Jump to content

Thexasoul

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I get this error still when trying to update Malware bytes: MbAM_ERROR_UPDATING (12029, 0, WinHttpSendRequest) JavaRa 1.15 Removal Log. The JavaRa removal process was started on Mon May 17 23:31:30 2010 Found and removed: C:\Program Files\Java\j2re1.4.2_03 Found and removed: C:\Program Files\Java\jre1.5.0_06 Found and removed: C:\Program Files\Java\jre1.5.0_09 Found and removed: C:\Program Files\Java\jre1.5.0_10 Found and removed: C:\Program Files\Java\jre1.6.0 Found and removed: C:\Program Files\Java\jre1.6.0_01 Found and removed: C:\Program Files\Java\jre1.6.0_02 Found and removed: C:\Program Files\Java\jre1.6.0_03 Found and removed: C:\Documents and Settings\HP_Owner\Application Data\Sun\Java\jre1.6.0_13 Found and removed: SOFTWARE\Classes\JavaPlugin.142_03 JavaRa 1.15 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Mon May 17 23:32:13 2010 Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4052 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 5/17/2010 11:48:28 PM mbam-log-2010-05-17 (23-48-28).txt Scan type: Quick scan Objects scanned: 130319 Time elapsed: 10 minute(s), 0 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) DDS (Ver_10-03-17.01) - NTFSx86 Run by HP_Owner at 23:51:28.15 on Mon 05/17/2010 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.142 [GMT -5:00] FW: Norton Personal Firewall *enabled* {825036E0-9F94-4752-8789-8B92454AF49B} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe c:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\lxdqcoms.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\igfxtray.exe C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Lexmark Z2400 Series\lxdqMsdMon.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Program Files\Common Files\Symantec Shared\NMAIN.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\HP_Owner\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.yahoo.com uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop mStart Page = hxxp://www.yahoo.com mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop uInternet Settings,ProxyOverride = *.local BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: CNisExtBho Class: {9ecb9560-04f9-4bbc-943d-298ddf1699e1} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll BHO: CNavExtBho Class: {bdf3e430-b101-42ad-a544-fadc6b084872} - c:\program files\norton antivirus\NavShExt.dll BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - c:\program files\yontoo layers client\YontooIEClient.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll TB: HP view: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} - c:\program files\hp\digital imaging\bin\HPDTLK02.dll TB: Norton AntiVirus: {42cdd1bf-3ffb-4238-8ad1-7859df00b1d6} - c:\program files\norton antivirus\NavShExt.dll TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe" uRun: [search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [HPHUPD06] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe mRun: [HPHmon06] c:\windows\system32\hphmon06.exe mRun: [KBD] c:\hp\kbd\KBD.EXE mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [AGRSMMSG] AGRSMMSG.exe mRun: [PS2] c:\windows\system32\ps2.exe mRun: [AlcxMonitor] ALCXMNTR.EXE mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [lxdqmon.exe] "c:\program files\lexmark z2400 series\lxdqmon.exe" mRun: [lxdqamon] "c:\program files\lexmark z2400 series\lxdqamon.exe" mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\minima~1.lnk - c:\program files\broderbund\mavis beacon teaches typing 12 standard\MiniMavis.exe IE: Add To HP Organize... - c:\progra~1\hewlet~1\hporga~1\bin\core.hp.main\SendTo.html IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: {BE5D41CD-F293-49A3-AE83-D6E457EE854F} = 192.168.1.1 Notify: igfxcui - igfxsrvc.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\hp_owner\applic~1\mozilla\firefox\profiles\czpymh0y.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p= FF - plugin: c:\documents and settings\hp_owner\local settings\application data\yahoo!\browserplus\2.6.0\plugins\npybrowserplus_2.6.0.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, truec:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr ef", true); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); ============= SERVICES / DRIVERS =============== R1 SAVRT;SAVRT;c:\program files\norton antivirus\savrt.sys [2003-11-7 308416] R1 SAVRTPEL;SAVRTPEL;c:\program files\norton antivirus\Savrtpel.sys [2003-11-7 37056] R2 lxdq_device;lxdq_device;c:\windows\system32\lxdqcoms.exe -service --> c:\windows\system32\lxdqcoms.exe -service [?] R2 navapsvc;Norton AntiVirus Auto Protect Service;c:\program files\norton antivirus\navapsvc.exe [2004-6-4 174208] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2009-11-13 92008] R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20040625.019\NAVENG.Sys [2004-8-8 68168] R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20040625.019\NavEx15.Sys [2004-8-8 600264] S2 ccProxy;Symantec Network Proxy;c:\program files\common files\symantec shared\ccProxy.exe [2003-12-9 218232] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-5 135664] S4 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2003-12-9 255096] S4 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\ccPwdSvc.exe [2003-12-9 87160] S4 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2003-12-9 234616] S4 SAVScan;SAVScan;c:\program files\norton antivirus\SAVScan.exe [2003-11-7 193816] =============== Created Last 30 ================ 2010-05-16 23:33:08 77312 ----a-w- c:\windows\MBR.exe 2010-05-16 23:33:07 98816 ----a-w- c:\windows\sed.exe 2010-05-16 23:33:07 256512 ----a-w- c:\windows\PEV.exe 2010-05-16 23:33:07 161792 ----a-w- c:\windows\SWREG.exe 2010-05-14 00:44:01 0 ----a-w- c:\documents and settings\hp_owner\defogger_reenable 2010-05-14 00:41:22 0 d-----w- c:\program files\Trend Micro 2010-05-14 00:15:09 0 d-----w- c:\docume~1\hp_owner\applic~1\Malwarebytes 2010-05-14 00:15:01 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-05-14 00:15:00 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-05-14 00:15:00 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-14 00:15:00 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes ==================== Find3M ==================== 2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-02-25 06:24:37 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-17 14:10:28 2189952 ----a-w- c:\windows\system32\ntoskrnl.exe 2005-09-25 02:46:56 774144 ----a-w- c:\program files\RngInterstitial.dll 2009-08-04 13:13:39 0 --sha-w- c:\windows\sminst\HPCD.sys 2009-06-29 01:35:12 245760 --sha-w- c:\windows\system32\config\systemprofile\ietldcache\index.dat 2009-06-29 01:35:12 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009062820090629\index.dat ============= FINISH: 23:52:20.18 ===============
  2. Same as before: The Windows Installer service could not be accessed this can occur if you are running windows in safe mode, or if the windows installer program is not installed correctly.
  3. Deleted the McAfee folder, and the error still pops up when I try to uninstall Java.
  4. ComboFix 10-05-16.01 - HP_Owner 05/16/2010 18:36:26.1.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.196 [GMT -5:00] Running from: c:\documents and settings\HP_Owner\Desktop\Combo-Fix.exe FW: Norton Personal Firewall *enabled* {825036E0-9F94-4752-8789-8B92454AF49B} * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\11.tmp C:\13.tmp C:\15.tmp C:\17.tmp C:\3.tmp C:\5.tmp C:\6.tmp C:\7.tmp c:\program files\NavExcel c:\program files\NavExcel\NavHelper\v2.0.4d\NHelper.dll c:\program files\NavExcel\NavHelper\v2.0.4d\NHelper.htm c:\program files\NavExcel\NavHelper\v2.0.4d\v2.0.4d.cab c:\windows\Downloaded Program Files\DinerDash.1.0.0.72 c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\accessories\cup.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\accessories\customer_cup.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\accessories\heart.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\accessories\menu_down.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\accessories\menu_up.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\accessories\plates.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\accessories\ticket.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\accessories\tray.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\music\mainmenumusic.ogg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_bring_check_1_snd.ogg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_deliver_food_1_snd.ogg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_deliver_order_1_snd.ogg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_diner.ogg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_food_ready_1_snd.ogg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_gain_heart_1.ogg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_get_drinks_1_snd.ogg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_party_arrive_1_snd.ogg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_pencil_write_2.ogg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_pickup_food_1_snd.ogg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_rollover_1.ogg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_seat_people_snd.ogg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\choosedifficulty.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\credits.jpg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\flo_lose.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\flo_win.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\help1.jpg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\help2.jpg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\highscores.jpg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\levelintro.jpg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\levelintro_mask.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\levelover.jpg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\levelover_mask.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\mainmenu.jpg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\popup.jpg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\popup_mask.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\upgradegrid.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\upgradetitle.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\upsell.jpg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\arrowleft_blue.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\arrowleft_yellow.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\arrowright_blue.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\arrowright_yellow.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\back_blue.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\back_yellow.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\backchalk.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\backchalkup.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\backtomenu_blue.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\backtomenu_yellow.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\cancel.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\cancelup.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\career.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\career_over.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\close.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\closeup.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\continue.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\continueover.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\credits_blue.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\credits_yellow.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\download_blue.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\download_yellow.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\easy.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\easy_over.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\endlessshift.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\endlessshift_over.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\hard.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\hard_over.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\help.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\help_over.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\highscores.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\highscores_over.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\instructions_blue.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\instructions_yellow.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\letsplay.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\letsplayover.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\medium.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\medium_over.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\moreinfo.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\moreinfoup.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\off.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\off_on.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\on.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\on_on.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\pause.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\pauseover.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\quit.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\quitgame.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\quitgameover.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\quitover.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\resumegame.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\resumegameover.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\submit.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\submitup.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\tryagain.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\tryagainover.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\upgrade_over.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\upgrade_up.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\viewglobal.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\viewglobalup.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\viewhighscore.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\viewhighscoreon.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\viewlocal.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\viewlocalup.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\comics\webcomic.jpg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\config\career.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\config\customer.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\config\endless.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\config\global.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\config\powerups.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\cook\cook.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\cook\cook.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\cook\stove.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\cursor\arrow.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\cursor\click.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\cursor\click2.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\cursor\grab.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\cursor\open.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\anim.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\blue\anim.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\blue\anim.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\blue\sit_legs.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\green\anim.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\green\anim.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\green\sit_legs.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\purple\anim.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\purple\anim.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\purple\sit_legs.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\red\anim.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\red\anim.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\red\sit_legs.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\yellow\anim.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\yellow\anim.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\yellow\sit_legs.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\anim.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\blue\anim.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\blue\anim.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\blue\sit_legs.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\green\anim.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\green\anim.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\green\sit_legs.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\purple\anim.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\purple\anim.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\purple\sit_legs.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\red\anim.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\red\anim.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\red\sit_legs.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\yellow\anim.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\yellow\anim.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\yellow\sit_legs.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\flo\idle.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\flo\idle.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\flo\lower.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\flo\lower.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\flo\upper.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\flo\upper.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\fonts\arial.mvec c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\fonts\komikaaxis.mvec c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\chair.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\chair.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\dirt2top.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\dirt4top.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\dishcart.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\dishcart.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\drinkstation_off.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\drinkstation_on1.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\drinkstation_on2.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\ticketstation.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\ticketstation.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\arrowdown.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\arrowdownon.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\arrowleft.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\arrowlefton.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\arrowright.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\arrowrighton.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\arrowup.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\arrowupon.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\p1icon.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\textedit.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\title.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_1.txt c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_1_a.txt c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_1_b.txt c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_1_c.txt c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_2.txt c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_2_a.txt c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_2_b.txt c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_2_c.txt c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_2_d.txt c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_3.txt c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_3_a.txt c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_3_b.txt c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_3_c.txt c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_3_d.txt c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\fifth_level_diner.txt c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\first_level_diner.txt c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\fourth_level_diner.txt c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\second_level_diner.txt c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\playfirst_logo.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\background.jpg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\food\food1.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\food\food1.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\food\food2.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\food\food2.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\food\food3.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\food\food3.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\frames\upgrade_0001.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\tables\2top.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\tables\2top.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\tables\4top.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\tables\4top.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\upgrades.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\tableshadow.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\choosedifficulty.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\chooseplayer.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\chooserestaurant.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\credits.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\game.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\gothighscore.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\help.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\help2.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\hiscore.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\hiscoreinfo.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\hiscoresubmit.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\levelintro.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\levelover.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\loading.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\mainloop.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\mainmenu.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\ok.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\pause.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\style.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\tutorialintro.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\upgrade.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\upsell.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\webcomic.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\yesno.lua c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\splash\aol_logo.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\splash\gamelabsplash.jpg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\splash\playfirst_logo.jpg c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\strings.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\angersmoke.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\angersmoke.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\chairflags.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\chairflags.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\check.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\checkmark.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\clock.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\closed.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\closingtime.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\coinflip.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\coinflip.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\dollar.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\doodles\coffee.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\doodles\tables.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\doodles\wallpaper.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\expert.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\expertscore.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\foodpoof.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\foodpoof.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\fork_timer.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\goalcompleted.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\heartgrow.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\heartgrow.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\jar.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\jar.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\level.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\level_career.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\score.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\sound.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\staroff.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\staron.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\tablenumber.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\tablenumberup.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\traynumber.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\tutorial_character.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\tutorialarrow.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\tutorialbox.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\upgradeanim.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\upgradeanim.xml c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\upgrades\drinks.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\upgrades\maitred.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\upgrades\oven.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\upgrades\select.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\upgrades\shoes.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\upgrades\stereo.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\upgrades\table.png c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\dinerdash.exe c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48 c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\accessories\dirty_dishes.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\accessories\foodtray.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\accessories\heart1.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\accessories\heart2.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\accessories\heart3.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\accessories\menu_down.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\accessories\menu_up.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\accessories\mop_prop.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\accessories\ticket.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\music\cafe\cafe_music_a1.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\music\cafe\cafe_music_a2.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\music\cafe\cafe_music_a3.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\music\cafe\cafe_music_a4.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\music\mainmenumusic.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\baby_cry.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\chef_cook1.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\closing_time.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\customer_ditch.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\dialog_down.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\dialog_up.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\drink_table.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\expert.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\highchair_deliver.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\highchair_pickup.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\keystroke2.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\level_lose.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\level_win.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\menu_click.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\menu_rollover.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\mop_pickup.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\mop_spill.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_bring_check_1_snd.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_deliver_food_1_snd.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_dropoff_drinks_1.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_food_ready_1_snd.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_gain_heart_1.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_get_drinks_1_snd.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_menu_down.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_party_arrive_1_snd.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_pencil_write_2.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_pickup_food_1_snd.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_seat_people_snd.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\spill.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\table_drink.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\tip_2.ogg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\flo_lose.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\flo_win.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\fullscreendialog.jpg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\high_score_menu_bg.jpg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\levelintro.jpg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\levelintro.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\levelover.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\longdialog.jpg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\longdialog.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\mainmenu.jpg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\mainmenu_logo.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\popup.jpg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\popup.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\textfield.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\upgrade_lines.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\arrowdown_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\arrowdown_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\arrowdown_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\arrowup_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\arrowup_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\arrowup_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\checkbox_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\checkbox_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\checkbox_rotated_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\checkbox_rotated_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\decor_highlight.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\decor_normal.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\decor_selected.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_large_1.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_large_2.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_large_3.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_small_1.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_small_2.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_small_3.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a1.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a2.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a3.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\left_arrow_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\left_arrow_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\left_arrow_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\main_menu_button1_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\main_menu_button1_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\main_menu_button1_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\main_menu_button1_mask.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\main_menu_button2_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\main_menu_button2_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\main_menu_button2_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\main_menu_button2_mask.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\map_button_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\map_button_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\map_button_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\right_arrow_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\right_arrow_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\right_arrow_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\upgrade_down.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\upgrade_over.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\upgrade_up.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\welcome_player.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\config\actionpoints.bin c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\config\career.bin c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\config\customer.bin c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\config\endless.bin c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\config\global.bin c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\config\powerups.bin c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\cook\stove.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\cursor\arrow.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\cursor\click.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\cursor\click2.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\cursor\grab.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\cursor\open.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\dad_male\anim.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\dad_male\anim.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\dad_male\blue.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\dad_male\blue_legs.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\dad_male\legs.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\dad_male\red.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\dad_male\red_legs.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\kid_male\anim.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\kid_male\anim.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\kid_male\blue.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\kid_male\blue_legs.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\kid_male\legs.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\kid_male\red.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\kid_male\red_legs.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\anim.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\anim.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\baby.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\baby.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\blue.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\blue_baby.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\blue_legs.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\legs.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\red.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\red_baby.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\red_legs.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\young_female\anim.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\young_female\anim.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\young_female\blue.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\young_female\blue_legs.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\young_female\legs.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\young_female\red.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\young_female\red_legs.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\flo\idle.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\flo\idle.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\flo\lower.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\flo\lower.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\flo\upper.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\flo\upper.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\fonts\mercurius.mvec c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\bench.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\bench.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\blue_highchairbaby.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\chair.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\chair.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\dirt2top.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\dirt4top.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\dishcart.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\dishcart.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\green_highchairbaby.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\highchair_prop_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\highchair_prop_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\highchairbaby.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\highchairbaby.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\luxury_bench.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\luxury_bench.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\mop_station_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\mop_station_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\mop_station_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\podium.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\podium_heart.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\podium_heart.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\purple_highchairbaby.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\radio.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\red_highchairbaby.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\spill.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\spill.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\stereo.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\ticketstation.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\ticketstation.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\yellow_highchairbaby.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\family.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help_dividerline.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help1_colormatch1.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help1_colormatch2.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help1_noise.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help1_score.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help2_cleardishes.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help2_givecheck.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help2_pickupfood.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help2_servefood.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help2_takeorder.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\hiscore\local-hs-bb.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\hiscore\p1icon.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\career_1_1.bin c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\career_1_2.bin c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\career_1_3.bin c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\career_1_4.bin c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\career_1_5.bin c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\career_1_6.bin c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\endless_1_1.bin c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\endless_1_1_a.bin c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\endless_1_1_b.bin c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\endless_1_1_c.bin c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\playfirstlogo.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\background.jpg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\blue.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\green.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\green.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\grey.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\red.pal c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\food\cup1.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\food\food.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\food\food.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\frames\2_0.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\frames\2_1.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\furniture\drinkstation1_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\furniture\drinkstation1_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\furniture\drinkstation1_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\people\cook.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\people\cook.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\props\cup_prop1.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\tables\2top.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\tables\2top.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\tables\4top.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\tables\4top.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\upgrade_icons\cafe_icon_2_0.jpg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\upgrade_icons\cafe_icon_2_1.jpg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\upgrades.xml c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\tableshadow.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\careerupgrade.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\choosedifficulty.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\closeconfirm.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\entername.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\game.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\getmoregames.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\help1.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\help2.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\hiscore.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\hiscoreinfo.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\hiscoresubmit.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\levelintro.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\levelover.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\loading.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\mainloop.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\mainmenu.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\ok.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\pause.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\style.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\upgrade.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\upsell.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\yesno.lua c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\splash\aol_logo.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\splash\playfirst_logo.jpg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\strings.xml c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\angersmoke.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\angersmoke.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\bubbles\request_bubble.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\bubbles\request_mop.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\bubbles\request_rejectmeal.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\chairflags.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\chairflags.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\check.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\checkmark.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\closed.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\coinflip.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\coinflip.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\decor_lines.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\dollar.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\expert.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\foodpoof.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\foodpoof.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\heartgrow.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\heartgrow.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\jar.anm c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\jar.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\lives_icon.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\noisering.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_d.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_e.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_f.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\tablenumber_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\tablenumber_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\traynumber.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\tutorialarrow.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\tutorialbox.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\ui_base.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\ui_hand.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\ui_timer_off.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\ui_timer_on.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgradeanim.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_bench_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_bench_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_bench_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_drink_station1_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_drink_station1_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_drink_station1_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_luxury_bench_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_luxury_bench_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_luxury_bench_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_oven_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_oven_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_oven_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_podium_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_podium_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_podium_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_powerbars_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_powerbars_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_powerbars_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_radio_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_radio_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_radio_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_stereo_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_stereo_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_stereo_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_table_a.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_table_b.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_table_c.png c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\upsell\dd1.jpg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\upsell\dd2.jpg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\upsell\dd3.jpg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\upsell\dd4.jpg c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\dinerdash2.exe c:\windows\Downloaded Program Files\f3initialsetup1.0.0.15-3.inf c:\windows\Downloaded Program Files\popcaploader.dll c:\windows\Downloaded Program Files\popcaploader.inf c:\windows\GatorHDPlugin.log c:\windows\NDNuninstall6_38-1.exe c:\windows\NDNuninstall6_38-2.exe c:\windows\NDNuninstall6_38.exe c:\windows\NDNuninstall6_90.exe c:\windows\NDNuninstall6_98.exe c:\windows\NDNuninstall7_14.exe c:\windows\NDNuninstall7_22.exe c:\windows\NDNuninstall7_48.exe D:\Autorun.inf . ((((((((((((((((((((((((( Files Created from 2010-04-16 to 2010-05-16 ))))))))))))))))))))))))))))))) . 2010-05-15 20:12 . 2010-05-15 20:12 862872 ----a-w- c:\documents and settings\HP_Owner\Application Data\Yahoo!\SearchProtection\fudogs_2.0.1.13_msgr_bts_setup.2010.04.01.01.exe 2010-05-14 00:41 . 2010-05-14 00:41 -------- d-----w- c:\program files\Trend Micro 2010-05-14 00:15 . 2010-05-14 00:15 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\Malwarebytes 2010-05-14 00:15 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-05-14 00:15 . 2010-05-14 00:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-14 00:15 . 2010-05-14 00:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-05-14 00:15 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-27 17:03 . 2010-04-27 17:03 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-15 19:42 . 2004-08-08 14:56 -------- d-----w- c:\program files\Norton AntiVirus 2010-05-12 23:46 . 2007-07-22 02:31 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2010-05-12 21:02 . 2009-10-04 07:36 1 ----a-w- c:\documents and settings\HP_Owner\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2010-04-29 17:56 . 2004-08-08 14:56 -------- d-----w- c:\program files\Common Files\Symantec Shared 2010-04-28 02:11 . 2009-11-10 03:22 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2010-04-13 01:05 . 2007-09-18 13:42 -------- d-----w- c:\program files\Google 2010-04-08 23:02 . 2010-04-08 23:02 -------- d-----w- c:\program files\Yontoo Layers Client 2010-04-08 23:02 . 2010-04-08 23:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Tarma Installer 2010-04-08 00:05 . 2010-03-11 15:56 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\Ubisoft 2010-04-05 22:42 . 2010-04-08 23:02 108544 --s-a-r- c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll 2010-04-05 22:40 . 2010-04-08 23:02 180224 --s-a-r- c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll 2010-03-24 16:03 . 2010-03-24 16:03 -------- d-----w- c:\program files\KingsIsle Entertainment 2010-03-24 16:03 . 2004-08-07 21:08 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-03-20 22:45 . 2010-03-11 01:01 -------- d-----w- c:\program files\Brain Challenge 2010-03-10 06:15 . 2004-08-07 18:47 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-03-01 21:54 . 2010-03-01 21:54 72488 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe 2010-02-25 23:57 . 2010-04-08 23:02 226304 --s---r- c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe 2010-02-25 06:24 . 2004-08-07 18:47 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-24 13:11 . 2004-08-07 18:47 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-02-17 14:10 . 2004-08-07 18:47 2189952 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-16 13:25 . 2004-08-04 05:59 2066816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2005-09-25 02:46 . 2005-09-25 02:47 774144 ----a-w- c:\program files\RngInterstitial.dll 2009-08-04 13:13 . 2009-08-04 13:13 0 --sha-w- c:\windows\SMINST\HPCD.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] 2010-04-05 22:42 194912 ------w- c:\program files\Yontoo Layers Client\YontooIEClient.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-11-13 247144] "Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-08-20 118784] "HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-08 49152] "HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-08 659456] "KBD"="c:\hp\KBD\KBD.EXE" [2003-02-12 61440] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2004-08-07 180269] "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-15 233472] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2003-12-09 70776] "AGRSMMSG"="AGRSMMSG.exe" [2004-06-30 88363] "PS2"="c:\windows\system32\ps2.exe" [2002-10-16 81920] "AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 57344] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-08-20 155648] "lxdqmon.exe"="c:\program files\Lexmark Z2400 Series\lxdqmon.exe" [2008-03-27 656040] "lxdqamon"="c:\program files\Lexmark Z2400 Series\lxdqamon.exe" [2008-03-27 16040] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-04 149280] "YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] c:\documents and settings\All Users\Start Menu\Programs\Startup\ MiniMavis.lnk - c:\program files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe [2005-8-23 2392064] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk backup=c:\windows\pss\America Online 9.0 Tray Icon.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak software updater.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak software updater.lnk backup=c:\windows\pss\Kodak software updater.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk backup=c:\windows\pss\Quicken Scheduled Updates.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk backup=c:\windows\pss\Updates from HP.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^HP_Owner^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk] path=c:\documents and settings\HP_Owner\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk backup=c:\windows\pss\OpenOffice.org 3.1.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2009-08-13 20:51 177440 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-02-16 00:07 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] 2009-11-10 21:39 5244216 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Schedule"=2 (0x2) "SCardSvr"=3 (0x3) "SAVScan"=3 (0x3) "RSVP"=3 (0x3) "RasMan"=3 (0x3) "ose"=3 (0x3) "NtmsSvc"=3 (0x3) "NtLmSsp"=3 (0x3) "napagent"=3 (0x3) "MSIServer"=3 (0x3) "MSDTC"=3 (0x3) "McComponentHostService"=3 (0x3) "iPod Service"=3 (0x3) "idsvc"=3 (0x3) "HTTPFilter"=3 (0x3) "FontCache3.0.0.0"=3 (0x3) "Fax"=3 (0x3) "EapHost"=3 (0x3) "Dot3svc"=3 (0x3) "dmserver"=3 (0x3) "dmadmin"=3 (0x3) "CryptSvc"=2 (0x2) "COMSysApp"=3 (0x3) "clr_optimization_v2.0.50727_32"=3 (0x3) "CiSvc"=3 (0x3) "ccSetMgr"=2 (0x2) "ccPwdSvc"=3 (0x3) "ccEvtMgr"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\lxdqcoms.exe"= "c:\\Program Files\\Lexmark Z2400 Series\\lxdqmon.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdqpswx.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdqjswx.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= R2 lxdq_device;lxdq_device;c:\windows\system32\lxdqcoms.exe -service --> c:\windows\system32\lxdqcoms.exe -service [?] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [11/13/2009 6:31 AM 92008] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/5/2009 6:42 PM 135664] --- Other Services/Drivers In Memory --- *NewlyCreated* - APPMGMT . Contents of the 'Scheduled Tasks' folder 2010-04-19 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34] 2010-04-30 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 19:54] 2010-04-29 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-09-18 06:07] 2010-04-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-05 23:41] 2010-04-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-05 23:41] 2010-04-24 c:\windows\Tasks\Norton AntiVirus - Scan my computer - HP_Owner.job - c:\progra~1\NORTON~1\Navw32.exe [2004-06-05 00:47] 2010-04-29 c:\windows\Tasks\Norton Security Scan for HP_Owner.job - c:\program files\Norton Security Scan\Norton Security Scan\Engine\2.7.0.52\Nss.exe [2009-12-14 17:50] 2009-10-26 c:\windows\Tasks\Symantec NetDetect.job - c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2004-08-08 08:38] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop mStart Page = hxxp://www.yahoo.com mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop uInternet Settings,ProxyOverride = *.local IE: Add To HP Organize... - c:\progra~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 TCP: {BE5D41CD-F293-49A3-AE83-D6E457EE854F} = 192.168.1.1 FF - ProfilePath - c:\documents and settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\czpymh0y.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p= FF - plugin: c:\documents and settings\HP_Owner\Local Settings\Application Data\Yahoo!\BrowserPlus\2.6.0\Plugins\npybrowserplus_2.6.0.dll FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, truec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr ef", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); . - - - - ORPHANS REMOVED - - - - HKCU-Run-cdloader - c:\documents and settings\HP_Owner\Application Data\mjusbsp\cdloader2.exe HKLM-Run-VTTimer - VTTimer.exe AddRemove-NVIDIA GART Driver - c:\windows\system32\nvugart.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-16 18:52 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2010-05-16 18:59:39 ComboFix-quarantined-files.txt 2010-05-16 23:59 Pre-Run: 87,619,112,960 bytes free Post-Run: 88,651,038,720 bytes free - - End Of File - - B1BFE2AE32B560FE95BCBB75DA467991
  5. I'm not in Safe mode either. I made sure of that.
  6. Also, I cannot update the Malware bytes software because of whatever is effecting everything else to not be able to update.
  7. I unistalled Mcafee although both Norton and Mcafee are expired and I had planned on using AVG Free but it wouldn't update. Whenever I go to uninstall something using Add/Remove programs I get this error: The Windows Installer service could not be accessed this can occur if you are running windows in safe mode, or if the windows installer program is not installed correctly. Like I said before, this isn't my computer, and as far as I can tell, it has a lot of unnecessary things running and random crap that just shouldn't be here.
  8. I had a similar problem with my own computer around a year ago, so when my friends computer did the same thing I figured I'd come back here like before for help. Her's isn't as bad as mine, she can't update any virus programs and she can't login to any social networking site such as facebook and twitter. Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4052 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 5/13/2010 7:33:17 PM mbam-log-2010-05-13 (19-33-17).txt Scan type: Quick scan Objects scanned: 135868 Time elapsed: 15 minute(s), 46 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 34 Files Infected: 80 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\PopSwatr (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\PopSwatr\History (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\101x135 (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> No action taken. C:\Program Files\Hotbar (Adware.Hotbar) -> No action taken. C:\Program Files\iWon (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonBar (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonBar\History (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonBar\Settings (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\1.bin (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache (Adware.iWon) -> No action taken. C:\Program Files\MyGlobalSearch (Adware.MyWebSearch) -> No action taken. C:\Program Files\MyGlobalSearch\bar (Adware.MyWebSearch) -> No action taken. C:\Program Files\MyGlobalSearch\bar\History (Adware.MyWebSearch) -> No action taken. C:\Program Files\MyGlobalSearch\bar\Settings (Adware.MyWebSearch) -> No action taken. C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken. C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken. C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken. C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken. C:\Program Files\NewDotNet (Adware.NewDotNet) -> No action taken. C:\Program Files\Screensavers.com (Adware.Comet) -> No action taken. C:\Program Files\Screensavers.com\Installer (Adware.Comet) -> No action taken. C:\Program Files\Screensavers.com\Installer\bin (Adware.Comet) -> No action taken. C:\Program Files\Screensavers.com\Installer\Ready (Adware.Comet) -> No action taken. C:\Program Files\Screensavers.com\Installer\temp (Adware.Comet) -> No action taken. C:\Program Files\Screensavers.com\Installer\Upload (Adware.Comet) -> No action taken. C:\Program Files\Screensavers.com\Wallpaper (Adware.Comet) -> No action taken. C:\Program Files\webHancer (Adware.WebHancer) -> No action taken. C:\Program Files\webHancer\Programs (Adware.WebHancer) -> No action taken. C:\Program Files\whInstall (Adware.WebHancer) -> No action taken. Files Infected: C:\Program Files\FunWebProducts\PopSwatr\History\allowed (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\PopSwatr\History\notallow (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\00E1B501.urr (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\00E3AEFC.urr (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\00E3C999.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\00E5C171.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\080F6DF9.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\081000E3.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\0810A2A1.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\0812059C.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\0A58D467.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\0A596A3E.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\0A5A9AEE.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\0A5BEF24.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\0A5E86A7.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\0A5EEE6A.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\0A5FE7AE.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\0A6918E4.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\0A698AB9.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\wrkparam.lst (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\101x135\00E3C999.jpg (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\101x135\080F6DF9.jpg (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\101x135\081000E3.jpg (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\101x135\0810A2A1.jpg (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\ScreenSaver\Images\101x135\0812059C.jpg (Adware.MyWebSearch) -> No action taken. C:\Program Files\FunWebProducts\Shared\0041375F.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\iWon\iWonBar\History\search (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\PM3.ico (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\1.bin\IWONSLOT.DLL (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\1.bin\PM3.ICO (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\1.bin\UNINSTALL.INF (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000CEA36 (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000CECA7.bin (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000CEDD0.bin (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000CEF09.bin (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000CF031.bin (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000CF14B.bin (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000CF264.bin (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000CF36E.bin (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000CF487.bin (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000CF5A0.bin (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000CF6E8.bin (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000CF811.bin (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000CF91B.bin (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000CFA34.bin (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000CFC28.bin (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000CFE4B.bin (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000CFF74.wav (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000D010A.wav (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000D0417.wav (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\000D0511.wav (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\0017A95F (Adware.iWon) -> No action taken. C:\Program Files\iWon\iWonSlot\Cache\files.ini (Adware.iWon) -> No action taken. C:\Program Files\MyGlobalSearch\bar\History\search (Adware.MyWebSearch) -> No action taken. C:\Program Files\MyWebSearch\bar\History\search (Adware.MyWebSearch) -> No action taken. C:\Program Files\MyWebSearch\bar\History\search2 (Adware.MyWebSearch) -> No action taken. C:\Program Files\MyWebSearch\bar\Settings\prevcfg.htm (Adware.MyWebSearch) -> No action taken. C:\Program Files\MyWebSearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> No action taken. C:\Program Files\MyWebSearch\bar\Settings\setting2.htm.bak (Adware.MyWebSearch) -> No action taken. C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\MyWebSearch\bar\Settings\settings.dat.bak (Adware.MyWebSearch) -> No action taken. C:\Program Files\MyWebSearch\bar\Settings\settings.htm (Adware.MyWebSearch) -> No action taken. C:\Program Files\MyWebSearch\bar\Settings\settings.htm.bak (Adware.MyWebSearch) -> No action taken. C:\Program Files\MyWebSearch\bar\Settings\s_bfeats.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken. C:\Program Files\NewDotNet\readme.html (Adware.NewDotNet) -> No action taken. C:\Program Files\Screensavers.com\Installer\bin\iebyterange.xml (Adware.Comet) -> No action taken. C:\Program Files\Screensavers.com\Installer\bin\iebyterange.xml.backup (Adware.Comet) -> No action taken. C:\Program Files\Screensavers.com\Installer\bin\siuninst.exe (Adware.Comet) -> No action taken. C:\Program Files\Screensavers.com\Wallpaper\swpstart.exe (Adware.Comet) -> No action taken. C:\Program Files\webHancer\Programs\license.txt (Adware.WebHancer) -> No action taken. C:\Program Files\webHancer\Programs\readme.txt (Adware.WebHancer) -> No action taken. C:\Program Files\webHancer\Programs\sporder.dll (Adware.WebHancer) -> No action taken. C:\Program Files\webHancer\Programs\whagent.ini (Adware.WebHancer) -> No action taken. C:\Program Files\whInstall\license.txt (Adware.WebHancer) -> No action taken. C:\Program Files\whInstall\readme.txt (Adware.WebHancer) -> No action taken. C:\Program Files\whInstall\whAgent.ini (Adware.WebHancer) -> No action taken. C:\WINDOWS\Temp\startdrv.exe (Trojan.Downloader) -> No action taken. C:\2.tmp (Trojan.Agent) -> No action taken. C:\4.tmp (Trojan.Agent) -> No action taken. DDS (Ver_10-03-17.01) - NTFSx86 Run by HP_Owner at 19:50:30.18 on Thu 05/13/2010 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_16 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.213 [GMT -5:00] AV: Norton AntiVirus *On-access scanning enabled* (Updated) {B5510F6F-87E1-47F7-A411-360BC453007C} FW: Norton Personal Firewall *enabled* {825036E0-9F94-4752-8789-8B92454AF49B} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe c:\Program Files\Common Files\Symantec Shared\ccProxy.exe c:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\lxdqcoms.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\system32\wuauclt.exe C:\windows\system\hpsysdrv.exe C:\WINDOWS\system32\hphmon06.exe C:\HP\KBD\KBD.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\ALCXMNTR.EXE C:\WINDOWS\system32\igfxtray.exe C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Lexmark Z2400 Series\lxdqMsdMon.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSCNo.exe C:\Documents and Settings\HP_Owner\Desktop\dds.scr C:\WINDOWS\system32\wuauclt.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.yahoo.com uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q404&bd=pavilion&pf=desktop uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop mDefault_Page_URL = hxxp://www.yahoo.com mStart Page = hxxp://www.yahoo.com mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop uInternet Settings,ProxyOverride = *.local BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: CNisExtBho Class: {9ecb9560-04f9-4bbc-943d-298ddf1699e1} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll BHO: CNavExtBho Class: {bdf3e430-b101-42ad-a544-fadc6b084872} - c:\program files\norton antivirus\NavShExt.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - c:\program files\yontoo layers client\YontooIEClient.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll TB: HP view: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} - c:\program files\hp\digital imaging\bin\HPDTLK02.dll TB: Norton AntiVirus: {42cdd1bf-3ffb-4238-8ad1-7859df00b1d6} - c:\program files\norton antivirus\NavShExt.dll TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe" uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe uRun: [cdloader] "c:\documents and settings\hp_owner\application data\mjusbsp\cdloader2.exe" MAGICJACK uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [HPHUPD06] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe mRun: [HPHmon06] c:\windows\system32\hphmon06.exe mRun: [KBD] c:\hp\kbd\KBD.EXE mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE mRun: [VTTimer] VTTimer.exe mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [AGRSMMSG] AGRSMMSG.exe mRun: [PS2] c:\windows\system32\ps2.exe mRun: [AlcxMonitor] ALCXMNTR.EXE mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [lxdqmon.exe] "c:\program files\lexmark z2400 series\lxdqmon.exe" mRun: [lxdqamon] "c:\program files\lexmark z2400 series\lxdqamon.exe" mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\minima~1.lnk - c:\program files\broderbund\mavis beacon teaches typing 12 standard\MiniMavis.exe IE: Add To HP Organize... - c:\progra~1\hewlet~1\hporga~1\bin\core.hp.main\SendTo.html IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: {BE5D41CD-F293-49A3-AE83-D6E457EE854F} = 192.168.1.1 Notify: igfxcui - igfxsrvc.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\hp_owner\applic~1\mozilla\firefox\profiles\czpymh0y.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p= FF - plugin: c:\documents and settings\hp_owner\local settings\application data\yahoo!\browserplus\2.6.0\plugins\npybrowserplus_2.6.0.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, truec:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr ef", true); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); ============= SERVICES / DRIVERS =============== R?2 ccProxy;Symantec Network Proxy;c:\program files\common files\symantec shared\ccProxy.exe [2003-12-9 218232] R1 SAVRT;SAVRT;c:\program files\norton antivirus\savrt.sys [2003-11-7 308416] R1 SAVRTPEL;SAVRTPEL;c:\program files\norton antivirus\Savrtpel.sys [2003-11-7 37056] R2 lxdq_device;lxdq_device;c:\windows\system32\lxdqcoms.exe -service --> c:\windows\system32\lxdqcoms.exe -service [?] R2 navapsvc;Norton AntiVirus Auto Protect Service;c:\program files\norton antivirus\navapsvc.exe [2004-6-4 174208] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2009-11-13 92008] R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20040625.019\NAVENG.Sys [2004-8-8 68168] R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20040625.019\NavEx15.Sys [2004-8-8 600264] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-5 135664] S4 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2003-12-9 255096] S4 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\ccPwdSvc.exe [2003-12-9 87160] S4 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2003-12-9 234616] S4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232] S4 SAVScan;SAVScan;c:\program files\norton antivirus\SAVScan.exe [2003-11-7 193816] =============== Created Last 30 ================ 2010-05-14 00:44:01 0 ----a-w- c:\documents and settings\hp_owner\defogger_reenable 2010-05-14 00:41:22 0 d-----w- c:\program files\Trend Micro 2010-05-14 00:15:09 0 d-----w- c:\docume~1\hp_owner\applic~1\Malwarebytes 2010-05-14 00:15:01 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-05-14 00:15:00 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-05-14 00:15:00 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-14 00:15:00 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2010-04-27 17:03:02 0 d-----w- c:\docume~1\alluse~1\applic~1\McAfee Security Scan 2010-04-27 17:02:48 0 d-----w- c:\program files\McAfee Security Scan ==================== Find3M ==================== 2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-02-25 06:24:37 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-17 14:10:28 2189952 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-16 13:25:04 2066816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2005-09-25 02:46:56 774144 ----a-w- c:\program files\RngInterstitial.dll 2009-08-04 13:13:39 0 --sha-w- c:\windows\sminst\HPCD.sys 2009-06-29 01:35:12 245760 --sha-w- c:\windows\system32\config\systemprofile\ietldcache\index.dat 2009-06-29 01:35:12 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009062820090629\index.dat ============= FINISH: 19:51:28.57 =============== I have a Hijack This log also if someone needs it. Attach.zip ark.zip
  9. This solved my connection problems. Something so simple. Thank you very much!
  10. I ran Malwarebytes last night, and after it removed everything and I restarted my computer I was unable to connect to the internet. I'm currently using a friend's laptop to transfer logs and such. The computer is running Vista and I'm connecting through a wireless connection which is working fine since I'm using it for this laptop also. I have Norton 360 installed on the computer and it's up to date and working fine. I've been reading up on this problem and trying to fix it myself before getting help, and i've run a couple programs including the Winsock Fix. When I run LSP Fix I get an error that says "Winsock 2 Registry Key (HKEY_LOCAL_MACHINES\System\CurrentControlSet\Services\Winsock2\Parameters) is missing or could not be accessed." So I'm guessing the problem does have something to do with Winsock. This is the log from when I ran Malwarebytes: Malwarebytes' Anti-Malware 1.40 Database version: 2636 Windows 6.0.6001 Service Pack 1 8/17/2009 11:23:30 PM mbam-log-2009-08-17 (23-23-30).txt Scan type: Quick Scan Objects scanned: 94857 Time elapsed: 4 minute(s), 21 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 5 Registry Values Infected: 0 Registry Data Items Infected: 12 Folders Infected: 0 Files Infected: 4 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\gamevancetext.linker (Adware.Gamevance) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\gamevancetext.linker.1 (Adware.Gamevance) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\HeroCodecSoft (Trojan.DNSChanger) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\gxvxc (Rootkit.Agent) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.183,85.255.112.204 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3b5407b0-4f14-4f71-a77a-ecbf8f4ce083}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.183,85.255.112.204 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3b5407b0-4f14-4f71-a77a-ecbf8f4ce083}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.183,85.255.112.204 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5aa7b5b5-c565-4d08-9b10-40d80f8b55fe}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.183,85.255.112.204 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.183,85.255.112.204 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{3b5407b0-4f14-4f71-a77a-ecbf8f4ce083}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.183,85.255.112.204 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{3b5407b0-4f14-4f71-a77a-ecbf8f4ce083}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.183,85.255.112.204 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{5aa7b5b5-c565-4d08-9b10-40d80f8b55fe}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.183,85.255.112.204 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.183,85.255.112.204 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{3b5407b0-4f14-4f71-a77a-ecbf8f4ce083}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.183,85.255.112.204 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{3b5407b0-4f14-4f71-a77a-ecbf8f4ce083}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.183,85.255.112.204 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{5aa7b5b5-c565-4d08-9b10-40d80f8b55fe}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.183,85.255.112.204 -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: C:\Users\Josh\AppData\Local\Temp\caorsmnxwe.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Users\Josh\AppData\Local\Temp\wnarmxcose.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Windows\system\svchost.exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Windows\System32\gxvxccounter (Trojan.DNSChanger) -> Quarantined and deleted successfully. And the log from HijackThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:58:01 AM, on 8/18/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Razer\Lycosa\razerhid.exe C:\Program Files\Razer\DeathAdder\razerhid.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Windows\System32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\ehome\ehtray.exe C:\Users\Josh\Program Files\DNA\btdna.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Razer\DeathAdder\razerofa.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [dscactivate] c:\dell\dsca.exe 3 O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Lycosa] "C:\Program Files\Razer\Lycosa\razerhid.exe" O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WLAN Optimizer] C:\Users\Josh\Desktop\wopt009\WLAN Optimizer\SilentStart.exe 0 O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Users\Josh\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...k.cab102118.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\Windows\system32\AstSrv.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11527 bytes Thanks for the help in advance!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.