ComboFix Logfile 2 of 2
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\activextest.bat
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\Music\Level01.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\Music\Level01B.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_ALARM01.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_ALARM02.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_ALARM03.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_ANYLOOP.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_BONUS100.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_BUMPSCENERY01.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_BUMPSWEET01.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_BUTTONCLICK.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_CASCADEGOOD.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_COMBOGOOD.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_FAILED.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_FIREWOOSH01.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_KATEHURRAY01.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_KATEHURRAY02.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_KEYSTROKE.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_LAUNCHERDOWN.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_POP01.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_PRODUCTION01.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_PUREWIND.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_PUSHERBONUS.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_PUSHERPOP.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_ROLLINGEND.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_ROLLINGLOOP.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_ROLLINGSTART.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_SHERBETDONE.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_SHUFFLE.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_SUCKEREND.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_SUCKERLOOP.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_SUCKERSTART.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_SWAP.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_TRANSITION.ogg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\arcadepanel.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\dialog.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\fullscreendialoglocal.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\infodialog.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\longdialog.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\panel.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\screenshots.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\submitdialog.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\textfield.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\yesnodialog.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowdown_down.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowdown_over.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowdown_up.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowleft_down.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowleft_over.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowleft_up.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowright_down.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowright_over.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowright_up.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowup_down.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowup_over.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowup_up.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\buttondown.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\buttonrollover.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\buttonup.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\checkdown.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\checkup.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\choosenamedown.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\choosenameover.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\long_button_down.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\long_button_over.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\long_button_up.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\sliderknob.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\sliderknobover.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\sliderrail.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\cursor\cursor.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\cursor\nocursor.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\fonts\main.mvec
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Comic\Intros.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Comic\TipWindow.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\FX\FX_Flame.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\FX\FX_Hot.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\FX\FX_PowerUp.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\FX\FX_Ring.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\FX\FX_Sherbet.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\FX\FX_Steam.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\FX\FX_SugarFloor.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\FX\FX_White.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach01_PistonA.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach01A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach02_RingA.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach02A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach03_HammerA.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach03A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach04_CrankA.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach04A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach05A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach06_CrossA.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach06_PistonA.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach06A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach07A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach08A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach09A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Mixers\MixerBase01A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Mixers\MixerBase02A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Mixers\MixerTop01A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Mixers\MixerTop01B.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Mixers\MixerTop02A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Mixers\MixerTop02B.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleBase.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleDoor.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleHead.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleHead2.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleHole.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleHoleA.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleHoleB.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleHurray1.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleHurray2.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleKateAhead.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleKateFire.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleKateLeft.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleKateRight.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleSling.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleSlingA.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleTop.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleTunnel.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Sucker\SuckerTop.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Sucker\SuckerWind.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Textures\Glass\Glass01.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Textures\Ingredients\Ingredient02.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Textures\Machines\Mach02A.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Textures\Walls\Wall02.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Vats\Vat01A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Vats\Vat01B.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Vats\Vat01C.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Vents\Joints\JointCross01A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Vents\Joints\JointStraight01A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Vents\Vent01.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Walls\Wall01A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Walls\Wall01B.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Walls\Wall02A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Walls\Wall02B.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Walls\Wall03A.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Walls\Wall03B.mesh
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Channels\Channel06.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Channels\ChannelShadow.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Channels\InsChannel.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Floors\Floor01.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Pusher\Pusher.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Pusher\PusherBang.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Pusher\PusherWheel.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Shadows\Shadow01.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Shadows\Shadow02.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetA.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetC.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetC_S.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetG.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetG_S.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetH.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetP.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetP_S.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetPUs.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetR.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetR_S.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetS.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetS_S.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetShine.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Vat\MacLight01.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Vat\VatPipes01.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\UI\InGame\PUDialog.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\UI\Instructions\InstBackdrop.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\UI\Instructions\SweetTypes.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\UI\Loading\LoadingBar.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\UI\Loading\LoadingScreen.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\UI\MainMenu\MainMenuScreen.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\UI\Pointers\InGameHole.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\UI\Pointers\InGamePointer.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\hiscore\global-hs-bb_large.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\hiscore\global-hs-bb_small.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\hiscore\hi.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\hiscore\local-hs-bb.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\hiscore\p1icon.png
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A01.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A02.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A03.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A04.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A05.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A06.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A07.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A08.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A09.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A10.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C01.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C02.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C03.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C04.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C05.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C06.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C07.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C08.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C09.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C10.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\TestPlay.lev
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Pages\Complete.Pag
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Pages\CPaused.Pag
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Pages\Ins.Pag
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Pages\MoreInfo.Pag
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Pages\TIP_K1.Pag
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Pages\Tip_L1C.Pag
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Pages\Tip_L1D.Pag
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Pages\Tip_L1E.Pag
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Pages\Tip_L5A.Pag
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\arcade.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\chooseplayer.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\complete.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\continue.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\credits.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\entername.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\game.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\hiscore.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\hiscoreinfo.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\hiscoresubmit.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\instructions.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\loading.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\mainloop.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\mainmenu.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\moreinfo.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\ok.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\options.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\pause.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\pieye.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\style.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\yesno.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Splash\PiEyeGames_logo.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Splash\playfirst_aol_logo.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Splash\playfirst_logo.jpg
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\strings.xml
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\xsellstyle.lua
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\EULA.txt
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\readme.htm
C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\Sweetopia.exe
C:\WINDOWS\system32\actskn43.ocx
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\edNVuBeg.ini
C:\WINDOWS\system32\edNVuBeg.ini2
C:\WINDOWS\system32\f3PSSavr.scr
C:\WINDOWS\system32\FTPx.dll
C:\WINDOWS\system32\lphce6oj0e369.exe
C:\WINDOWS\system32\MabryObj.dll
C:\WINDOWS\system32\mtybklgy.dll
C:\WINDOWS\system32\oYJiOXyb.ini
C:\WINDOWS\system32\oYJiOXyb.ini2
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\pthreadVC.dll
C:\WINDOWS\system32\qmghsplp.ini
C:\WINDOWS\system32\qohtaviq.ini
C:\WINDOWS\system32\qvfmtddq.dll
C:\WINDOWS\system32\rcnjhy.dll
C:\WINDOWS\system32\rctpqtwe.dll
C:\WINDOWS\system32\seddze.dll
C:\WINDOWS\system32\txbjbz.dll
C:\WINDOWS\system32\uvxavekn.dll
C:\WINDOWS\system32\uwmtudnv.ini
C:\WINDOWS\system32\whhxstcs.dll
C:\WINDOWS\system32\wpcap.dll
C:\WINDOWS\system32\xmbkoxma.ini
C:\WINDOWS\system32\xwwFOqru.ini
C:\WINDOWS\system32\xwwFOqru.ini2
C:\WINDOWS\system32\yvyndjyw.dll
C:\WINDOWS\system32\zzenlt.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_MYWEBSEARCHSERVICE
-------\Legacy_NPF
-------\Service_MyWebSearchService
-------\Service_NPF
((((((((((((((((((((((((( Files Created from 2008-07-11 to 2008-08-11 )))))))))))))))))))))))))))))))
.
2008-08-10 16:43 . 2008-08-10 16:43 <DIR> d-------- C:\Deckard
2008-08-10 14:36 . 2008-08-10 14:45 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-08-09 12:21 . 2008-08-09 12:23 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-08-09 12:20 . 2008-08-09 12:20 <DIR> dr-h----- C:\MSOCache
2008-08-02 23:03 . 2008-08-02 23:05 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2008-08-01 23:07 . 2008-08-01 23:07 <DIR> d-------- C:\Documents and Settings\Brenda Leigh\Application Data\acccore
2008-08-01 23:04 . 2008-08-01 23:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\acccore
2008-08-01 09:02 . 2008-08-11 11:22 150 --a------ C:\WINDOWS\system32\mhncache.dat
2008-07-31 21:46 . 2008-07-31 21:46 118,784 --------- C:\WINDOWS\system32\phylbpho.dll_old
2008-07-30 23:52 . 2008-07-30 23:52 <DIR> d-------- C:\Documents and Settings\Brenda Leigh\Application Data\Amaranth Games
2008-07-30 03:16 . 2008-07-30 03:16 0 --a------ C:\WINDOWS\PhantomOfVenice.INI
2008-07-29 23:19 . 2008-07-29 23:19 <DIR> d-------- C:\Program Files\LeeGTs Games
2008-07-28 01:20 . 2008-07-28 01:20 <DIR> d-------- C:\Documents and Settings\Brenda Leigh\Application Data\SulusGames
2008-07-27 21:28 . 2008-07-28 21:08 <DIR> d-------- C:\Program Files\Diet Analysis Plus 8.0
2008-07-24 00:05 . 2008-07-25 14:15 <DIR> d-------- C:\Program Files\DivX
2008-07-23 15:21 . 2008-07-23 15:21 <DIR> d-------- C:\Program Files\Shock Utility
2008-07-23 15:20 . 2008-07-23 15:20 65,536 --a------ C:\WINDOWS\IFinst27.exe
2008-07-22 16:55 . 2008-07-30 18:48 <DIR> d--h----- C:\WINDOWS\FlyakiteOSX
2008-07-22 16:55 . 2004-08-10 07:00 218,624 --a------ C:\WINDOWS\system32\uxtheme.backup
2008-07-21 14:12 . 2008-07-21 14:12 <DIR> d-------- C:\Documents and Settings\Brenda Leigh\Application Data\blg
2008-07-21 14:12 . 2008-07-21 14:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\blg
2008-07-20 12:03 . 2008-07-20 12:03 <DIR> d-------- C:\Program Files\Bonjour
2008-07-18 13:38 . 2008-07-18 13:38 <DIR> d-------- C:\WINDOWS\system32\runtime
2008-07-18 13:38 . 2008-08-04 18:40 <DIR> d-------- C:\Program Files\Norton Security Scan
2008-07-18 13:37 . 2008-08-11 03:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-07-11 17:03 . 2008-07-11 17:03 <DIR> d-------- C:\Documents and Settings\Brenda Leigh\Application Data\ViquaSoft
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-11 15:27 --------- d-----w C:\Program Files\Symantec AntiVirus
2008-08-11 03:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-08-09 21:40 --------- d-----w C:\Documents and Settings\Brenda Leigh\Application Data\SPORE Creature Creator
2008-08-05 22:49 --------- d-----w C:\Program Files\Apple Software Update
2008-08-03 03:08 --------- d-----w C:\Program Files\Common Files\AOL
2008-08-03 01:01 33,280 ----a-w C:\WINDOWS\system32\rundll32.exe
2008-08-03 00:17 --------- d-----w C:\Program Files\iTunes
2008-08-03 00:16 --------- d-----w C:\Program Files\iPod
2008-07-31 03:52 --------- d-----w C:\Documents and Settings\Brenda Leigh\Application Data\PlayFirst
2008-07-31 03:51 --------- d-----w C:\Program Files\PlayFirst
2008-07-30 06:11 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-30 05:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-07-26 06:11 --------- d-----w C:\Program Files\Trillian
2008-07-22 21:19 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll
2008-07-19 17:03 --------- d-----w C:\Program Files\QuickTime
2008-07-18 17:38 --------- d-----w C:\Program Files\Google
2008-07-07 02:06 --------- d-----w C:\Program Files\MusicBrainz Picard
2008-07-07 00:50 --------- d-----w C:\Documents and Settings\Brenda Leigh\Application Data\Ludia
2008-07-07 00:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ludia
2008-07-05 15:21 --------- d-----w C:\Documents and Settings\Brenda Leigh\Application Data\Viewpoint
2008-07-02 02:35 --------- d-----w C:\Program Files\Safari
2008-06-30 03:29 --------- d-----w C:\Program Files\AIM
2008-06-27 17:11 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-27 17:02 --------- d--h--r C:\Documents and Settings\Brenda Leigh\Application Data\SecuROM
2008-06-27 16:42 3,056 ----a-w C:\WINDOWS\system32\ealregsnapshot1.reg
2008-06-25 19:16 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-06-25 19:16 --------- d-----w C:\Program Files\Common Files\xing shared
2008-06-25 19:16 --------- d-----w C:\Program Files\Common Files\Real
2008-06-23 23:17 --------- d-----w C:\Documents and Settings\Brenda Leigh\Application Data\skypePM
2008-06-23 23:17 --------- d-----w C:\Documents and Settings\Brenda Leigh\Application Data\Skype
2008-06-21 04:02 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-06-21 04:01 --------- d-----w C:\Program Files\Electronic Arts
2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-18 17:52 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-06-17 02:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-06-13 13:10 272,128 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-05 01:18 0 ----a-w C:\Program Files\temp01
2008-03-25 21:50 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2006-06-18 00:36 774,144 -c--a-w C:\Program Files\RngInterstitial.dll
2006-03-15 04:37 251 -c--a-w C:\Program Files\wt3d.ini
2004-11-30 20:23 40,960 -c----r C:\Program Files\delete.exe
2007-11-15 20:05 89,088 ----a-w C:\Program Files\mozilla firefox\plugins\atl71.dll
2007-11-15 20:05 53,248 ----a-w C:\Program Files\mozilla firefox\plugins\boost_filesystem-vc71-mt-1_33_1.dll
2007-11-15 20:05 499,712 ----a-w C:\Program Files\mozilla firefox\plugins\msvcp71.dll
2007-11-15 20:05 348,160 ----a-w C:\Program Files\mozilla firefox\plugins\msvcr71.dll
2007-11-15 20:05 110,592 ----a-w C:\Program Files\mozilla firefox\plugins\v22_base.dll
2007-11-15 20:05 114,688 ----a-w C:\Program Files\mozilla firefox\plugins\v22_compression.dll
2007-11-15 20:05 106,496 ----a-w C:\Program Files\mozilla firefox\plugins\v22_connect.dll
2007-11-15 20:05 229,376 ----a-w C:\Program Files\mozilla firefox\plugins\v22_update.dll
2007-11-15 20:05 196,608 ----a-w C:\Program Files\mozilla firefox\plugins\v22_utility.dll
2007-11-15 20:05 159,744 ----a-w C:\Program Files\mozilla firefox\plugins\v22_winapplib.dll
2004-08-10 11:00 60,416 --sha-w C:\WINDOWS\FlyakiteOSX\Backup\msimn.exe
2004-10-13 16:24 1,694,208 --sha-w C:\WINDOWS\FlyakiteOSX\Backup\msmsgs.exe
2004-08-10 11:00 60,416 --sha-w C:\WINDOWS\system32\dllcache\msimn.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-10 07:00 158208]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Google Updater"="C:\Program Files\Google\Google Updater\GoogleUpdater.exe" [2008-07-18 13:37 137712]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
2004-09-07 18:08 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll txbjbz.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=C:\WINDOWS\pss\Bluetooth.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Updater.lnk
backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Last.fm Helper.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Last.fm Helper.lnk
backup=C:\WINDOWS\pss\Last.fm Helper.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Brenda Leigh^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=C:\Documents and Settings\Brenda Leigh\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Brenda Leigh^Start Menu^Programs^Startup^Last.fm Helper.lnk]
path=C:\Documents and Settings\Brenda Leigh\Start Menu\Programs\Startup\Last.fm Helper.lnk
backup=C:\WINDOWS\pss\Last.fm Helper.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Brenda Leigh^Start Menu^Programs^Startup^PowerReg Scheduler.exe]
path=C:\Documents and Settings\Brenda Leigh\Start Menu\Programs\Startup\PowerReg Scheduler.exe
backup=C:\WINDOWS\pss\PowerReg Scheduler.exeStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Brenda Leigh^Start Menu^Programs^Startup^Registration Myst V]
path=C:\Documents and Settings\Brenda Leigh\Start Menu\Programs\Startup\Registration Myst V
backup=C:\WINDOWS\pss\Registration Myst VStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
--a------ 2006-08-01 15:35 67112 C:\PROGRA~1\AIM\aim.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
--a------ 2004-09-13 18:33 155648 C:\Program Files\Apoint\Apoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
--a------ 2008-07-10 09:47 116040 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
--a--c--- 2005-08-05 23:05 344064 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BuildBU]
--a--c--- 2005-12-08 04:58 61440 c:\dell\bldbubg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
--a--c--- 2004-02-29 16:44 66680 C:\Program Files\Common Files\Symantec Shared\ccApp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-10 07:00 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
--a--c--- 2005-09-01 19:24 684032 C:\Program Files\Dell\QuickSet\quickset.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellHelp]
--a--c--- 2004-04-01 17:51 1589248 C:\dell\DellHelp\DellHelp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
--a------ 2005-05-15 04:04 332800 C:\Program Files\Dell Support\DSAgnt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
--------- 2006-04-06 10:51 49152 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
--a--c--- 2005-09-29 16:01 67584 C:\WINDOWS\ehome\ehtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
--a------ 2006-11-13 13:39 1289000 C:\Program Files\Microsoft ActiveSync\wcescomm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
--a--c--- 2004-10-30 16:59 385024 C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
--a--c--- 2005-06-10 12:44 81920 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-07-30 10:47 289064 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
--a------ 2007-05-17 17:45 279912 C:\Program Files\Microsoft LifeCam\LifeExp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--ahs---- 2004-10-13 12:24 1694208 C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]
--a------ 2007-07-13 16:01 169264 C:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
--a--c--- 2003-05-08 11:00 49152 C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
--a------ 2008-06-25 15:16 214560 C:\Program Files\Real\RealPlayer\realplay.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2008-02-01 17:22 21898024 C:\Program Files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StumbleUpon Alerter]
--a------ 2006-11-13 13:39 1289000 C:\Program Files\Microsoft ActiveSync\wcescomm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-09-25 02:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
--a--c--- 2006-06-05 18:09 100056 C:\PROGRA~1\SYMNET~1\SNDMon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\System Files Updater]
--a------ 2006-02-25 19:41 118485 C:\WINDOWS\FlyakiteOSX\Tools\System Files Updater.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-06-25 15:16 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2007-12-03 14:21 3461120 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray]
--a--c--- 2004-03-12 15:18 124128 C:\PROGRA~1\SYMANT~1\VPTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX3000]
--a------ 2007-04-10 17:46 709992 C:\WINDOWS\vVX3000.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a--c--- 2006-04-03 18:12 777424 C:\Program Files\Windows Defender\MSASCui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
--a------ 2004-08-04 00:56 110592 C:\WINDOWS\system32\bthprops.cpl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Bonjour Service"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
"CiSvc"=3 (0x3)
"BthServ"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"=
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"=
"C:\\Program Files\\Trillian\\trillian.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"C:\\Program Files\\MusicBrainz Picard\\picard.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\outlook.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader
"6881:TCP"= 6881:TCP:Bliz DL
"6999:TCP"= 6999:TCP:Bliz DL1
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R2 Viewpoint Service;Viewpoint Service;C:\Program Files\Viewpoint\Common\ViewpointService.exe [2008-04-04 13:10]
S3 hamachi_oem;PlayLinc Adapter;C:\WINDOWS\system32\DRIVERS\gan_adapter.sys [2006-10-19 10:45]
S4 Maxtor Sync Service;Maxtor Service;C:\Program Files\Maxtor\Sync\SyncServices.exe [2007-07-13 16:02]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
\Shell\AutoRun\command - E:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58603df3-b1aa-11dc-9494-001422e5619d}]
\Shell\AutoRun\command - .\Encryption Tool\MaxtorEncryption.exe
.
Contents of the 'Scheduled Tasks' folder
2008-08-07 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe []
2007-12-31 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe []
.
- - - - ORPHANS REMOVED - - - -
BHO-{00F153D7-3974-4FE5-B893-BA04DA1C088b} - C:\WINDOWS\system32\phylbpho.dll
BHO-{4F68DC11-F2A8-49AF-8E73-157AA881CD58} - C:\WINDOWS\system32\byXOiJYo.dll
BHO-{B3B9FFDA-0EDD-4D8E-8720-1B50B484D625} - C:\WINDOWS\system32\urqOFwwx.dll
BHO-{C5D6DE3A-3BA3-43E5-AA02-0E3DE625648A} - C:\WINDOWS\system32\geBuVNde.dll
Notify-WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
Notify-awttTMcA - awttTMcA.dll
Notify-urqNETmJ - urqNETmJ.dll
MSConfigStartUp-9051aef9 - C:\WINDOWS\system32\qivathoq.dll
MSConfigStartUp-ares - C:\Program Files\Ares\Ares.exe
MSConfigStartUp-BM93629d65 - C:\WINDOWS\system32\uunkrdmb.dll
MSConfigStartUp-Chameleon Calendar - C:\Program Files\Chameleon Calendar\chamcal.exe
MSConfigStartUp-dla - C:\WINDOWS\system32\dla\tfswctrl.exe
MSConfigStartUp-Extreme Messenger for AIM - C:\Program Files\Extreme Messenger\ExtremeMessenger.exe
MSConfigStartUp-Google Desktop Search - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
MSConfigStartUp-HostManager - C:\Program Files\Common Files\AOL\1135483041\ee\AOLSoftware.exe
MSConfigStartUp-igndlm - C:\Program Files\IGN\Download Manager\DLM.exe
MSConfigStartUp-iSproggler - C:\Documents and Settings\Brenda Leigh\Desktop\iSproggler\iSproggler.exe
MSConfigStartUp-ISUSPM Startup - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
MSConfigStartUp-lphce6oj0e369 - C:\WINDOWS\system32\lphce6oj0e369.exe
MSConfigStartUp-My Web Search Bar Search Scope Monitor - C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
MSConfigStartUp-MySpaceIM - C:\Program Files\MySpace\IM\MySpaceIM.exe
MSConfigStartUp-MyWebSearch Email Plugin - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
MSConfigStartUp-MyWebSearch Plugin - C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL
MSConfigStartUp-OE_OEM - C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe
MSConfigStartUp-pccguide - C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
MSConfigStartUp-QBReminderFlash - C:\Program Files\Intuit\QuickBooks 2005\Atom\QBReminder.exe
MSConfigStartUp-SDTray - C:\Program Files\Spyware Doctor\SDTrayApp.exe
MSConfigStartUp-SMrhca6oj0e369 - C:\Program Files\rhca6oj0e369\rhca6oj0e369.exe
MSConfigStartUp-Uniblue RegistryBooster 2 - C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
MSConfigStartUp-updateMgr - C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
MSConfigStartUp-WeatherWatcher - C:\Program Files\Weather Watcher\ww.exe
MSConfigStartUp-Yahoo! Pager - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Brenda Leigh\Application Data\Mozilla\Firefox\Profiles\vgvcrxsh.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://mail.google.com/mail/#inbox
FF -: plugin - C:\Program Files\Google\Google Updater\2.2.1273.1045\npCIDetect12.dll
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npff_gdm.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPinfotl.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npracplug.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npunagi2.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPView22.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
FF -: plugin - C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
FF -: plugin - C:\Program Files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF -: plugin - C:\Program Files\view22\version_4\NPView22.dll
FF -: plugin - C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-11 11:37:12
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\PSSdk23]
"ImagePath"="\??\C:\WINDOWS\system32\Drivers\PsSdk23.drv"
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Dell\NicConfigSvc\NicConfigSvc.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\msdtc.exe
.
**************************************************************************
.
Completion time: 2008-08-11 11:47:59 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-11 15:47:07
Pre-Run: 11,939,758,080 bytes free
Post-Run: 12,091,994,112 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /fastdetect /NoExecute=OptIn
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
1265 --- E O F --- 2008-08-11 03:58:50