Zedo popups and taskbar/desktop icons disappearing

[powertrip19]

I think they are taking over my computer. I have run Spybot and Kaspersky and the popups have stopped, but now when I access the web I get a warning of a registry change that I have been denying. Here is my Hijack Log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:38:31 AM, on 2/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Hijack This\HiJackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [b82fa147] rundll32.exe "C:\WINDOWS\system32\yosrffii.dll",b
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - ?p=ZCxdm565YYUS
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://aolsvc.aol.com/onlinegames/tr...2.1.0.0.48.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1201044033453
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://games.myway.com/games/gamehou...utLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolsvc.aol.com/onlinegames/be...ploader_v7.cab
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/41/...l/gtdownde.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4392C871-AC54-4A9D-96D3-752F135D8084}: NameServer = 151.164.14.201 68.94.157.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4392C871-AC54-4A9D-96D3-752F135D8084}: NameServer = 151.164.14.201 68.94.157.1
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

--
End of file - 10130 bytes


Thanks for any help with this issue.

[powertrip19]

Kaspersky was too large submitting first half only

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, February 07, 2008 7:47:33 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 7/02/2008
Kaspersky Anti-Virus database records: 553665
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\

Scan Statistics:
Total number of scanned objects: 135600
Number of viruses found: 39
Number of infected objects: 162
Number of suspicious objects: 1
Duration of the scan process: 02:02:53

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3ad391678a806ec4d691e83aaa393b6f_50e417e0-e461-474b-96e2-077b80325612 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\41448f635f011545cdac2810a951959c_50e417e0-e461-474b-96e2-077b80325612 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e87841f1b15ddf7722dd5cb7a25f8d99_50e417e0-e461-474b-96e2-077b80325612 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\Bill\Application Data\GTek\GTUpdate\AUpdate\DellSupport\DSAgnt.log Object is locked skipped
C:\Documents and Settings\Bill\Application Data\GTek\GTUpdate\AUpdate\DellSupport\DSAgnt_GTActions.log Object is locked skipped
C:\Documents and Settings\Bill\Application Data\GTek\GTUpdate\AUpdate\DellSupport\gdql_d_DSAgnt.log Object is locked skipped
C:\Documents and Settings\Bill\Application Data\GTek\GTUpdate\AUpdate\DellSupport\glog.log Object is locked skipped
C:\Documents and Settings\Bill\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfg.class-2b6e75fc-1de2b512.class Infected: Trojan-Downloader.Java.OpenStream.y skipped
C:\Documents and Settings\Bill\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfg.class-37d0245a-1b54713e.class Infected: Trojan-Downloader.Java.OpenStream.y skipped
C:\Documents and Settings\Bill\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfg.class-415bbcf4-2ca276e7.class Infected: Trojan-Downloader.Java.OpenStream.y skipped
C:\Documents and Settings\Bill\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfg.class-4ee51477-15526e2b.class Infected: Trojan-Downloader.Java.OpenStream.y skipped
C:\Documents and Settings\Bill\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfg.class-51e6b0d7-17dbd52a.class Infected: Trojan-Downloader.Java.OpenStream.y skipped
C:\Documents and Settings\Bill\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfg.class-5a8a5bd2-4193a78a.class Infected: Trojan-Downloader.Java.OpenStream.y skipped
C:\Documents and Settings\Bill\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-12104d67-649c6499.zip/BnnnnBaa.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Documents and Settings\Bill\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-12104d67-649c6499.zip/VaannnaaBaa.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Documents and Settings\Bill\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-12104d67-649c6499.zip/Bnnnnn.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Documents and Settings\Bill\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-12104d67-649c6499.zip ZIP: infected - 3 skipped
C:\Documents and Settings\Bill\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-1447de7b-768acdc7.zip/BnnnnBaa.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Documents and Settings\Bill\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-1447de7b-768acdc7.zip/VaannnaaBaa.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Documents and Settings\Bill\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-1447de7b-768acdc7.zip/Bnnnnn.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Documents and Settings\Bill\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-1447de7b-768acdc7.zip ZIP: infected - 3 skipped
C:\Documents and Settings\Bill\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-3ad601a5-52ee109b.zip/vmain.class Infected: Exploit.Java.Gimsh.b skipped
C:\Documents and Settings\Bill\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-3ad601a5-52ee109b.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Bill\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SUPERANTISPYWARE.LOG Object is locked skipped
C:\Documents and Settings\Bill\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\Bill\Desktop\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Bill\Desktop\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Bill\Desktop\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Bill\Desktop\SmitfraudFix.exe RarSFX: infected - 2 skipped
C:\Documents and Settings\Bill\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb Object is locked skipped
C:\Documents and Settings\Bill\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Bill\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Bill\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\Bill\Local Settings\Temporary Internet Files\Content.IE5\EPCTD6WY\index[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\Bill\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Bill\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Bill\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Cindy\Local Settings\Temporary Internet Files\Content.IE5\2KTL7B7V\SmileyCentralFWBInitialSetup1.0.0.15[1].cab/f3Setup1.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.aw skipped
C:\Documents and Settings\Cindy\Local Settings\Temporary Internet Files\Content.IE5\2KTL7B7V\SmileyCentralFWBInitialSetup1.0.0.15[1].cab CAB: infected - 1 skipped
C:\Documents and Settings\Cindy\Local Settings\Temporary Internet Files\Content.IE5\NGPL3WS0\ad-sp2-fastclick[1].swf Infected: not-virus:Hoax.SWF.Alerter.a skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\U7WXA5I7\upgrade[1].cab/upgrade.exe/stream/data0001 Infected: Backdoor.Win32.Agent.aqr skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\U7WXA5I7\upgrade[1].cab/upgrade.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\U7WXA5I7\upgrade[1].cab/upgrade.exe/stream Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\U7WXA5I7\upgrade[1].cab/upgrade.exe Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\U7WXA5I7\upgrade[1].cab CAB: infected - 4 skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Tyler\Local Settings\Temp\asmfiles.cab/asm.exe Infected: not-a-virus:AdWare.Win32.Altnet.l skipped
C:\Documents and Settings\Tyler\Local Settings\Temp\asmfiles.cab/asmps.dll Infected: not-a-virus:AdWare.Win32.Altnet.t skipped
C:\Documents and Settings\Tyler\Local Settings\Temp\asmfiles.cab CAB: infected - 2 skipped
C:\Documents and Settings\Tyler\Local Settings\Temp\bliF21.tmp\blinksetup.exe/stream/data0005 Infected: Backdoor.Win32.Agent.aqr skipped
C:\Documents and Settings\Tyler\Local Settings\Temp\bliF21.tmp\blinksetup.exe/stream/data0006 Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\Documents and Settings\Tyler\Local Settings\Temp\bliF21.tmp\blinksetup.exe/stream Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\Documents and Settings\Tyler\Local Settings\Temp\bliF21.tmp\blinksetup.exe NSIS: infected - 3 skipped
C:\Documents and Settings\Tyler\Local Settings\Temporary Internet Files\Content.IE5\6TCFAPSX\myspacegraphicsfree[1].exe/WISE0075.BIN Infected: Trojan-Downloader.Win32.Agent.hym skipped
C:\Documents and Settings\Tyler\Local Settings\Temporary Internet Files\Content.IE5\6TCFAPSX\myspacegraphicsfree[1].exe/WISE0076.BIN Infected: Trojan-Downloader.Win32.Agent.hym skipped
C:\Documents and Settings\Tyler\Local Settings\Temporary Internet Files\Content.IE5\6TCFAPSX\myspacegraphicsfree[1].exe/WISE0077.BIN Infected: Trojan-Downloader.Win32.Agent.hym skipped
C:\Documents and Settings\Tyler\Local Settings\Temporary Internet Files\Content.IE5\6TCFAPSX\myspacegraphicsfree[1].exe WiseSFX: infected - 3 skipped
C:\Documents and Settings\Tyler\Local Settings\Temporary Internet Files\Content.IE5\6TCFAPSX\myspacegraphicsfree[1].exe WiseSFXDropper: infected - 3 skipped
C:\Documents and Settings\Tyler\Local Settings\Temporary Internet Files\Content.IE5\A93WT4RE\counter21[1].htm Infected: Trojan-Downloader.VBS.Agent.p skipped
C:\Documents and Settings\Tyler\Local Settings\Temporary Internet Files\Content.IE5\NNHJ3908\index[5].htm Infected: Trojan-Clicker.JS.Linker.h skipped
C:\Documents and Settings\Tyler\Local Settings\Temporary Internet Files\Content.IE5\OBNBQ09P\webcams[1].htm Infected: Trojan-Clicker.JS.Linker.h skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsys.dll Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\AVApp.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\AVError.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\AVVirus.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00BE5C45 Infected: not-a-virus:AdWare.Win32.MySearch.e skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\01163FC9 Infected: Trojan.Win32.Dialer.ay skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\016A56A2 Infected: Trojan-Downloader.Java.OpenStream.y skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\01C945D7 Infected: Trojan-Downloader.Win32.Small.bpk skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\05D17F1D Infected: not-a-virus:AdTool.Win32.MyWebSearch.o skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A0E09C0 Infected: Trojan-Downloader.Win32.Small.ayl skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0EF62E5F.class Infected: Trojan-Downloader.Java.OpenConnection.ah skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\19B86742 Infected: Trojan.Win32.Dialer.ay skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AFE069F.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AFE069F.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AFE069F.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AFE069F.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AFE069F.zip ZIP: infected - 4 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AFE069F.zip CryptFF: infected - 4 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2BDC2DAB.class Infected: Trojan.Java.ClassLoader.ak skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\436616C1 Infected: Trojan.Win32.Dialer.ay skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\436940BD Infected: Trojan.Win32.Dialer.ay skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\46A84206 Infected: Trojan.Win32.LowZones.dn skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4FD667BF Infected: Trojan.Win32.Dialer.ay skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\51665A35 Infected: Trojan.Win32.LowZones.dn skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\51BD6A0B Infected: Trojan-Downloader.Java.OpenStream.y skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\58CC3073 Infected: Trojan-Downloader.Win32.Small.ayl skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5A6029E0 Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5E8A1046 Infected: SpamTool.Win32.Small.r skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\61DA6A20 Infected: not-a-virus:AdWare.Win32.404Search.h skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\62F37092/mySetp.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.o skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\62F37092 CAB: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\62F37092 CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7C1D64FF Suspicious: Exploit.VBS.Phel skipped
C:\Program Files\Super Fast Shutdown\shutdown.exe Infected: not-a-virus:RiskTool.Win32.Shutdown.c skipped
C:\RECYCLER\NPROTECT\25095836 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25095851 Infected: not-a-virus:AdWare.Win32.Virtumonde.bxc skipped
C:\RECYCLER\NPROTECT\25095865 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25095867 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25095870 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25095873 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25095875 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25095884 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25095891 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25095901 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25095928 Infected: not-a-virus:AdWare.Win32.Virtumonde.edw skipped
C:\RECYCLER\NPROTECT\25095935 Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\RECYCLER\NPROTECT\25095947 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25095964 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25095997 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096013 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096018 Infected: not-a-virus:AdWare.Win32.Virtumonde.eby skipped
C:\RECYCLER\NPROTECT\25096020 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096025 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096050 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096064 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096066 Infected: not-a-virus:AdWare.Win32.Virtumonde.bxc skipped
C:\RECYCLER\NPROTECT\25096089 Infected: not-a-virus:Downloader.Win32.WinFixer.l skipped
C:\RECYCLER\NPROTECT\25096090 Infected: not-a-virus:AdWare.Win32.Virtumonde.gip skipped
C:\RECYCLER\NPROTECT\25096095 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096119 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096123 Infected: not-a-virus:Downloader.Win32.WinFixer.l skipped
C:\RECYCLER\NPROTECT\25096174 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096182 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096197 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096198 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096202 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096225 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096228 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096239 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096240 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096248 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096251 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096256 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096258 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096264 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096269 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096289 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096315 Infected: not-a-virus:AdWare.Win32.Virtumonde.ebw skipped
C:\RECYCLER\NPROTECT\25096336 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096352 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\RECYCLER\NPROTECT\25096358.DLL Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped

[Blade81]

Hi

1. Download this file -
combofix.exe to your desktop.
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your
next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause
it to stall

[powertrip19]

Blade81,

Thanks for the assistance, it is certainly appreciated. Here is my log (in the next 3 posts.)

ComboFix 08-02-13.2 - Bill 2008-02-12 17:56:14.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.590 [GMT -6:00]
Running from: C:\Documents and Settings\Bill\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\mljjj.dll
C:\Documents and Settings\Bill\Application Data\DriveCleaner 2006 Free
C:\Documents and Settings\Bill\Application Data\DriveCleaner 2006 Free\Logs\update.log
C:\Documents and Settings\Bill\err.log
C:\install.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\accessories\dirty_dishes.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\accessories\foodtray.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\accessories\heart1.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\accessories\heart2.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\accessories\heart3.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\accessories\menu_down.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\accessories\menu_up.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\accessories\mop_prop.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\accessories\ticket.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\music\cafe\cafe_music_a1.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\music\cafe\cafe_music_a2.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\music\cafe\cafe_music_a3.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\music\cafe\cafe_music_a4.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\music\mainmenumusic.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\baby_cry.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\chef_cook1.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\closing_time.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\customer_ditch.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\dialog_down.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\dialog_up.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\drink_table.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\expert.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\highchair_deliver.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\highchair_pickup.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\keystroke2.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\level_lose.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\level_win.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\menu_click.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\menu_rollover.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\mop_pickup.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\mop_spill.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_bring_check_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_dropoff_drinks_1.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_food_ready_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_gain_heart_1.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_menu_down.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_pencil_write_2.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_seat_people_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\spill.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\table_drink.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\audio\sfx\tip_2.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\flo_lose.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\flo_win.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\fullscreendialog.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\high_score_menu_bg.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\levelintro.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\levelintro.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\levelover.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\longdialog.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\longdialog.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\mainmenu.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\mainmenu_logo.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\popup.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\popup.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\textfield.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\backgrounds\upgrade_lines.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\arrowdown_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\arrowdown_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\arrowdown_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\arrowup_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\arrowup_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\arrowup_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\checkbox_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\checkbox_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\checkbox_rotated_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\checkbox_rotated_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\decor_highlight.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\decor_normal.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\decor_selected.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_large_1.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_large_2.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_large_3.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_small_1.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_small_2.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_small_3.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a1.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a2.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a3.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\left_arrow_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\left_arrow_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\left_arrow_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\main_menu_button1_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\main_menu_button1_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\main_menu_button1_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\main_menu_button1_mask.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\main_menu_button2_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\main_menu_button2_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\main_menu_button2_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\main_menu_button2_mask.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\map_button_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\map_button_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\map_button_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\right_arrow_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\right_arrow_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\right_arrow_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\upgrade_down.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\upgrade_over.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\upgrade_up.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\buttons\welcome_player.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\config\actionpoints.bin
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\config\career.bin
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\config\customer.bin
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\config\endless.bin
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\config\global.bin
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\config\powerups.bin
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\cook\stove.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\cursor\arrow.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\cursor\click.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\cursor\click2.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\cursor\grab.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\cursor\open.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\dad_male\anim.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\dad_male\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\dad_male\blue.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\dad_male\blue_legs.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\dad_male\legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\dad_male\red.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\dad_male\red_legs.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\kid_male\anim.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\kid_male\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\kid_male\blue.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\kid_male\blue_legs.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\kid_male\legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\kid_male\red.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\kid_male\red_legs.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\anim.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\baby.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\baby.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\blue.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\blue_baby.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\blue_legs.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\red.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\red_baby.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\mom_female\red_legs.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\young_female\anim.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\young_female\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\young_female\blue.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\young_female\blue_legs.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\young_female\legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\young_female\red.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\customers\young_female\red_legs.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\flo\idle.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\flo\idle.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\flo\lower.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\flo\lower.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\flo\upper.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\flo\upper.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\fonts\mercurius.mvec
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\bench.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\bench.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\blue_highchairbaby.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\chair.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\chair.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\dirt2top.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\dirt4top.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\dishcart.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\dishcart.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\green_highchairbaby.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\highchair_prop_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\highchair_prop_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\highchairbaby.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\highchairbaby.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\luxury_bench.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\luxury_bench.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\mop_station_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\mop_station_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\mop_station_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\podium.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\podium_heart.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\podium_heart.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\purple_highchairbaby.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\radio.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\red_highchairbaby.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\spill.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\spill.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\stereo.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\ticketstation.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\ticketstation.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\furniture\yellow_highchairbaby.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\family.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help_dividerline.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help1_colormatch1.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help1_colormatch2.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help1_noise.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help1_score.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help2_cleardishes.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help2_givecheck.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help2_pickupfood.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help2_servefood.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\help\help2_takeorder.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\hiscore\local-hs-bb.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\hiscore\p1icon.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\career_1_1.bin
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\career_1_2.bin
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\career_1_3.bin
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\career_1_4.bin
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\career_1_5.bin
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\career_1_6.bin
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\endless_1_1.bin

[powertrip19]

C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\endless_1_1_a.bin
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\endless_1_1_b.bin
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\layouts\endless_1_1_c.bin
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\playfirstlogo.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\background.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\blue.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\green.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\green.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\grey.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\red.pal
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\food\cup1.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\food\food.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\food\food.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\frames\2_0.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\frames\2_1.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\furniture\drinkstation1_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\furniture\drinkstation1_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\furniture\drinkstation1_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\people\cook.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\people\cook.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\props\cup_prop1.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\tables\2top.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\tables\2top.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\tables\4top.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\tables\4top.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\upgrade_icons\cafe_icon_2_0.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\upgrade_icons\cafe_icon_2_1.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\cafe\upgrades.xml
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\restaurants\tableshadow.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\careerupgrade.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\choosedifficulty.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\closeconfirm.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\entername.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\game.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\getmoregames.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\help1.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\help2.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\hiscore.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\hiscoreinfo.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\hiscoresubmit.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\levelintro.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\levelover.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\loading.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\mainloop.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\mainmenu.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\ok.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\pause.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\style.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\upgrade.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\upsell.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\scripts\yesno.lua
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\splash\aol_logo.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\splash\playfirst_logo.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\strings.xml
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\angersmoke.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\angersmoke.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\bubbles\request_bubble.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\bubbles\request_mop.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\bubbles\request_rejectmeal.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\chairflags.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\chairflags.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\check.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\checkmark.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\closed.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\coinflip.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\coinflip.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\decor_lines.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\dollar.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\expert.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\foodpoof.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\foodpoof.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\heartgrow.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\heartgrow.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\jar.anm
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\jar.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\lives_icon.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\noisering.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_d.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_e.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_f.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\tablenumber_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\tablenumber_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\traynumber.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\tutorialarrow.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\tutorialbox.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\ui_base.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\ui_hand.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\ui_timer_off.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\ui_timer_on.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgradeanim.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_bench_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_bench_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_bench_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_drink_station1_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_drink_station1_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_drink_station1_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_luxury_bench_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_luxury_bench_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_luxury_bench_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_oven_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_oven_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_oven_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_podium_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_podium_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_podium_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_powerbars_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_powerbars_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_powerbars_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_radio_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_radio_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_radio_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_stereo_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_stereo_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_stereo_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_table_a.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_table_b.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_table_c.png
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\upsell\dd1.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\upsell\dd2.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\upsell\dd3.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\assets\upsell\dd4.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48\dinerdash2.exe
C:\WINDOWS\SYSTEM32\agowfpnx.ini
C:\WINDOWS\SYSTEM32\ahgjkayw.ini
C:\WINDOWS\SYSTEM32\dvtboxso.ini
C:\WINDOWS\SYSTEM32\eagsiqlb.ini
C:\WINDOWS\system32\ehtexmom.dll
C:\WINDOWS\SYSTEM32\ekummtpe.ini
C:\WINDOWS\SYSTEM32\etfnddhl.ini
C:\WINDOWS\SYSTEM32\fhsxnkya.ini
C:\WINDOWS\SYSTEM32\fnuedlfb.ini
C:\WINDOWS\SYSTEM32\hghfhuuq.ini
C:\WINDOWS\SYSTEM32\hjhdhhdp.ini
C:\WINDOWS\SYSTEM32\hwljsems.ini
C:\WINDOWS\SYSTEM32\iiffrsoy.ini
C:\WINDOWS\SYSTEM32\ipchbvnt.ini
C:\WINDOWS\SYSTEM32\jjjlm.ini
C:\WINDOWS\SYSTEM32\jjjlm.ini2
C:\WINDOWS\SYSTEM32\jmobyopr.ini
C:\WINDOWS\SYSTEM32\lgscmdhq.ini
C:\WINDOWS\SYSTEM32\lvpvnlwh.ini
C:\WINDOWS\SYSTEM32\mkuukwkf.ini
C:\WINDOWS\system32\mljjj.dll
C:\WINDOWS\SYSTEM32\momxethe.ini
C:\WINDOWS\SYSTEM32\nftwxefv.ini
C:\WINDOWS\SYSTEM32\omhhdius.ini
C:\WINDOWS\SYSTEM32\oqoxmswa.ini
C:\WINDOWS\SYSTEM32\pmaicjxt.ini
C:\WINDOWS\SYSTEM32\pttnnuai.ini
C:\WINDOWS\SYSTEM32\rthfghwf.ini
C:\WINDOWS\SYSTEM32\somaktxd.ini
C:\WINDOWS\system32\system
C:\WINDOWS\system32\system\msxml4.dll
C:\WINDOWS\system32\system\msxml4r.dll
C:\WINDOWS\SYSTEM32\tcnwqcge.ini
C:\WINDOWS\SYSTEM32\tjbunwxk.ini
C:\WINDOWS\SYSTEM32\ucijavdv.ini
C:\WINDOWS\system32\vfexwtfn.dll
C:\WINDOWS\SYSTEM32\vwldkbbe.ini
C:\WINDOWS\SYSTEM32\wffhyeuv.ini
C:\WINDOWS\SYSTEM32\wrqdlpsc.ini
C:\WINDOWS\system32\xnpfwoga.dll
C:\WINDOWS\SYSTEM32\yyigqnfg.ini

.
((((((((((((((((((((((((( Files Created from 2008-01-14 to 2008-02-14 )))))))))))))))))))))))))))))))
.

2008-02-12 17:18 . 2008-02-12 17:18 <DIR> d-------- C:\WINDOWS\LastGood.Tmp
2008-02-07 17:34 . 2008-02-07 17:34 <DIR> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2008-02-07 17:34 . 2008-02-07 17:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-02-07 01:50 . 2008-02-07 01:52 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-02-07 01:50 . 2008-02-07 01:50 <DIR> d-------- C:\Documents and Settings\Bill\Application Data\SUPERAntiSpyware.com
2008-02-07 01:50 . 2008-02-07 01:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-02-07 01:49 . 2008-02-07 01:49 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-06 21:49 . 2008-02-08 01:38 <DIR> d-------- C:\Program Files\Hijack This
2008-01-27 23:51 . 2008-01-27 23:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-01-27 23:50 . 2008-01-27 23:50 <DIR> d-------- C:\Program Files\Dell Support Center
2008-01-27 23:50 . 2008-01-27 23:50 <DIR> d-------- C:\Program Files\Common Files\supportsoft
2008-01-26 15:52 . 2008-01-26 15:52 <DIR> d-------- C:\Program Files\The Basketball IntelliGym
2008-01-24 18:57 . 2008-01-26 15:52 17,408 --a------ C:\psapi.dll
2008-01-23 10:42 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\SYSTEM32\mucltui.dll
2008-01-23 10:42 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\SYSTEM32\mucltui.dll.mui
2008-01-21 03:09 . 2008-01-21 03:09 <DIR> d-------- C:\WINDOWS\ERUNT
2008-01-21 03:07 . 2008-01-19 07:26 <DIR> d-------- C:\SDFix
2008-01-19 01:34 . 2008-01-19 11:35 206 --a------ C:\WINDOWS\wininit.ini
2008-01-19 00:55 . 2008-01-19 00:55 1,152 --a------ C:\WINDOWS\SYSTEM32\windrv.sys
2008-01-19 00:54 . 2008-01-19 00:54 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2008-01-19 00:53 . 2008-02-07 17:25 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-01-19 00:53 . 2008-02-07 17:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-16 17:37 . 2008-02-13 18:07 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-16 17:37 . 2008-01-16 17:37 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-16 17:36 . 2008-01-16 17:36 <DIR> d-------- C:\Program Files\iTunes
2008-01-16 17:36 . 2008-01-16 17:36 <DIR> d-------- C:\Program Files\iPod

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-07 06:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Dell
2008-02-04 04:34 --------- d-----w C:\Documents and Settings\Bill\Application Data\OpenOffice.org2
2008-01-26 12:18 --------- d-----w C:\Program Files\Norton SystemWorks
2008-01-19 07:34 --------- d-----w C:\Program Files\BearShare
2008-01-16 23:34 --------- d-----w C:\Program Files\QuickTime
2008-01-16 20:49 --------- d-----w C:\Program Files\PartyGaming
2007-12-27 07:35 --------- d-----w C:\Program Files\LimeWire
2007-12-25 15:22 --------- d-----w C:\Program Files\Common Files\Apple
2007-12-25 15:22 --------- d-----w C:\Program Files\Apple Software Update
2007-12-20 00:04 --------- d-----w C:\Documents and Settings\Bill\Application Data\BearShare
2006-08-13 00:42 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2005-11-16 04:08 201,757 ----a-w C:\Program Files\SetupCasino.exe
2005-08-24 04:43 1,683,032 ----a-w C:\Program Files\bplay08.exe
2005-06-20 06:30 2,077,424 ----a-w C:\Program Files\WindowsXP-KB894391-x86-ENU.exe
2005-04-23 01:53 297,731 ----a-w C:\Program Files\InterPoker.exe
2005-04-17 05:26 3,517,328 ----a-w C:\Program Files\PokerStarsInstall.exe
2005-04-03 21:42 5,640,192 ----a-w C:\Program Files\RoyalVegasPoker.exe

[powertrip19]

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 10:09 460784]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 10:24 1694208]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 09:23 202544]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06 1318912]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe" [2004-03-23 11:16 135168]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-05-25 21:35 335872]
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [2004-04-11 19:15 290816]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-03-15 00:04 122933]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 00:01 110592]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2005-12-12 13:37 71328]
"AcctMgr"="C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe" [2004-08-18 11:41 586896]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2005-10-07 16:07 100056]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2005-06-03 07:16 81920]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 22:46 57344]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-11-24 20:19 185896]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-01-10 15:27 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 09:24 16384]
"b82fa147"="C:\WINDOWS\system32\yosrffii.dll" [ ]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\mljjj.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk
backup=C:\WINDOWS\pss\America Online 9.0 Tray Icon.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
--a------ 2007-04-27 15:17 50736 C:\Program Files\AIM6\aim6.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
--------- 2004-04-11 10:43 53248 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelMeM]
--a------ 2003-09-03 19:12 221184 C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-01-15 03:22 267048 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
--a------ 2004-10-08 08:49 131072 C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2004-10-13 10:24 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-01-10 15:27 385024 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
--a------ 2006-11-24 20:20 214560 C:\Program Files\Real\RealPlayer\RealPlay.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rock]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SNM]
C:\Program Files\SpyNoMore\SNM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-09-25 01:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ymetray]
C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe

R3 NPDriver;Norton Unerase Protection Driver;C:\WINDOWS\system32\Drivers\NPDRIVER.SYS [2003-09-10 04:12]
S2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service []
S3 SDdriver;SDdriver;C:\WINDOWS\system32\Drivers\sddriver.sys [2003-09-10 03:58]
S3 WmaCDriverV32;WmaCDriverV32;C:\WINDOWS\system32\drivers\WmaCDriverV32.sys [2006-09-22 16:36]

.
Contents of the 'Scheduled Tasks' folder
"2008-02-06 23:20:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-02-02 11:32:16 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer.job"
- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeh/task:
"2008-02-08 23:30:10 C:\WINDOWS\Tasks\Norton SystemWorks One Button Checkup.job"
- C:\Program Files\Norton SystemWorks\OBC.exe
"2008-02-10 06:00:00 C:\WINDOWS\Tasks\Symantec Drmc.job"
- C:\Program Files\Common Files\Symantec Shared\SymDrmc.exe
"2008-02-14 00:07:46 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-13 18:08:16
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\WINDOWS\SoftwareDistribution\Download\Install\Windows-KB890830-V1.38-delta.exe
c:\a4b911fe81cb84042f81f84fb3\mrtstub.exe
C:\WINDOWS\system32\MRT.exe
.
**************************************************************************
.
Completion time: 2008-02-13 18:19:04 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-14 00:18:57
.
2008-01-22 07:42:44 --- E O F ---

[Blade81]

Hi


Disable Spybot's TeaTimer

• Run Spybot-S&D in Advanced Mode
• If it is not already set to do this, go to the Mode menu
  select
  Advanced Mode
  
• On the left hand side, click on Tools
• Then click on the Resident icon in the list
• Uncheck
  Resident TeaTimer
  and OK any prompts.
• Restart your computer

Start hjt, do a system scan, check (if found):
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [b82fa147] rundll32.exe "C:\WINDOWS\system32\yosrffii.dll",b

Close browsers and other windows. Click fix checked.

Open notepad and copy/paste the text in the quotebox below into it:

Code:

Folder::
C:\SDFix

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"b82fa147"=-

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
Authentication Packages=hex(7):6d,73,76,31,5f,30,00,00

Save this as
CFScript




Refering to the picture above, drag CFScript into ComboFix.exe


Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.


Run Kaspersky online scanner again and post its report (as an attachment if too long to fit), combofix log and a fresh hjt log.

[powertrip19]

ComboFix Log

[powertrip19]

Kaspersky Log

[powertrip19]

OK the Kaspersky Log is too large, what now.