ComboFix 08-03-14.4 - Compaq_Owner 2008-03-16 14:51:36.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.557 [GMT -4:00]
Running from: C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\AGSYCPIL\ComboFix[1].exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Program Files\seekmo
C:\Program Files\seekmo\seekmohook.dll
C:\WINDOWS\180ax.exe
C:\WINDOWS\2020search.dll
C:\WINDOWS\2020search2.dll
C:\WINDOWS\bjam.dll
C:\WINDOWS\bokja.exe
C:\WINDOWS\cdsm32.dll
C:\WINDOWS\default.htm
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\accessories\cup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\accessories\customer_cup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\accessories\heart.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\accessories\menu_down.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\accessories\menu_up.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\accessories\plates.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\accessories\ticket.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\accessories\tray.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\music\mainmenumusic.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_bring_check_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_deliver_order_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_diner.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_food_ready_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_gain_heart_1.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_pencil_write_2.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_rollover_1.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_seat_people_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\choosedifficulty.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\credits.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\flo_lose.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\flo_win.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\help1.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\help2.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\highscores.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\levelintro.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\levelintro_mask.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\levelover.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\levelover_mask.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\mainmenu.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\popup.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\popup_mask.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\upgradegrid.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\upgradetitle.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\upsell.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\arrowleft_blue.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\arrowleft_yellow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\arrowright_blue.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\arrowright_yellow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\back_blue.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\back_yellow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\backchalk.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\backchalkup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\backtomenu_blue.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\backtomenu_yellow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\cancel.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\cancelup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\career.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\career_over.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\close.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\closeup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\continue.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\continueover.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\credits_blue.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\credits_yellow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\download_blue.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\download_yellow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\easy.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\easy_over.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\endlessshift.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\endlessshift_over.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\hard.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\hard_over.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\help.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\help_over.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\highscores.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\highscores_over.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\instructions_blue.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\instructions_yellow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\letsplay.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\letsplayover.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\medium.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\medium_over.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\moreinfo.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\moreinfoup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\off.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\off_on.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\on.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\on_on.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\pause.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\pauseover.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\quit.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\quitgame.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\quitgameover.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\quitover.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\resumegame.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\resumegameover.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\submit.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\submitup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\tryagain.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\tryagainover.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\upgrade_over.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\upgrade_up.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\viewglobal.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\viewglobalup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\viewhighscore.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\viewhighscoreon.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\viewlocal.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\viewlocalup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\comics\webcomic.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\config\career.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\config\customer.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\config\endless.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\config\global.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\config\powerups.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\cook\cook.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\cook\cook.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\cook\stove.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\cursor\arrow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\cursor\click.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\cursor\click2.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\cursor\grab.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\cursor\open.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\blue\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\blue\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\blue\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\green\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\green\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\green\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\purple\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\purple\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\purple\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\red\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\red\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\red\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\yellow\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\yellow\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\yellow\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\blue\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\blue\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\blue\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\green\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\green\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\green\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\purple\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\purple\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\purple\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\red\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\red\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\red\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\yellow\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\yellow\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\yellow\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\flo\idle.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\flo\idle.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\flo\lower.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\flo\lower.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\flo\upper.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\flo\upper.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\fonts\arial.mvec
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\fonts\komikaaxis.mvec
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\chair.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\chair.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\dirt2top.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\dirt4top.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\dishcart.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\dishcart.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\drinkstation_off.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\drinkstation_on1.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\drinkstation_on2.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\ticketstation.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\ticketstation.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\arrowdown.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\arrowdownon.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\arrowleft.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\arrowlefton.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\arrowright.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\arrowrighton.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\arrowup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\arrowupon.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\p1icon.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\textedit.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\title.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_1.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_1_a.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_1_b.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_1_c.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_2.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_2_a.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_2_b.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_2_c.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_2_d.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_3.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_3_a.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_3_b.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_3_c.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_3_d.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\fifth_level_diner.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\first_level_diner.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\fourth_level_diner.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\second_level_diner.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\playfirst_logo.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\background.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\food\food1.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\food\food1.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\food\food2.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\food\food2.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\food\food3.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\food\food3.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\frames\upgrade_0001.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\tables\2top.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\tables\2top.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\tables\4top.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\tables\4top.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\upgrades.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\tableshadow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\choosedifficulty.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\chooseplayer.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\chooserestaurant.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\credits.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\game.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\gothighscore.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\help.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\help2.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\hiscore.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\hiscoreinfo.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\hiscoresubmit.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\levelintro.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\levelover.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\loading.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\mainloop.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\mainmenu.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\ok.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\pause.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\style.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\tutorialintro.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\upgrade.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\upsell.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\webcomic.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\yesno.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\splash\aol_logo.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\splash\gamelabsplash.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\splash\playfirst_logo.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\strings.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\angersmoke.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\angersmoke.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\chairflags.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\chairflags.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\check.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\checkmark.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\clock.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\closed.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\closingtime.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\coinflip.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\coinflip.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\dollar.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\doodles\coffee.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\doodles\tables.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\doodles\wallpaper.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\expert.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\expertscore.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\foodpoof.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\foodpoof.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\fork_timer.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\goalcompleted.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\heartgrow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\heartgrow.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\jar.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\jar.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\level.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\level_career.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\score.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\sound.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\staroff.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\staron.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\tablenumber.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\tablenumberup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\traynumber.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\tutorial_character.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\tutorialarrow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\tutorialbox.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\upgradeanim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\upgradeanim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\upgrades\drinks.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\upgrades\maitred.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\upgrades\oven.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\upgrades\select.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\upgrades\shoes.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\upgrades\stereo.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\upgrades\table.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.89\dinerdash.exe
C:\WINDOWS\mspphe.dll
C:\WINDOWS\mssvr.exe
C:\WINDOWS\saiemod.dll
C:\WINDOWS\salm.exe
C:\WINDOWS\stcloader.exe
C:\WINDOWS\swin32.dll
C:\WINDOWS\system32\000090.exe
C:\WINDOWS\system32\msixu.dll
C:\WINDOWS\system32\wer8274.dll
C:\WINDOWS\TEMP\salm.exe
C:\WINDOWS\updatetc.exe
C:\WINDOWS\voiceip.dll
----- BITS: Possible infected sites -----
hxxp://80.93.48.74
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_SFSYNC02
-------\sfsync02
((((((((((((((((((((((((( Files Created from 2008-02-16 to 2008-03-16 )))))))))))))))))))))))))))))))
.
2008-03-16 14:49 . 2008-03-16 14:49 <DIR> d-------- C:\Program Files\zango
2008-03-16 14:47 . 2008-03-16 14:47 <DIR> d-------- C:\WINDOWS\FLEOK
2008-03-16 14:47 . 2008-03-16 14:47 <DIR> d-------- C:\Program Files\180searchassistant
2008-03-16 14:47 . 2008-03-16 14:47 9,984 --a------ C:\WINDOWS\didduid.ini
2008-03-16 12:39 . 2008-03-16 13:14 <DIR> d-------- C:\Program Files\180search assistant
2008-03-16 12:07 . 2008-03-16 12:07 <DIR> d-------- C:\Program Files\stc
2008-03-16 12:06 . 2008-03-16 12:06 <DIR> d-------- C:\Program Files\Sysmnt
2008-03-16 11:54 . 2008-03-16 14:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Rabio
2008-03-16 11:52 . 2008-03-16 11:55 <DIR> d-------- C:\Program Files\Bat
2008-03-16 11:51 . 2008-03-16 11:51 90,544 --a------ C:\WINDOWS\system32\mgmrwmrv.exe
2008-03-16 11:51 . 2008-03-16 11:51 4 --a------ C:\WINDOWS\system32\winfrun32.bin
2008-03-08 19:16 . 2008-03-08 19:17 <DIR> d-------- C:\Program Files\Macrogaming
2008-02-24 16:59 . 2008-02-24 16:59 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Fuzzy Games
2008-02-24 09:32 . 2008-02-24 09:32 278,793 --a------ C:\WINDOWS\system32\L43D1.tmp
2008-02-24 09:32 . 2008-02-24 09:32 401 --a------ C:\WINDOWS\system32\L5342.tmp
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-16 18:55 8,448 ----a-w C:\WINDOWS\180ax.exe
2008-03-16 18:55 32,512 ----a-w C:\WINDOWS\swin32.dll
2008-03-16 18:55 26,368 ----a-w C:\WINDOWS\cdsm32.dll
2008-03-16 18:55 25,344 ----a-w C:\WINDOWS\salm.exe
2008-03-16 18:55 17,408 ----a-w C:\WINDOWS\bokja.exe
2008-03-16 18:55 17,152 ----a-w C:\WINDOWS\voiceip.dll
2008-03-16 18:55 14,336 ----a-w C:\WINDOWS\updatetc.exe
2008-03-16 18:55 13,312 ----a-w C:\WINDOWS\stcloader.exe
2008-03-16 18:55 13,312 ----a-w C:\WINDOWS\saiemod.dll
2008-03-16 18:55 12,288 ----a-w C:\WINDOWS\mspphe.dll
2008-03-16 18:55 11,008 ----a-w C:\WINDOWS\bjam.dll
2008-03-16 18:50 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-16 18:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-03-15 21:41 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-06 01:48 --------- d-----w C:\Program Files\MSN Games
2008-03-02 00:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Oberon Games
2008-02-25 21:25 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\iWin
2008-02-24 03:11 --------- d-----w C:\Program Files\AIM6
2008-02-24 03:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-02-24 03:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-02-24 03:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL Downloads
2008-02-23 02:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\HipSoft
2008-02-23 00:13 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\Wildfire
2008-02-09 17:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Go Go Gourmet
2008-02-09 00:43 --------- d-----w C:\Program Files\Hidden Expedition Titanic
2008-02-07 13:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-07 12:52 --------- d-----w C:\Program Files\EA GAMES
2008-02-07 12:48 --------- d-----w C:\Program Files\Nick Arcade
2008-02-07 12:11 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-01 15:12 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\PlayFirst
2008-02-01 15:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-01-28 23:18 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\Oberon Games
2008-01-20 00:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kodak
2008-01-20 00:11 --------- d-----w C:\Program Files\KODAK
2008-01-20 00:10 --------- d-----w C:\Program Files\Common Files\KODAK
2008-01-18 02:00 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\Super-Cow
2008-01-17 17:53 --------- d-----w C:\Program Files\Mystery Case Files - Prime Suspects
2007-03-04 19:39 75,191,600 ----a-w C:\Program Files\MCF_Ravenhearst-setup.exe
2005-03-23 03:37 10,311 ----a-w C:\Program Files\uninstal.log
2002-09-11 14:26 63,730 ----a-w C:\Program Files\viewsonicinstruct_xp.pdf
2001-09-20 05:01 3,619,770 ----a-w C:\Program Files\BFR-IT.exe
2001-09-20 04:35 6,598 ----a-w C:\Program Files\readme.txt
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{63F7460B-C831-4142-A4AA-5EC303EC4343}]
2008-03-07 21:15 413696 --a------ C:\Program Files\Bat\Bat.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [ ]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15:00 15360]
"Yahoo! Pager"="~C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [ ]
"MsnMsgr"="~C:\Program Files\MSN Messenger\MsnMsgr.exe" [ ]
"BellesBeautyBoutiqueSetup.exe"="C:\DOWNLO~1\BELLES~1.exe" [ ]
"Aim6"="~C:\Program Files\AIM6\aim6.exe" [ ]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [2007-06-08 10:59 224248]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-02 21:15 103712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 19:04 52736]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 23:02 61440]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 23:43 233472]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-11-02 09:03 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-11-02 08:59 126976]
"AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 12:01 88209 C:\WINDOWS\AGRSMMSG.exe]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-12 23:13 98304]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 02:41 8523776]
"nwiz"="nwiz.exe" [2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 14:47 57344 C:\WINDOWS\ALCXMNTR.EXE]
"zzzHPSETUP"="D:\Setup.exe" [ ]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 15:18 241664]
"CmUsbSound"="cmcnfgu.cpl" []
"C-Media Mixer"="Mixer.exe" [2002-01-28 04:16 1228800 C:\WINDOWS\mixer.exe]
"PLNRNote"="C:\Program Files\SierraHome\Hallmark Card Studio Special Edition\Planner\PLNRNote.exe" [2004-11-23 08:24 30720]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58 282624]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36 256576]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 22:59 115816]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2006-09-05 22:22 26248]
"NapsterShell"="C:\Program Files\Napster\napster.exe" [ ]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09 63712]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [2007-06-08 10:59 224248]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-11-28 20:51 583048]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 02:41 81920]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-02 21:15 103712]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-11-01 00:04:27 113664]
Compaq Connections.lnk - C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe [2004-08-09 04:59:58 16423]
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-06 02:06:58 28672]
officejet 6100.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe [2003-04-06 01:37:38 147456]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Compaq Connections\\6750491\\Program\\Compaq Connections.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Red Storm Entertainment\\RavenShield\\system\\RavenShield.exe"=
"C:\\Program Files\\ubi.com\\Core\\GS4.exe"=
"C:\\WINDOWS\\system32\\java.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 17:38]
S3 cmudau;C-Media USB Sound Interface;C:\WINDOWS\system32\drivers\cmudau.sys [2004-08-18 03:26]
*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
"2008-03-15 00:00:00 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Compaq_Owner.job"
- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeh/TASK:
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-16 14:59:00
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
.
**************************************************************************
.
Completion time: 2008-03-16 15:11:02 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-16 19:10:58
.
2008-03-12 07:02:07 --- E O F ---
hijack this log;
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:19:10 PM, on 3/16/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\SierraHome\Hallmark Card Studio Special Edition\Planner\PLNRNote.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Compaq_Owner\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://armstrongmywire.com/news/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: BatBHO - {63F7460B-C831-4142-A4AA-5EC303EC4343} - C:\Program Files\Bat\Bat.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [zzzHPSETUP] D:\Setup.exe \RESET
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [PLNRNote] "C:\Program Files\SierraHome\Hallmark Card Studio Special Edition\Planner\PLNRNote.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] ~"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BellesBeautyBoutiqueSetup.exe] C:\DOWNLO~1\BELLES~1.EXE /r
O4 - HKCU\..\Run: [Aim6] ~"C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - S-1-5-18 Startup: Bat - Auto Update.lnk = C:\Program Files\Bat\Bat.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Bat -
Edited by Gonenutz, 16 March 2008 - 01:33 PM.