was caused by this fact and that SAS couldn't delete everything, as it was active, and ended up half doing the job. Booting into safe mode made sure it could clean up properly - that's my assumption anyway. I may be totally off beam here but I think I'll run future scans - certainly on badly infected machines - in safe mode to start with. Share this post Link to post Share on other sites