Page 5 of 14 FirstFirst 123456789 ... LastLast
Results 41 to 50 of 136

Thread: Can't run HJT

  1. #41
    Senior Member
    Join Date
    Jul 2009
    Posts
    101

    Default

    Didn't seem to have any trouble running...YEA!

    Here's the combofix log - I had to put it in more than one post.


    ComboFix 09-09-02.02 - Mary 09/03/2009 8:54.1.1 - NTFSx86
    Running from: c:\documents and settings\Mary\Desktop\ComboFix3.exe
    * Created a new restore point
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\Mary\Application Data\EurekaLog
    c:\documents and settings\Mary\My Documents\ZbThumbnail.info
    c:\program files\Common
    c:\program files\Common\helper.sig
    c:\program files\GetModule
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\accessories\cup.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\accessories\customer_cup.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\accessories\heart.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\accessories\menu_down.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\accessories\menu_up.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\accessories\plates.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\accessories\ticket.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\accessories\tray.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\music\mainmenumusic.ogg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_bring_check_1_snd.ogg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_deliver_order_1_snd.ogg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_diner.ogg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_food_ready_1_snd.ogg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_gain_heart_1.ogg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_pencil_write_2.ogg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_rollover_1.ogg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\audio\sfx\sfx_seat_people_snd.ogg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\choosedifficulty.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\credits.jpg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\flo_lose.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\flo_win.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\help1.jpg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\help2.jpg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\highscores.jpg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\levelintro.jpg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\levelintro_mask.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\levelover.jpg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\levelover_mask.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\mainmenu.jpg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\popup.jpg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\popup_mask.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\upgradegrid.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\upgradetitle.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\backgrounds\upsell.jpg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\arrowleft_blue.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\arrowleft_yellow.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\arrowright_blue.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\arrowright_yellow.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\back_blue.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\back_yellow.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\backchalk.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\backchalkup.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\backtomenu_blue.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\backtomenu_yellow.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\cancel.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\cancelup.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\career.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\career_over.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\close.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\closeup.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\continue.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\continueover.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\credits_blue.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\credits_yellow.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\download_blue.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\download_yellow.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\easy.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\easy_over.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\endlessshift.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\endlessshift_over.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\hard.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\hard_over.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\help.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\help_over.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\highscores.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\highscores_over.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\instructions_blue.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\instructions_yellow.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\letsplay.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\letsplayover.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\medium.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\medium_over.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\moreinfo.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\moreinfoup.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\off.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\off_on.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\on.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\on_on.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\pause.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\pauseover.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\quit.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\quitgame.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\quitgameover.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\quitover.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\resumegame.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\resumegameover.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\submit.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\submitup.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\tryagain.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\tryagainover.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\upgrade_over.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\upgrade_up.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\viewglobal.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\viewglobalup.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\viewhighscore.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\viewhighscoreon.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\viewlocal.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\buttons\viewlocalup.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\comics\webcomic.jpg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\config\career.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\config\customer.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\config\endless.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\config\global.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\config\powerups.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\cook\cook.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\cook\cook.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\cook\stove.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\cursor\arrow.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\cursor\click.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\cursor\click2.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\cursor\grab.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\cursor\open.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\anim.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\blue\anim.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\blue\anim.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\blue\sit_legs.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\green\anim.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\green\anim.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\green\sit_legs.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\purple\anim.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\purple\anim.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\purple\sit_legs.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\red\anim.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\red\anim.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\red\sit_legs.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\yellow\anim.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\yellow\anim.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\old_male\yellow\sit_legs.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\anim.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\blue\anim.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\blue\anim.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\blue\sit_legs.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\green\anim.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\green\anim.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\green\sit_legs.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\purple\anim.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\purple\anim.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\purple\sit_legs.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\red\anim.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\red\anim.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\red\sit_legs.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\yellow\anim.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\yellow\anim.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\customers\young_female\yellow\sit_legs.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\flo\idle.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\flo\idle.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\flo\lower.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\flo\lower.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\flo\upper.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\flo\upper.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\fonts\arial.mvec
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\fonts\komikaaxis.mvec
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\chair.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\chair.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\dirt2top.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\dirt4top.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\dishcart.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\dishcart.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\drinkstation_off.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\drinkstation_on1.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\drinkstation_on2.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\ticketstation.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\furniture\ticketstation.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\arrowdown.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\arrowdownon.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\arrowleft.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\arrowlefton.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\arrowright.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\arrowrighton.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\arrowup.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\arrowupon.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\p1icon.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\textedit.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\hiscore\title.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_1.txt
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_1_a.txt
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_1_b.txt
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_1_c.txt
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_2.txt
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_2_a.txt
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_2_b.txt
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_2_c.txt
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_2_d.txt
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_3.txt
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_3_a.txt
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_3_b.txt
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_3_c.txt
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\endless_1_3_d.txt
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\fifth_level_diner.txt
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\first_level_diner.txt
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\fourth_level_diner.txt
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\layouts\second_level_diner.txt
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\playfirst_logo.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\background.jpg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\food\food1.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\food\food1.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\food\food2.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\food\food2.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\food\food3.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\food\food3.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\frames\upgrade_0001.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\tables\2top.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\tables\2top.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\tables\4top.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\tables\4top.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\diner\upgrades.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\restaurants\tableshadow.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\choosedifficulty.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\chooseplayer.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\chooserestaurant.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\credits.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\game.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\gothighscore.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\help.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\help2.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\hiscore.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\hiscoreinfo.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\hiscoresubmit.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\levelintro.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\levelover.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\loading.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\mainloop.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\mainmenu.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\ok.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\pause.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\style.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\tutorialintro.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\upgrade.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\upsell.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\webcomic.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\scripts\yesno.lua
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\splash\aol_logo.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\splash\gamelabsplash.jpg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\splash\playfirst_logo.jpg
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\strings.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\angersmoke.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\angersmoke.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\chairflags.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\chairflags.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\check.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\checkmark.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\clock.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\closed.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\closingtime.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\coinflip.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\coinflip.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\dollar.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\doodles\coffee.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\doodles\tables.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\doodles\wallpaper.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\expert.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\expertscore.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\foodpoof.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\foodpoof.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\fork_timer.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\goalcompleted.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\heartgrow.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\heartgrow.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\jar.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\jar.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\level.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\level_career.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\score.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\sound.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\staroff.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\staron.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\tablenumber.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\tablenumberup.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\traynumber.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\tutorial_character.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\tutorialarrow.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\tutorialbox.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\upgradeanim.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\upgradeanim.xml
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\upgrades\drinks.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\upgrades\maitred.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\upgrades\oven.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\upgrades\select.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\upgrades\shoes.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\upgrades\stereo.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\assets\ui\upgrades\table.png
    c:\windows\Downloaded Program Files\DinerDash.1.0.0.89\dinerdash.exe

  2. #42
    Senior Member
    Join Date
    Jul 2009
    Posts
    101

    Default

    combofix log continued:


    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\dirty_dishes.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\foodtray.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\heart1.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\heart2.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\heart3.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\menu_down.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\menu_up.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\mop_prop.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\accessories\ticket.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\cafe\cafe_music_a1.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\cafe\cafe_music_a2.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\cafe\cafe_music_a3.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\cafe\cafe_music_a4.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\music\mainmenumusic.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\baby_cry.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\chef_cook1.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\closing_time.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\customer_ditch.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\dialog_down.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\dialog_up.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\drink_table.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\expert.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\highchair_deliver.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\highchair_pickup.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\keystroke2.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\level_lose.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\level_win.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\menu_click.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\menu_rollover.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\mop_pickup.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\mop_spill.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_bring_check_1_snd.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_dropoff_drinks_1.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_food_ready_1_snd.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_gain_heart_1.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_menu_down.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_pencil_write_2.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\sfx_seat_people_snd.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\spill.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\table_drink.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\audio\sfx\tip_2.ogg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\flo_lose.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\flo_win.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\fullscreendialog.jpg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\high_score_menu_bg.jpg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\levelintro.jpg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\levelintro.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\levelover.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\longdialog.jpg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\longdialog.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\mainmenu.jpg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\mainmenu_logo.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\popup.jpg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\popup.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\textfield.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\backgrounds\upgrade_lines.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowdown_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowdown_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowdown_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowup_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowup_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\arrowup_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\checkbox_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\checkbox_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\checkbox_rotated_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\checkbox_rotated_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\decor_highlight.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\decor_normal.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\decor_selected.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_large_1.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_large_2.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_large_3.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_small_1.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_small_2.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a_small_3.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a1.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a2.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\dialog_button_a3.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\left_arrow_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\left_arrow_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\left_arrow_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button1_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button1_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button1_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button1_mask.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button2_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button2_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button2_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\main_menu_button2_mask.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\map_button_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\map_button_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\map_button_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\right_arrow_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\right_arrow_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\right_arrow_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\upgrade_down.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\upgrade_over.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\upgrade_up.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\buttons\welcome_player.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\actionpoints.bin
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\career.bin
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\customer.bin
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\endless.bin
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\global.bin
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\config\powerups.bin
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cook\stove.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\arrow.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\click.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\click2.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\grab.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\cursor\open.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\anim.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\anim.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\blue.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\blue_legs.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\legs.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\red.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\dad_male\red_legs.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\anim.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\anim.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\blue.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\blue_legs.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\legs.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\red.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\kid_male\red_legs.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\anim.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\anim.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\baby.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\baby.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\blue.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\blue_baby.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\blue_legs.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\legs.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\red.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\red_baby.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\mom_female\red_legs.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\anim.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\anim.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\blue.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\blue_legs.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\legs.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\red.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\customers\young_female\red_legs.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\idle.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\idle.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\lower.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\lower.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\upper.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\flo\upper.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\fonts\mercurius.mvec
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\bench.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\bench.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\blue_highchairbaby.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\chair.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\chair.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\dirt2top.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\dirt4top.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\dishcart.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\dishcart.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\green_highchairbaby.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\highchair_prop_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\highchair_prop_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\highchairbaby.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\highchairbaby.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\luxury_bench.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\luxury_bench.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\mop_station_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\mop_station_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\mop_station_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\podium.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\podium_heart.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\podium_heart.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\purple_highchairbaby.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\radio.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\red_highchairbaby.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\spill.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\spill.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\stereo.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\ticketstation.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\ticketstation.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\furniture\yellow_highchairbaby.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\family.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help_dividerline.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help1_colormatch1.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help1_colormatch2.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help1_noise.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help1_score.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_cleardishes.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_givecheck.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_pickupfood.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_servefood.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\help\help2_takeorder.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\hiscore\local-hs-bb.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\hiscore\p1icon.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_1.bin
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_2.bin
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_3.bin
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_4.bin
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_5.bin
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\career_1_6.bin
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\endless_1_1.bin
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\endless_1_1_a.bin
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\endless_1_1_b.bin
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\layouts\endless_1_1_c.bin
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\playfirstlogo.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\background.jpg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\blue.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\green.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\green.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\grey.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\chairs\red.pal
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\food\cup1.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\food\food.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\food\food.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\frames\2_0.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\frames\2_1.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\furniture\drinkstation1_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\furniture\drinkstation1_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\furniture\drinkstation1_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\people\cook.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\people\cook.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\props\cup_prop1.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\tables\2top.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\tables\2top.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\tables\4top.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\tables\4top.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\upgrade_icons\cafe_icon_2_0.jpg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\upgrade_icons\cafe_icon_2_1.jpg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\cafe\upgrades.xml
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\restaurants\tableshadow.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\careerupgrade.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\choosedifficulty.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\closeconfirm.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\entername.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\game.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\getmoregames.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\help1.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\help2.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\hiscore.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\hiscoreinfo.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\hiscoresubmit.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\levelintro.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\levelover.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\loading.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\mainloop.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\mainmenu.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\ok.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\pause.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\style.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\upgrade.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\upsell.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\scripts\yesno.lua
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\splash\aol_logo.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\splash\playfirst_logo.jpg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\strings.xml
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\angersmoke.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\angersmoke.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\bubbles\request_bubble.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\bubbles\request_mop.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\bubbles\request_rejectmeal.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\chairflags.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\chairflags.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\check.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\checkmark.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\closed.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\coinflip.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\coinflip.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\decor_lines.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\dollar.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\expert.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\foodpoof.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\foodpoof.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\heartgrow.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\heartgrow.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\jar.anm
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\jar.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\lives_icon.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\noisering.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_d.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_e.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\notes\music_boost_f.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\tablenumber_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\tablenumber_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\traynumber.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\tutorialarrow.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\tutorialbox.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\ui_base.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\ui_hand.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\ui_timer_off.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\ui_timer_on.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgradeanim.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_bench_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_bench_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_bench_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_drink_station1_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_drink_station1_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_drink_station1_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_luxury_bench_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_luxury_bench_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_luxury_bench_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_oven_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_oven_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_oven_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_podium_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_podium_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_podium_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_powerbars_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_powerbars_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_powerbars_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_radio_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_radio_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_radio_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_stereo_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_stereo_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_stereo_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_table_a.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_table_b.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\ui\upgrades\icon_table_c.png
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\upsell\dd1.jpg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\upsell\dd2.jpg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\upsell\dd3.jpg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\assets\upsell\dd4.jpg
    c:\windows\Downloaded Program Files\DinerDash2.1.0.0.55\dinerdash2.exe
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\music\mainmenumusic.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\areabomb.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\beetlezap.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\bonusrow.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\bonustimer.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\bucketfilled.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\clearpyramid.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle1a.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle1b.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle1c.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle2a.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle2b.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle2c.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\colorchain.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\dialogbox.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\drumbeat.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\fillrow.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\gateopen.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\helptip.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\powerup.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\rotateboardleft.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\timerup.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\warning.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\warning2.ogg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\artifacts-bb.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\bar.jpg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\chamber0.jpg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\chamber1.jpg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\circledoor.jpg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\full_screen_dialog.jpg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\global-hs-bb_large.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\global-hs-bb_small.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\help-bb_large.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\help-bb_small.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\hexfield.jpg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\hidden-artifact_icon.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\large_dialog.jpg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\local-hs-bb.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\mainmenu.jpg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\small_dialog.jpg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\textfield.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\backgrounds\trifield.jpg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetlehover1.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetlehover2.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetlehover3.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetlehover4.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetleshock1.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetleshock2.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetleshock3.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetleshock4.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\beetletatoo.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\dirt.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\scarabpost.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\scarabpostovr.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\beetles\tritop.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowdown_down.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowdown_over.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowdown_up.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowleft_down.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowleft_over.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowleft_up.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowright_down.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowright_over.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowright_up.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowup_down.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowup_over.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\arrowup_up.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\bluearrowleft_down.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\bluearrowleft_over.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\bluearrowleft_up.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\bluearrowright_down.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\bluearrowright_over.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\bluearrowright_up.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\checkdown.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\checkup.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\long_button_down.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\long_button_over.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\long_button_up.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\orange-button_down.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\orange-button_over.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\orange-button_up.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\rotleft_down.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\rotleft_over.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\rotleft_up.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\rotright_down.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\rotright_over.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\rotright_up.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\simplebutton_down.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\simplebutton_over.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\simplebutton_up.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\sliderknob.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\sliderknobover.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\buttons\sliderrail.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\characters\anwar\look\pl0001.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\characters\bast\look\bl0001.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\characters\kristine\look\kl0001.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\crackedstopper.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\cursor.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\doorlights.txt
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\fonts\jackarmstrong.mvec
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\fonts\lithos.mvec
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\greybomb.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\helptips\arrowkeys.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\helptips\helptip.jpg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\levels\levels.dat
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\disk.mesh
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\equilateraltriangle.mesh
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\flattri.mesh
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\pyramid.mesh
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\quad.mesh
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\rotatingpyramid.mesh
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\models\scarabpanel.mesh
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\p1icon.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\scenes\page1-0.xml
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\scenes\page1-1.xml
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\scenes\panel1-0-1.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\scenes\panel1-1-1.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\scorecloud.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\setup.xml
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\areashockwave.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\bolt_1.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\bolt_2.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\bolt_3.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\bolt_4.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\bolt_starter.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\bolt_tail.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\flash.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\rubble.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\smoke.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\smoke2.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\sfx\smoke3.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\splash\playfirst_logo.jpg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\statues\statue0\snake_dirty.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\statues\statue1\arm01_dirty.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\statues\statue1\mask01_1.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\statues\statue1\statue01_dirty.jpg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\stopper.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\timer.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\timerglow.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\timericon.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\tm.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mouseblue1.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mouseblue2.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mouseblue3.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mousegreen1.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mousegreen2.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mousegreen3.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mousered1.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mousered2.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mousered3.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mouseyellow1.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mouseyellow2.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\trails\mouseyellow3.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\areabomb.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\areabombrollover.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\blue.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\bluerollover.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\boardfill.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\brick.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\brick1.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\brick2.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\brick3.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\bricktip.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\clearanim\cleared1.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\clearanim\cleared2.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\clearanim\cleared3.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\clearanim\cleared4.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\clearanim\cleared5.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\clearanim\cleared6.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\eye1.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\eye2.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\eye3.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\eye4.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\green.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\greenrollover.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-blue.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-bluerollover.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-green.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-greenrollover.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-red.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-redrollover.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-yellow.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\plain_tri-yellowrollover.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\red.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\redrollover.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\wild.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\wildrollover.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\yellow.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\triangles\yellowrollover.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\upsell\image0.jpg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\upsell\image1.jpg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\upsell\image2.jpg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\upsell\image3.jpg
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\bluebucket.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\buckettriangle.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\chainlink.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\chaintip.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\genericbucket.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\greenbucket.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\redbucket.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\smallblue.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\smallgreen.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\smallred.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\smallyellow.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\urnglow.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\urnplatform.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\urns\yellowbucket.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\warning.png
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\error.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\game.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\gameover.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\hiscore.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\hiscoreinfo.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\hiscoresubmit.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\instructions.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\leveldesign.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\levelover.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\mainarcade.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\mainconfirm.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\maincontinue.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\maingames.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\mainpuzzle.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\maphelptip.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\options.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\pause.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\quitconfirm.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\start.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\storyplayer.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\style.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\screens\upsell.lua
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\strings.xml
    c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\TriJinx.exe
    c:\windows\Fonts\HELSM___.TTF
    c:\windows\Fonts\INK2METR.TTF
    c:\windows\Fonts\OPUSM___.TTF
    c:\windows\Installer\3759abb.msi
    c:\windows\Installer\75aa1.msp
    c:\windows\MailSwitch.ocx
    c:\windows\smdat32m.sys
    c:\windows\system32\Data
    c:\windows\system32\Data\Dump.ini
    c:\windows\wiaserviv.log

  3. #43
    Senior Member
    Join Date
    Jul 2009
    Posts
    101

    Default

    combofix continued:



    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226ED}
    -------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226EE}


    ((((((((((((((((((((((((( Files Created from 2009-08-03 to 2009-09-03 )))))))))))))))))))))))))))))))
    .

    2009-08-28 17:34 . 2009-08-28 17:34 -------- d-----w- c:\program files\Trend Micro
    2009-08-10 14:57 . 2009-08-10 14:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Citrix
    2009-08-10 14:53 . 2009-08-10 14:53 -------- d-----w- c:\program files\Citrix
    2009-08-10 14:52 . 2009-08-10 14:52 -------- d-----w- c:\documents and settings\Mary\Local Settings\Application Data\Citrix
    2009-08-10 14:52 . 2009-08-10 14:52 61224 ----a-w- c:\documents and settings\Mary\GoToAssistDownloadHelper.exe
    2009-08-10 12:11 . 2009-09-02 21:29 -------- d-----w- c:\program files\Spybot - Search & Destroy162-8-10-2009
    2009-08-07 06:35 . 2009-08-07 06:35 -------- d-----w- c:\windows\system32\XPSViewer
    2009-08-07 06:34 . 2009-08-07 06:34 -------- d-----w- c:\program files\MSBuild
    2009-08-07 06:34 . 2009-08-07 06:34 -------- d-----w- c:\program files\Reference Assemblies
    2009-08-07 06:33 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2009-08-07 06:33 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
    2009-08-07 06:33 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
    2009-08-07 06:33 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
    2009-08-07 06:33 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2009-08-07 06:33 . 2009-08-07 06:34 -------- d-----w- C:\6ac41002c281cabaddbad3
    2009-08-07 06:33 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
    2009-08-07 06:33 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
    2009-08-07 06:27 . 2009-08-07 06:27 -------- d-----w- c:\program files\MSXML 6.0
    2009-08-07 02:24 . 2009-08-07 02:24 -------- d--h--w- c:\windows\system32\GroupPolicy
    2009-08-05 14:35 . 2009-08-05 14:35 -------- d-----w- c:\documents and settings\Mary\Application Data\BitZipper
    2009-08-05 14:35 . 2009-08-05 14:36 -------- d-----w- c:\program files\BitZipper
    2009-08-04 22:02 . 2009-09-03 13:54 -------- d-----w- c:\windows\system32\CatRoot

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-09-03 01:34 . 2009-02-10 14:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2009-08-30 23:02 . 2007-01-17 14:12 -------- d-----w- c:\program files\McAfee
    2009-08-13 18:21 . 2008-11-09 03:28 -------- d-----w- c:\program files\Hawaiian Explorer Pearl Harbor
    2009-08-12 22:21 . 2008-11-09 03:30 -------- d-----w- c:\program files\Hidden Expedition Titanic
    2009-08-10 11:40 . 2009-07-22 05:12 -------- d-----w- c:\program files\Marysafetynet1
    2009-08-05 09:11 . 2002-12-12 05:14 204800 ----a-w- c:\windows\system32\mswebdvd.dll
    2009-07-30 15:03 . 2009-02-10 14:36 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2009-07-25 18:27 . 2009-07-21 17:03 -------- d-----w- c:\documents and settings\Mary\Application Data\U3
    2009-07-25 17:13 . 2009-07-24 14:25 -------- d-----w- c:\program files\fixthisthing
    2009-07-22 23:33 . 2009-07-22 21:49 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
    2009-07-22 23:32 . 2009-07-22 21:49 -------- d-----w- c:\program files\NOS
    2009-07-22 21:59 . 2003-07-28 18:20 -------- d-----w- c:\program files\Common Files\Adobe
    2009-07-22 21:53 . 2009-07-22 21:53 -------- d-----w- c:\program files\Common Files\Adobe AIR
    2009-07-17 22:54 . 2009-07-17 22:54 -------- d-----w- c:\documents and settings\Mary\Application Data\McAfee
    2009-07-17 22:54 . 2007-01-17 14:06 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
    2009-07-14 04:43 . 2004-08-04 07:56 286208 ----a-w- c:\windows\system32\wmpdxm.dll
    2009-07-11 13:20 . 2007-04-10 16:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Kodak
    2009-06-16 14:55 . 2002-08-29 10:00 82432 ----a-w- c:\windows\system32\fontsub.dll
    2009-06-16 14:55 . 2002-08-29 10:00 119808 ----a-w- c:\windows\system32\t2embed.dll
    2009-06-12 11:50 . 2002-08-29 10:00 80896 ----a-w- c:\windows\system32\tlntsess.exe
    2009-06-12 11:50 . 2002-08-29 10:00 76288 ----a-w- c:\windows\system32\telnet.exe
    .

    ------- Sigcheck -------

    [-] 2002-08-29 10:00 12800 0F7D9C87B0CE1FA520473119752C6F79 c:\windows\$NtServicePackUninstall$\svchost.exe
    [-] 2004-08-04 07:56 14336 8F078AE4ED187AAABC0A305146DE6716 c:\windows\ServicePackFiles\i386\svchost.exe
    [-] 2008-04-14 00:12 14336 27C6D03BCDB8CFEB96B716F3D8BE3E18 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\svchost.exe
    [-] 2004-08-04 07:56 14336 8F078AE4ED187AAABC0A305146DE6716 c:\windows\SYSTEM32\svchost.exe
    [-] 2004-08-04 07:56 14336 8F078AE4ED187AAABC0A305146DE6716 c:\windows\SYSTEM32\DLLCACHE\svchost.exe

    [-] 2005-03-02 18:19 577024 1800F293BCCC8EDE8A70E12B88D80036 c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
    [-] 2007-03-08 15:48 578048 7AA4F6C00405DFC4B70ED4214E7D687B c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
    [-] 2004-06-17 17:58 560128 31FB2D788A9AA618452C02E8375B6DCD c:\windows\$NtServicePackUninstall$\user32.dll
    [-] 2002-11-01 20:26 528896 68E1F4EF02DF52CA9C5E157045D23582 c:\windows\$NtUninstallKB824141$\user32.dll
    [-] 2003-09-25 16:49 560128 32173306185F603E75C477E117F3BB8D c:\windows\$NtUninstallKB840987$\user32.dll
    [-] 2004-08-04 07:56 577024 C72661F8552ACE7C5C85E16A3CF505C4 c:\windows\$NtUninstallKB890859$\user32.dll
    [-] 2005-03-02 18:09 577024 DE2DB164BBB35DB061AF0997E4499054 c:\windows\$NtUninstallKB925902$\user32.dll
    [-] 2002-08-29 10:00 560128 DD9269230C21EE8FB7FD3FCCC3B1CFCB c:\windows\$NtUninstallQ328310$\user32.dll
    [-] 2004-08-04 07:56 577024 C72661F8552ACE7C5C85E16A3CF505C4 c:\windows\ServicePackFiles\i386\user32.dll
    [-] 2008-04-14 00:12 578560 B26B135FF1B9F60C9388B4A7D16F600B c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\user32.dll
    [-] 2007-03-08 15:36 577536 B409909F6E2E8A7067076ED748ABF1E7 c:\windows\SYSTEM32\user32.dll
    [-] 2007-03-08 15:36 577536 B409909F6E2E8A7067076ED748ABF1E7 c:\windows\SYSTEM32\DLLCACHE\user32.dll

    [-] 2002-08-29 10:00 75264 8529C295DF59B564D37A73B5629162B1 c:\windows\$NtServicePackUninstall$\ws2_32.dll
    [-] 2004-08-04 07:56 82944 2ED0B7F12A60F90092081C50FA0EC2B2 c:\windows\ServicePackFiles\i386\ws2_32.dll
    [-] 2008-04-14 00:12 82432 2CCC474EB85CEAA3E1FA1726580A3E5A c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ws2_32.dll
    [-] 2004-08-04 07:56 82944 2ED0B7F12A60F90092081C50FA0EC2B2 c:\windows\SYSTEM32\ws2_32.dll
    [-] 2004-08-04 07:56 82944 2ED0B7F12A60F90092081C50FA0EC2B2 c:\windows\SYSTEM32\DLLCACHE\ws2_32.dll

    [-] 2004-09-29 18:27 656896 2C07195588D69A067C2AFDAA31759295 c:\windows\$hf_mig$\KB834707\SP2QFE\wininet.dll
    [-] 2005-01-27 17:08 657920 A8EAC5330876548E9966A7D13025D196 c:\windows\$hf_mig$\KB867282\SP2QFE\wininet.dll
    [-] 2005-05-02 20:57 658944 E1E18136F9DD3DF1AD9C82193A5898A6 c:\windows\$hf_mig$\KB883939\SP2QFE\wininet.dll
    [-] 2005-03-10 07:43 657920 C8663B488996E89A84C3D17C1D12B79E c:\windows\$hf_mig$\KB890923\SP2QFE\wininet.dll
    [-] 2005-09-02 23:53 660480 97A6FD7CAFD688CF2C78939EBAF0CD0C c:\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll
    [-] 2005-07-03 02:09 659456 6E533D155B259EB2363D3E04B5BE309F c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll
    [-] 2005-10-21 03:38 661504 AF785C4947676A7FC1673FDC5C8D0B5B c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll
    [-] 2006-03-04 03:58 663552 C0845ECBF4F9164E618EE381B79C9032 c:\windows\$hf_mig$\KB912812\SP2QFE\wininet.dll
    [-] 2006-05-10 05:25 663552 D94CFFDB53E7AC867438E2DFD50E7CBC c:\windows\$hf_mig$\KB916281\SP2QFE\wininet.dll
    [-] 2006-06-23 11:25 664576 64CE26DB72810B30F7855EA51E1DF836 c:\windows\$hf_mig$\KB918899\SP2QFE\wininet.dll
    [-] 2006-09-14 08:31 664576 D207370287CF769AEBEBF03837784963 c:\windows\$hf_mig$\KB922760\SP2QFE\wininet.dll
    [-] 2007-12-07 02:01 825344 B5B411BB229AE6EAD7652A32ED47BFB9 c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
    [-] 2008-03-01 13:03 827392 6316C2F0C61271C8ABDFF7429174879E c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
    [-] 2008-04-21 06:44 666112 2B0C24AA747A93A28987B6D65A4A74BC c:\windows\$hf_mig$\KB950759\SP3GDR\wininet.dll
    [-] 2008-04-21 06:24 666624 26F240C250E5B4B395CB4B178BA75437 c:\windows\$hf_mig$\KB950759\SP3QFE\wininet.dll
    [-] 2008-04-23 03:35 827392 41546B396A526918DA7995A02EA04E51 c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
    [-] 2008-06-23 16:01 827904 C66402A06B83B036C195242C0C8CF83C c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
    [-] 2008-08-26 09:08 827904 77C192FE56A70D7FA0247BA0A6201C32 c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
    [-] 2008-10-16 20:24 827904 0D5B75171FF51775B630A431B6C667E8 c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
    [-] 2008-12-20 23:56 827904 044E0A4E9FE97C0FB9AFE9C89E2A82E6 c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
    [-] 2009-03-03 00:17 828416 C8667854873938CA13C986F16B0CD183 c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
    [-] 2009-04-29 04:49 828928 62CCA075F44015147B8971DAFFBCFF76 c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll
    [-] 2004-08-24 01:32 589312 01893ED35886AFF539B58A025736F7ED c:\windows\$NtServicePackUninstall$\wininet.dll
    [-] 2004-08-04 07:56 656384 C0823FC5469663BA63E7DB88F9919D70 c:\windows\$NtUninstallKB834707$\wininet.dll
    [-] 2004-02-06 23:05 588288 4F64D1DF989E3AA2FAD91A2F1167B9C7 c:\windows\$NtUninstallKB834707-IE6SP1-20040929.091901$\wininet.dll
    [-] 2004-09-29 18:47 656896 CBA65B573C66FE23F647FF96E3A10994 c:\windows\$NtUninstallKB867282$\wininet.dll
    [-] 2005-03-10 08:02 656896 6F018D6319BE4F96426EA829B79E05D5 c:\windows\$NtUninstallKB883939$\wininet.dll
    [-] 2005-01-27 17:13 656896 B5E043E440B210014E021B24CF0A72E3 c:\windows\$NtUninstallKB890923$\wininet.dll
    [-] 2005-07-03 02:11 658432 5B5FF992C0FA762CCF8655FC290E6E52 c:\windows\$NtUninstallKB896688$\wininet.dll
    [-] 2005-05-02 20:52 657920 1A078AF3F85D10BA56444C23B3A18E74 c:\windows\$NtUninstallKB896727$\wininet.dll
    [-] 2005-09-02 23:52 658432 AF61EBB1F550175EFF406D545D6AB086 c:\windows\$NtUninstallKB905915$\wininet.dll
    [-] 2005-10-21 03:39 658432 E7B27B6B6E06CE34EA019FD8B858C613 c:\windows\$NtUninstallKB912812$\wininet.dll
    [-] 2006-03-04 03:33 658432 1C0979C7A489BEE573CD0BF4AD94BB06 c:\windows\$NtUninstallKB916281$\wininet.dll
    [-] 2006-05-10 05:23 658432 38AB7A56F566D9AAAD31812494944824 c:\windows\$NtUninstallKB918899$\wininet.dll
    [-] 2006-06-23 11:02 658944 2B4DB890936430C71419037039502752 c:\windows\$NtUninstallKB922760$\wininet.dll
    [-] 2006-09-14 08:39 658944 621AF3F6174A3F60677F5230E28BCC07 c:\windows\$NtUninstallKB925454$\wininet.dll
    [-] 2006-10-23 15:34 664576 231EF4179ACABE486376B5CA893F1076 c:\windows\$NtUninstallKB928090$\wininet.dll
    [-] 2007-01-04 14:05 665088 3FFA1573FC274E5AA7467D03941C45EE c:\windows\$NtUninstallKB931768$\wininet.dll
    [-] 2007-02-20 09:52 665600 B258C922D22DEEC880B60720531D7627 c:\windows\$NtUninstallKB933566$\wininet.dll
    [-] 2007-04-18 12:46 665600 4261BA03AFD659DE04F0A17DFBDD454D c:\windows\$NtUninstallKB937143$\wininet.dll
    [-] 2007-06-26 14:35 665600 E1A3DD68B5380B360A7310A64D9BB188 c:\windows\$NtUninstallKB939653$\wininet.dll
    [-] 2007-08-22 12:55 665600 A1BC17EB3758D73C3938B2318820F5B4 c:\windows\$NtUninstallKB942615$\wininet.dll
    [-] 2007-10-11 05:57 666112 80D660A49E0D118144423099B2A9F5DA c:\windows\$NtUninstallKB944533$\wininet.dll
    [-] 2007-12-07 00:44 666112 085A7C37F9C6EDE1BA870B7DBEC06399 c:\windows\$NtUninstallKB947864$\wininet.dll
    [-] 2008-02-16 09:32 666112 BB1EACD6AB47E78EBCA02EB781550D55 c:\windows\$NtUninstallKB950759$\wininet.dll
    [-] 2008-04-21 06:56 666624 2E7DE1BF9418B071799EB53DE8CC22F5 c:\windows\ie7\wininet.dll
    [-] 2007-08-13 23:54 818688 A4A0FC92358F39538A6494C42EF99FE9 c:\windows\ie7updates\KB944533-IE7\wininet.dll
    [-] 2007-12-07 02:21 824832 806D274C9A6C3AAEA5EAE8E4AF841E04 c:\windows\ie7updates\KB947864-IE7\wininet.dll
    [-] 2008-03-01 13:06 826368 AD21461AEF8244EDEC2EF18E55E1DCF3 c:\windows\ie7updates\KB950759-IE7\wininet.dll
    [-] 2008-04-23 04:16 826368 F6589BE784647CFDBC22EA51CCB1A57A c:\windows\ie7updates\KB953838-IE7\wininet.dll
    [-] 2008-06-23 16:57 826368 8C13D4A7479FA0A026EDA8ABCE82C0ED c:\windows\ie7updates\KB956390-IE7\wininet.dll
    [-] 2008-08-26 07:24 826368 EF8EBA98145BFA44E80D17A3B3453300 c:\windows\ie7updates\KB958215-IE7\wininet.dll
    [-] 2008-10-16 20:38 826368 6741EAF7B7F110E803A6E38F6E5FA6B0 c:\windows\ie7updates\KB961260-IE7\wininet.dll
    [-] 2008-12-20 23:15 826368 A82935D32D0672E8FF4E91AE398E901C c:\windows\ie7updates\KB963027-IE7\wininet.dll
    [-] 2009-03-03 00:18 826368 28775945CCD53DEE280EF58DEA1A94C4 c:\windows\ie7updates\KB969897-IE7\wininet.dll
    [-] 2004-08-04 07:56 656384 C0823FC5469663BA63E7DB88F9919D70 c:\windows\ServicePackFiles\i386\wininet.dll
    [-] 2008-03-01 13:06 826368 AD21461AEF8244EDEC2EF18E55E1DCF3 c:\windows\SoftwareDistribution\Download\574548bb1821009dfc939b99bf38919d\SP2GDR\wininet.dll
    [-] 2008-03-01 13:03 827392 6316C2F0C61271C8ABDFF7429174879E c:\windows\SoftwareDistribution\Download\574548bb1821009dfc939b99bf38919d\SP2QFE\wininet.dll
    [-] 2008-04-23 04:16 826368 F6589BE784647CFDBC22EA51CCB1A57A c:\windows\SoftwareDistribution\Download\b3bf74f55136e7636e609c29522f7318\SP2GDR\wininet.dll
    [-] 2008-04-23 03:35 827392 41546B396A526918DA7995A02EA04E51 c:\windows\SoftwareDistribution\Download\b3bf74f55136e7636e609c29522f7318\SP2QFE\wininet.dll
    [-] 2009-06-29 16:12 827392 A39B7BA7AB9B1CC2A0009F59772DB83C c:\windows\SoftwareDistribution\Download\cfdf673d5f64980a67e3f1a551949306\sp3gdr\wininet.dll
    [-] 2009-06-29 16:23 828928 4C6B4138165A4C53FE8A5B1D809526C3 c:\windows\SoftwareDistribution\Download\cfdf673d5f64980a67e3f1a551949306\sp3qfe\wininet.dll
    [-] 2008-04-14 00:12 666112 7A4F775ABB2F1C97DEF3E73AFA2FAEDD c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\wininet.dll
    [-] 2007-12-07 02:21 824832 806D274C9A6C3AAEA5EAE8E4AF841E04 c:\windows\SoftwareDistribution\Download\e5a204b08ee9dd0f7a20547e61486b27\SP2GDR\wininet.dll
    [-] 2007-12-07 02:01 825344 B5B411BB229AE6EAD7652A32ED47BFB9 c:\windows\SoftwareDistribution\Download\e5a204b08ee9dd0f7a20547e61486b27\SP2QFE\wininet.dll
    [-] 2009-04-29 04:56 827392 8E2D471157B0DF329D8D0EA5D83B0DDB c:\windows\SYSTEM32\wininet.dll
    [-] 2009-04-29 04:56 827392 8E2D471157B0DF329D8D0EA5D83B0DDB c:\windows\SYSTEM32\DLLCACHE\wininet.dll

    [-] 2005-05-25 19:07 359936 63FDFEA54EB53DE2D863EE454937CE1E c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys
    [-] 2006-01-13 17:07 360448 5562CC0A47B2AEF06D3417B733F3C195 c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys
    [-] 2006-04-20 12:18 360576 B2220C618B42A2212A59D91EBD6FC4B4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
    [-] 2007-10-30 16:53 360832 64798ECFA43D78C7178375FCDD16D8C8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
    [-] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
    [-] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
    [-] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
    [-] 2002-08-29 10:00 332928 244A2F9816BC9B593957281EF577D976 c:\windows\$NtServicePackUninstall$\tcpip.sys
    [-] 2004-08-04 06:14 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\$NtUninstallKB893066$\tcpip.sys
    [-] 2005-05-25 19:04 359808 88763A98A4C26C409741B4AA162720C9 c:\windows\$NtUninstallKB913446$\tcpip.sys
    [-] 2006-01-13 02:28 359808 583E063FDC888CA30D05C2724B0D7EF4 c:\windows\$NtUninstallKB917953$\tcpip.sys
    [-] 2006-04-20 11:51 359808 1DBF125862891817F374F407626967F4 c:\windows\$NtUninstallKB941644$\tcpip.sys
    [-] 2007-10-30 17:20 360064 90CAFF4B094573449A0872A0F919B178 c:\windows\$NtUninstallKB951748$\tcpip.sys
    [-] 2004-08-04 06:14 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\ServicePackFiles\i386\tcpip.sys
    [-] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tcpip.sys
    [-] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\SYSTEM32\DLLCACHE\tcpip.sys
    [-] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\SYSTEM32\DRIVERS\tcpip.sys

    [-] 2004-05-27 01:38 483328 E7F9D2E4E4A94A6F58014E5FFA16A65E c:\windows\$NtServicePackUninstall$\winlogon.exe
    [-] 2002-08-29 10:00 516608 2246D8D8F4714A2CEDB21AB9B1849ABB c:\windows\$NtUninstallKB840987$\winlogon.exe
    [-] 2004-08-04 07:56 502272 01C3346C241652F43AED8E2149881BFE c:\windows\ServicePackFiles\i386\winlogon.exe
    [-] 2008-04-14 00:12 507904 ED0EF0A136DEC83DF69F04118870003E c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe
    [-] 2004-08-04 07:56 502272 01C3346C241652F43AED8E2149881BFE c:\windows\SYSTEM32\winlogon.exe
    [-] 2004-08-04 07:56 502272 01C3346C241652F43AED8E2149881BFE c:\windows\SYSTEM32\DLLCACHE\winlogon.exe

    [-] 2003-03-06 15:30 162432 09B38768036508B51564201AFB000950 c:\windows\$NtServicePackUninstall$\ndis.sys
    [-] 2004-08-04 06:14 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\ServicePackFiles\i386\ndis.sys
    [-] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ndis.sys
    [-] 2004-08-04 06:14 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\SYSTEM32\DLLCACHE\ndis.sys
    [-] 2004-08-04 06:14 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\SYSTEM32\DRIVERS\ndis.sys

    [-] 2004-08-04 06:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\ServicePackFiles\i386\ip6fw.sys
    [-] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ip6fw.sys
    [-] 2004-08-04 06:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\SYSTEM32\DLLCACHE\ip6fw.sys
    [-] 2004-08-04 06:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\SYSTEM32\DRIVERS\ip6fw.sys

    [-] 2005-03-02 00:36 2056832 D8ABA3EAB509627E707A3B14F00FBB6B c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
    [-] 2006-12-19 16:12 2059392 BA4B97C00A437C1CC3DA365D93EE1E9D c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe
    [-] 2007-02-28 09:15 2059392 4D3DBDCCBF97F5BA1E74F322B155C3BA c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
    [-] 2009-02-06 09:49 2062976 9D832AF3FD1917DB0E1E8B2F000A2E3A c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
    [-] 2009-02-08 00:02 2066048 5BA7F2141BC6DB06100D0E5A732C617A c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
    [-] 2009-02-06 10:30 2066176 607352B9CB3D708C67F6039097801B5A c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
    [-] 2008-08-14 09:18 2062976 63EC865DFF6CCFC7BEF94B5C50297CAD c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe
    [-] 2008-08-14 09:33 2066048 4AC58F03EB94A72809949D757FC39D80 c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
    [-] 2008-08-14 20:39 2066048 A25E9B86EFFB2AF33BF51E676B68BFB0 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
    [-] 2004-06-17 08:03 1954688 ED0D7A5F1138CCFD3ECAF8F6AC691F13 c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
    [-] 2003-04-24 13:57 1949440 46AE6F2D416C39FFDCFC8BCB01203EA3 c:\windows\$NtUninstallKB840987$\ntkrnlpa.exe
    [-] 2004-08-04 05:58 2056832 947FB1D86D14AFCFFDB54BF837EC25D0 c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe
    [-] 2005-03-02 00:34 2056832 81013F36B21C7F72CF784CC6731E0002 c:\windows\$NtUninstallKB929338$\ntkrnlpa.exe
    [-] 2006-12-19 12:55 2057600 1D659BFB788ED2BA45075624B748D249 c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe
    [-] 2008-08-14 09:22 2057728 BA002228743B6824D87F0551DBC86D45 c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
    [-] 2007-02-28 08:38 2057600 515D30E2C90A3665A2739309334C9283 c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
    [-] 2002-08-29 06:04 1947904 0E8EFB15746878A9B256E75267337233 c:\windows\$NtUninstallQ811493$\ntkrnlpa.exe
    [-] 2009-02-06 16:49 2057728 3006410E24772CC6953F0B5C01BEB35F c:\windows\Driver Cache\I386\ntkrnlpa.exe
    [-] 2004-08-04 05:58 2056832 947FB1D86D14AFCFFDB54BF837EC25D0 c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
    [-] 2008-04-13 18:31 2065792 109F8E3E3C82E337BB71B6BC9B895D61 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntkrnlpa.exe
    [-] 2009-02-06 16:49 2057728 3006410E24772CC6953F0B5C01BEB35F c:\windows\SYSTEM32\ntkrnlpa.exe
    [-] 2009-02-06 16:49 2057728 3006410E24772CC6953F0B5C01BEB35F c:\windows\SYSTEM32\DLLCACHE\ntkrnlpa.exe

    [-] 2005-03-02 01:04 2179456 28187802B7C368C0D3AEF7D4C382AABB c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
    [-] 2006-12-19 16:51 2182016 CEF243F6DEFD20BE4ADDE26C7ECACB54 c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe
    [-] 2007-02-28 09:55 2182144 5A5C8DB4AA962C714C8371FBDF189FC9 c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
    [-] 2009-02-06 10:32 2186112 6A936E9D7BADAF3CAAEED1E1966EC1B0 c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
    [-] 2009-02-06 11:08 2189056 7A95B10A73737EBF24139AAA63F5212B c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
    [-] 2009-02-08 00:35 2189184 EFE8EACE83EAAD5849A7A548FB75B584 c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
    [-] 2008-08-14 09:57 2185984 CE69DBD54221F2D40E49FF6DB77C6507 c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe
    [-] 2008-08-14 10:11 2189184 EEAF32F8E15A24F62BECB1BD403BB5C5 c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
    [-] 2008-08-14 21:11 2189184 31914172342BFF330063F343AC6958FE c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
    [-] 2004-06-17 17:22 2051584 F240DC474F8EDB2D95514D831DF069E5 c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
    [-] 2003-04-24 13:57 1925760 97EC4AB4650DA6FC521CF16F8A6DDCB0 c:\windows\$NtUninstallKB840987$\ntoskrnl.exe
    [-] 2004-08-04 06:19 2180992 CE218BC7088681FAA06633E218596CA7 c:\windows\$NtUninstallKB890859$\ntoskrnl.exe
    [-] 2005-03-02 00:59 2179328 4D4CF2C14550A4B7718E94A6E581856E c:\windows\$NtUninstallKB929338$\ntoskrnl.exe
    [-] 2006-12-19 14:17 2180352 8F0DEAB1F81FB83F9C5995853CE48B9F c:\windows\$NtUninstallKB931784$\ntoskrnl.exe
    [-] 2008-08-14 10:00 2180352 21C91DA9CB53AA8A37041BA9684A8458 c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
    [-] 2007-02-28 09:10 2180352 582A8DBAA58C3B1F176EB2817DAEE77C c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
    [-] 2002-08-29 07:03 2042240 B9080D97DBD631AADF9128F7316958D2 c:\windows\$NtUninstallQ811493$\ntoskrnl.exe
    [-] 2009-02-06 17:24 2180480 FACEBB0CA3154F77009CDFEE78A00BBB c:\windows\Driver Cache\I386\ntoskrnl.exe
    [-] 2004-08-04 06:19 2180992 CE218BC7088681FAA06633E218596CA7 c:\windows\ServicePackFiles\i386\ntoskrnl.exe
    [-] 2008-04-13 19:27 2188928 0C89243C7C3EE199B96FCC16990E0679 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntoskrnl.exe
    [-] 2009-02-06 17:24 2180480 FACEBB0CA3154F77009CDFEE78A00BBB c:\windows\SYSTEM32\ntoskrnl.exe
    [-] 2009-02-06 17:24 2180480 FACEBB0CA3154F77009CDFEE78A00BBB c:\windows\SYSTEM32\DLLCACHE\ntoskrnl.exe

    [-] 2007-06-13 10:23 1033216 97BD6515465659FF8F3B7BE375B2EA87 c:\windows\explorer.exe
    [-] 2007-06-13 11:26 1033216 7712DF0CDDE3A5AC89843E61CD5B3658 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
    [-] 2002-08-29 10:00 1004032 A82B28BFC2E4455FE43022A498C0EF0A c:\windows\$NtServicePackUninstall$\explorer.exe
    [-] 2004-08-04 07:56 1032192 A0732187050030AE399B241436565E64 c:\windows\$NtUninstallKB938828$\explorer.exe
    [-] 2004-08-04 07:56 1032192 A0732187050030AE399B241436565E64 c:\windows\ServicePackFiles\i386\explorer.exe
    [-] 2008-04-14 00:12 1033728 12896823FB95BFB3DC9B46BCAEDC9923 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe
    [-] 2007-06-13 10:23 1033216 97BD6515465659FF8F3B7BE375B2EA87 c:\windows\SYSTEM32\DLLCACHE\explorer.exe

    [-] 2009-02-06 10:22 110592 4712531AB7A01B7EE059853CA17D39BD c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe
    [-] 2009-02-06 11:11 110592 65DF52F5B8B6E9BBD183505225C37315 c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
    [-] 2009-02-06 11:06 110592 020CEAAEDC8EB655B6506B8C70D53BB6 c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
    [-] 2002-08-29 10:00 101376 E3DF4A0252D287C44606EE55355E1623 c:\windows\$NtServicePackUninstall$\services.exe
    [-] 2004-08-04 07:56 108032 C6CE6EEC82F187615D1002BB3BB50ED4 c:\windows\$NtUninstallKB956572$\services.exe
    [-] 2004-08-04 07:56 108032 C6CE6EEC82F187615D1002BB3BB50ED4 c:\windows\ServicePackFiles\i386\services.exe
    [-] 2008-04-14 00:12 108544 0E776ED5F7CC9F94299E70461B7B8185 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\services.exe
    [-] 2009-02-06 17:14 110592 37561F8D4160D62DA86D24AE41FAE8DE c:\windows\SYSTEM32\services.exe
    [-] 2009-02-06 17:14 110592 37561F8D4160D62DA86D24AE41FAE8DE c:\windows\SYSTEM32\DLLCACHE\services.exe

    [-] 2002-08-29 10:00 11776 B2B6BA905D0E3F8A32A0EB3B4051807B c:\windows\$NtServicePackUninstall$\lsass.exe
    [-] 2004-08-04 07:56 13312 84885F9B82F4D55C6146EBF6065D75D2 c:\windows\ServicePackFiles\i386\lsass.exe
    [-] 2008-04-14 00:12 13312 BF2466B3E18E970D8A976FB95FC1CA85 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\lsass.exe
    [-] 2004-08-04 07:56 13312 84885F9B82F4D55C6146EBF6065D75D2 c:\windows\SYSTEM32\lsass.exe
    [-] 2004-08-04 07:56 13312 84885F9B82F4D55C6146EBF6065D75D2 c:\windows\SYSTEM32\DLLCACHE\lsass.exe

    [-] 2002-08-29 10:00 13312 414DE7CF9D3F19C3EA902F1BB38EC116 c:\windows\$NtServicePackUninstall$\ctfmon.exe
    [-] 2004-08-04 07:56 15360 24232996A38C0B0CF151C2140AE29FC8 c:\windows\ServicePackFiles\i386\ctfmon.exe
    [-] 2008-04-14 00:12 15360 5F1D5F88303D4A4DBC8E5F97BA967CC3 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ctfmon.exe
    [-] 2004-08-04 07:56 15360 24232996A38C0B0CF151C2140AE29FC8 c:\windows\SYSTEM32\ctfmon.exe
    [-] 2004-08-04 07:56 15360 24232996A38C0B0CF151C2140AE29FC8 c:\windows\SYSTEM32\DLLCACHE\ctfmon.exe

    [-] 2005-06-11 00:17 57856 AD3D9D191AEA7B5445FE1D82FFBB4788 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
    [-] 2002-08-29 10:00 51200 9B4155BA58192D4073082B8FC5D42612 c:\windows\$NtServicePackUninstall$\spoolsv.exe
    [-] 2004-08-04 07:56 57856 7435B108B935E42EA92CA94F59C8E717 c:\windows\$NtUninstallKB896423$\spoolsv.exe
    [-] 2004-08-04 07:56 57856 7435B108B935E42EA92CA94F59C8E717 c:\windows\ServicePackFiles\i386\spoolsv.exe
    [-] 2008-04-14 00:12 57856 D8E14A61ACC1D4A6CD0D38AEBAC7FA3B c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\spoolsv.exe
    [-] 2005-06-10 23:53 57856 DA81EC57ACD4CDC3D4C51CF3D409AF9F c:\windows\SYSTEM32\spoolsv.exe
    [-] 2005-06-10 23:53 57856 DA81EC57ACD4CDC3D4C51CF3D409AF9F c:\windows\SYSTEM32\DLLCACHE\spoolsv.exe

    [-] 2002-08-29 10:00 22016 E931E0A2B8BF0019DB902E98D03662CB c:\windows\$NtServicePackUninstall$\userinit.exe
    [-] 2004-08-04 07:56 24576 39B1FFB03C2296323832ACBAE50D2AFF c:\windows\ServicePackFiles\i386\userinit.exe
    [-] 2008-04-14 00:12 26112 A93AEE1928A9D7CE3E16D24EC7380F89 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe
    [-] 2004-08-04 07:56 24576 39B1FFB03C2296323832ACBAE50D2AFF c:\windows\SYSTEM32\userinit.exe
    [-] 2004-08-04 07:56 24576 39B1FFB03C2296323832ACBAE50D2AFF c:\windows\SYSTEM32\DLLCACHE\userinit.exe

    [-] 2002-08-29 10:00 200192 FE84E045A09A4ABC4DEEF7270448B64E c:\windows\$NtServicePackUninstall$\termsrv.dll
    [-] 2004-08-04 07:56 295424 B60C877D16D9C880B952FDA04ADF16E6 c:\windows\ServicePackFiles\i386\termsrv.dll
    [-] 2008-04-14 00:12 295424 FF3477C03BE7201C294C35F684B3479F c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\termsrv.dll
    [-] 2004-08-04 07:56 295424 B60C877D16D9C880B952FDA04ADF16E6 c:\windows\SYSTEM32\termsrv.dll
    [-] 2004-08-04 07:56 295424 B60C877D16D9C880B952FDA04ADF16E6 c:\windows\SYSTEM32\DLLCACHE\termsrv.dll

    [-] 2006-07-05 10:57 985088 0FDD84928A5DDE2510761B7EC76CCEC9 c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
    [-] 2007-04-16 16:07 986112 09F7CB3687F86EDAA4CA081F7AB66C03 c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
    [-] 2009-03-21 13:54 989184 80202858D245FF07DAA1739C57A3E19B c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
    [-] 2009-03-21 14:06 989696 B921FB870C9AC0D509B2CCABBBBE95F3 c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
    [-] 2009-03-21 13:59 991744 DA11D9D6ECBDF0F93436A4B7C13F7BEC c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
    [-] 2004-06-17 17:58 930816 FCA73DE7B988A2F7837FFBFFCFBED088 c:\windows\$NtServicePackUninstall$\kernel32.dll
    [-] 2002-08-29 10:00 930304 8F162DC91D67D87C1A481BF602A9DAC8 c:\windows\$NtUninstallKB840987$\kernel32.dll
    [-] 2004-08-04 07:56 983552 888190E31455FAD793312F8D087146EB c:\windows\$NtUninstallKB917422$\kernel32.dll
    [-] 2006-07-05 10:55 984064 D8DB5397DE07577C1CB50BA6D23B3AD4 c:\windows\$NtUninstallKB935839$\kernel32.dll
    [-] 2007-04-16 15:52 984576 A01F9CA902A88F7CED06884174D6419D c:\windows\$NtUninstallKB959426$\kernel32.dll
    [-] 2004-08-04 07:56 983552 888190E31455FAD793312F8D087146EB c:\windows\ServicePackFiles\i386\kernel32.dll
    [-] 2008-04-14 00:11 989696 C24B983D211C34DA8FCC1AC38477971D c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\kernel32.dll
    [-] 2009-03-21 14:18 986112 B6ACAED7588295129791E0E6A2B0FADE c:\windows\SYSTEM32\kernel32.dll
    [-] 2009-03-21 14:18 986112 B6ACAED7588295129791E0E6A2B0FADE c:\windows\SYSTEM32\DLLCACHE\kernel32.dll

    [-] 2002-08-29 10:00 14848 865AD7CCB20856727D5BD994B094DC5E c:\windows\$NtServicePackUninstall$\powrprof.dll
    [-] 2004-08-04 07:56 17408 1B5F6923ABB450692E9FE0672C897AED c:\windows\ServicePackFiles\i386\powrprof.dll
    [-] 2008-04-14 00:12 17408 50A166237A0FA771261275A405646CC0 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\powrprof.dll
    [-] 2004-08-04 07:56 17408 1B5F6923ABB450692E9FE0672C897AED c:\windows\SYSTEM32\powrprof.dll
    [-] 2004-08-04 07:56 17408 1B5F6923ABB450692E9FE0672C897AED c:\windows\SYSTEM32\DLLCACHE\powrprof.dll

    [-] 2002-08-29 10:00 103936 C9F9E3E6B59C6D6CBCE7F14494A4518A c:\windows\$NtServicePackUninstall$\imm32.dll
    [-] 2004-08-04 07:56 110080 87CA7CE6469577F059297B9D6556D66D c:\windows\ServicePackFiles\i386\imm32.dll
    [-] 2008-04-14 00:11 110080 0DA85218E92526972A821587E6A8BF8F c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\imm32.dll
    [-] 2004-08-04 07:56 110080 87CA7CE6469577F059297B9D6556D66D c:\windows\SYSTEM32\imm32.dll
    [-] 2004-08-04 07:56 110080 87CA7CE6469577F059297B9D6556D66D c:\windows\SYSTEM32\DLLCACHE\imm32.dll

    [-] 2004-09-29 16:27 3004928 087FF7C54E7EBE4A59BD4DFC1D0EE9B8 c:\windows\$hf_mig$\KB834707\SP2QFE\mshtml.dll
    [-] 2005-01-27 15:08 3008000 91C5ADE25BC4E3322577854FA2E7B58B c:\windows\$hf_mig$\KB867282\SP2QFE\mshtml.dll
    [-] 2005-05-02 20:57 3014144 DCC5C79B99F02EEF8C826B074DBFC222 c:\windows\$hf_mig$\KB883939\SP2QFE\mshtml.dll
    [-] 2005-03-10 07:43 3011072 255C2CE965543ABDC3E0A25A5DA1874A c:\windows\$hf_mig$\KB890923\SP2QFE\mshtml.dll
    [-] 2005-10-05 00:51 3017728 3394299FBF1CD0B24089FC762611360B c:\windows\$hf_mig$\KB896688\SP2QFE\mshtml.dll
    [-] 2005-07-20 02:03 3016192 A14A7A206AE22DE4FE563E44CFC7DDF5 c:\windows\$hf_mig$\KB896727\SP2QFE\mshtml.dll
    [-] 2005-11-24 01:07 3018240 D3F037F5DA702AE9DDD7663EC9D78BA7 c:\windows\$hf_mig$\KB905915\SP2QFE\mshtml.dll
    [-] 2006-03-23 20:31 3055616 ABCD123F888E4E97C8751378CCCC4F26 c:\windows\$hf_mig$\KB912812\SP2QFE\mshtml.dll
    [-] 2006-05-19 15:06 3055104 8687E029BE63C77D4919485068C54D77 c:\windows\$hf_mig$\KB916281\SP2QFE\mshtml.dll
    [-] 2006-07-28 11:30 3058176 D251679BD9EF0250201FB899EC40FD32 c:\windows\$hf_mig$\KB918899\SP2QFE\mshtml.dll
    [-] 2006-09-14 08:31 3058688 CEFEA1C301139A817931BE132F0359FE c:\windows\$hf_mig$\KB922760\SP2QFE\mshtml.dll
    [-] 2007-12-07 02:01 3593216 976C46ED4A75FC66D9C596778898CE1E c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
    [-] 2008-03-01 13:03 3593216 4EE273E2B09317C1217EF0DB91F93534 c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
    [-] 2008-04-21 06:44 3066880 FE406DE0651C9E8201DCB0460609D739 c:\windows\$hf_mig$\KB950759\SP3GDR\mshtml.dll
    [-] 2008-04-21 06:24 3067392 46A61BA430110F00DD990D058AA3D054 c:\windows\$hf_mig$\KB950759\SP3QFE\mshtml.dll
    [-] 2008-04-23 03:35 3593728 4D612FF5D3B7EEF200595AE6F95D5E68 c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
    [-] 2008-06-23 16:01 3594240 28B8231CA8D55FC85E027A57C90F5C88 c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
    [-] 2008-08-26 09:08 3594752 25CC085720EE3617FD1F8AB9E2F7CAB2 c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
    [-] 2008-10-16 20:24 3595264 B74F31A4BD83797D7A083F922169287D c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
    [-] 2008-12-13 06:26 3594752 C79FAD61CD4A26ED5AA8C16D991C6FBD c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
    [-] 2009-01-16 16:24 3596288 CC9D001B7370B292C35B366CA05B12B4 c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
    [-] 2009-02-21 07:39 3596800 1BB754AB47B327DE8DBF2FA18C36357C c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll
    [-] 2009-04-29 04:49 3598336 C6FD770D518FB024245A0EE217D72BC1 c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\mshtml.dll
    [-] 2004-09-29 05:57 2805760 079D308B354F3F42F0F264F5DA730537 c:\windows\$NtServicePackUninstall$\mshtml.dll
    [-] 2004-08-04 07:56 3003392 376E0843B2356CA91CEC8D9837A56FF7 c:\windows\$NtUninstallKB834707$\mshtml.dll
    [-] 2004-07-07 23:37 2803712 FAC3F71082946FF9BE7EE51B1A34E64B c:\windows\$NtUninstallKB834707-IE6SP1-20040929.091901$\mshtml.dll
    [-] 2004-09-29 18:47 3004928 D94E6405E420373161467ACD3DA65640 c:\windows\$NtUninstallKB867282$\mshtml.dll
    [-] 2005-03-10 08:02 3010560 84A1B9B0C362051E68BB131F14C6DAAD c:\windows\$NtUninstallKB883939$\mshtml.dll
    [-] 2005-01-27 17:13 3006976 FAE3CA9B2459581C45B3A8845BE3077C c:\windows\$NtUninstallKB890923$\mshtml.dll
    [-] 2005-07-20 02:00 3014144 31E7520E58E5E4DFA93215A6D5603AF2 c:\windows\$NtUninstallKB896688$\mshtml.dll
    [-] 2005-05-02 20:52 3012608 DCFAC5470EE0A159EC4222BC28AE3EE6 c:\windows\$NtUninstallKB896727$\mshtml.dll
    [-] 2005-10-04 22:26 3015168 042AC20E084D21DD6BEE99B89CC30FB7 c:\windows\$NtUninstallKB905915$\mshtml.dll
    [-] 2005-11-24 01:06 3015680 5E7A39950EA133BB54719A6E08C544A7 c:\windows\$NtUninstallKB912812$\mshtml.dll
    [-] 2006-03-23 20:32 3053568 DEAA438EA31095E14A196FF647E38D13 c:\windows\$NtUninstallKB916281$\mshtml.dll
    [-] 2006-05-19 15:08 3052544 284CE76B71DD5260B42A3CCF0135AF67 c:\windows\$NtUninstallKB918899$\mshtml.dll
    [-] 2006-07-28 11:28 3054080 C7074DA3D8F8C0F6C03874BA0B05069C c:\windows\$NtUninstallKB922760$\mshtml.dll
    [-] 2006-09-14 08:39 3054592 BE45460D1453B7342E01EAE79BFBC681 c:\windows\$NtUninstallKB925454$\mshtml.dll
    [-] 2006-10-23 15:34 3061248 88E1C15BB1A9ED3CBA4D6F2F408D5010 c:\windows\$NtUninstallKB928090$\mshtml.dll
    [-] 2007-01-04 14:05 3062272 1C45525574EF206346FBAFCAAC7CC4A5 c:\windows\$NtUninstallKB931768$\mshtml.dll
    [-] 2007-02-20 06:52 3063296 2991727809C7AC3A33E4178CC73244D8 c:\windows\$NtUninstallKB933566$\mshtml.dll
    [-] 2007-05-04 12:59 3064320 00ADCB32832A10ED9419493BCEA97526 c:\windows\$NtUninstallKB937143$\mshtml.dll
    [-] 2007-06-15 08:12 3064320 53F3FD772C010622346C39284C4A863B c:\windows\$NtUninstallKB939653$\mshtml.dll
    [-] 2007-08-22 12:55 3064832 885E3BF99EA4B2213901EBC35B34CF12 c:\windows\$NtUninstallKB942615$\mshtml.dll
    [-] 2007-10-30 09:55 3065856 79314A0A6B0DA78AFE491FF2D8B117BA c:\windows\$NtUninstallKB944533$\mshtml.dll
    [-] 2007-12-07 00:44 3066368 8A4DD074DEC1B0C063C8493ABF654CBC c:\windows\$NtUninstallKB947864$\mshtml.dll
    [-] 2008-02-16 09:32 3066880 701A6798DDF875CAA3A5099EE75FD57F c:\windows\$NtUninstallKB950759$\mshtml.dll
    [-] 2008-04-21 06:56 3066880 083B967E6B0B2BB539CE6B08D45D631F c:\windows\ie7\mshtml.dll
    [-] 2007-08-13 23:54 3578368 C6EC2493346ED8888A549F59210A8ED3 c:\windows\ie7updates\KB944533-IE7\mshtml.dll
    [-] 2007-12-08 15:51 3592192 A097C36412455F0C7E42377FAF8809B7 c:\windows\ie7updates\KB947864-IE7\mshtml.dll
    [-] 2008-03-01 23:36 3591680 AB2C88167D78D71D93558ACECB24CC7A c:\windows\ie7updates\KB950759-IE7\mshtml.dll
    [-] 2008-04-24 03:16 3591680 8976CAB317105F7431B08EA32AB73C65 c:\windows\ie7updates\KB953838-IE7\mshtml.dll
    [-] 2008-06-24 15:57 3592192 EC936148284F557F19C333178768109B c:\windows\ie7updates\KB956390-IE7\mshtml.dll
    [-] 2008-08-27 08:24 3593216 1AD035E04A7068EC2820B055A3131ED8 c:\windows\ie7updates\KB958215-IE7\mshtml.dll
    [-] 2008-10-17 08:08 3593216 EACAEDEF6FA2A969DE5B36190D45396F c:\windows\ie7updates\KB960714-IE7\mshtml.dll
    [-] 2008-12-13 06:40 3593216 121EC39A64D64205A88C2C45B034B455 c:\windows\ie7updates\KB961260-IE7\mshtml.dll
    [-] 2009-01-17 03:35 3594752 3B413267DA8AE71C20E5EF3E54F74728 c:\windows\ie7updates\KB963027-IE7\mshtml.dll
    [-] 2009-02-20 18:09 3595264 C7C3E41CC2F6EB4A629FE2184136C098 c:\windows\ie7updates\KB969897-IE7\mshtml.dll
    [-] 2004-08-04 07:56 3003392 376E0843B2356CA91CEC8D9837A56FF7 c:\windows\ServicePackFiles\i386\mshtml.dll
    [-] 2008-03-01 23:36 3591680 AB2C88167D78D71D93558ACECB24CC7A c:\windows\SoftwareDistribution\Download\574548bb1821009dfc939b99bf38919d\SP2GDR\mshtml.dll
    [-] 2008-03-01 13:03 3593216 4EE273E2B09317C1217EF0DB91F93534 c:\windows\SoftwareDistribution\Download\574548bb1821009dfc939b99bf38919d\SP2QFE\mshtml.dll
    [-] 2008-04-24 03:16 3591680 8976CAB317105F7431B08EA32AB73C65 c:\windows\SoftwareDistribution\Download\b3bf74f55136e7636e609c29522f7318\SP2GDR\mshtml.dll
    [-] 2008-04-23 03:35 3593728 4D612FF5D3B7EEF200595AE6F95D5E68 c:\windows\SoftwareDistribution\Download\b3bf74f55136e7636e609c29522f7318\SP2QFE\mshtml.dll
    [-] 2009-07-19 13:33 3597824 758C8BEDAB7CE5F9070C85E2E57CBD80 c:\windows\SoftwareDistribution\Download\cfdf673d5f64980a67e3f1a551949306\sp3gdr\mshtml.dll
    [-] 2009-07-19 13:31 3600384 F6098CC1B1C3858D53F20F3CB5774F3B c:\windows\SoftwareDistribution\Download\cfdf673d5f64980a67e3f1a551949306\sp3qfe\mshtml.dll
    [-] 2008-04-14 00:11 3066880 A706E122B398FE1AB85CB9B75D044223 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\mshtml.dll
    [-] 2007-12-08 15:51 3592192 A097C36412455F0C7E42377FAF8809B7 c:\windows\SoftwareDistribution\Download\e5a204b08ee9dd0f7a20547e61486b27\SP2GDR\mshtml.dll
    [-] 2007-12-07 02:01 3593216 976C46ED4A75FC66D9C596778898CE1E c:\windows\SoftwareDistribution\Download\e5a204b08ee9dd0f7a20547e61486b27\SP2QFE\mshtml.dll
    [-] 2009-04-29 04:56 3596288 2B4315EC9E3124408A2A5074C4B97700 c:\windows\SYSTEM32\mshtml.dll
    [-] 2009-04-29 04:56 3596288 2B4315EC9E3124408A2A5074C4B97700 c:\windows\SYSTEM32\DLLCACHE\mshtml.dll

    [-] 2002-08-29 06:27 23424 1E7F78C2FC393356CD884C6FDE7966F9 c:\windows\$NtServicePackUninstall$\kbdclass.sys
    [-] 2004-08-04 05:58 24576 EBDEE8A2EE5393890A1ACEE971C4C246 c:\windows\ServicePackFiles\i386\kbdclass.sys
    [-] 2008-04-13 18:39 24576 463C1EC80CD17420A542B7F36A36F128 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\kbdclass.sys
    [-] 2004-08-04 05:58 24576 EBDEE8A2EE5393890A1ACEE971C4C246 c:\windows\SYSTEM32\DLLCACHE\kbdclass.sys
    [-] 2004-08-04 05:58 24576 EBDEE8A2EE5393890A1ACEE971C4C246 c:\windows\SYSTEM32\DRIVERS\kbdclass.sys

    [-] 2002-08-29 10:00 792064 1F51839ECCF908FD86558198909262E4 c:\windows\$NtServicePackUninstall$\comres.dll
    [-] 2004-08-04 07:56 792064 6728270CB7DBB776ED086F5AC4C82310 c:\windows\ServicePackFiles\i386\comres.dll
    [-] 2008-04-14 00:11 792064 1280A158C722FA95A80FB7AEBE78FA7D c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\comres.dll
    [-] 2004-08-04 07:56 792064 6728270CB7DBB776ED086F5AC4C82310 c:\windows\SYSTEM32\comres.dll
    [-] 2004-08-04 07:56 792064 6728270CB7DBB776ED086F5AC4C82310 c:\windows\SYSTEM32\DLLCACHE\comres.dll

    [-] 2002-08-29 10:00 18944 55990CA08692E2739A8DDCE0B04352AC c:\windows\$NtServicePackUninstall$\lpk.dll
    [-] 2004-08-04 07:56 22016 74D66B3DE265E8789153414E75175F26 c:\windows\ServicePackFiles\i386\lpk.dll
    [-] 2008-04-14 00:11 22016 012DF358CEBAA23ACB26D82077820817 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\lpk.dll
    [-] 2004-08-04 07:56 22016 74D66B3DE265E8789153414E75175F26 c:\windows\SYSTEM32\lpk.dll
    [-] 2004-08-04 07:56 22016 74D66B3DE265E8789153414E75175F26 c:\windows\SYSTEM32\DLLCACHE\lpk.dll

    [-] 2002-08-29 10:00 4224 DA1F27D85E0D1525F6621372E7B685E9 c:\windows\SYSTEM32\DLLCACHE\beep.sys
    [-] 2002-08-29 10:00 4224 DA1F27D85E0D1525F6621372E7B685E9 c:\windows\SYSTEM32\DRIVERS\BEEP.SYS

    [-] 2002-08-29 10:00 2944 73C1E1F395918BC2C6DD67AF7591A3AD c:\windows\SYSTEM32\DLLCACHE\null.sys
    [-] 2002-08-29 10:00 2944 73C1E1F395918BC2C6DD67AF7591A3AD c:\windows\SYSTEM32\DRIVERS\NULL.SYS

    [-] 2002-08-29 10:00 924432 DDF8D47ACF8FC3FE5F7F2B95C4D4D136 c:\windows\$NtUninstallKB924667$\mfc40u.dll
    [-] 2008-04-14 00:11 927504 CDDD4416B2B4C7295FE3FDB6DDE57E4E c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\mfc40u.dll
    [-] 2006-11-01 19:17 927504 925F8B61ED301A317BA850EBEECBDAA0 c:\windows\SYSTEM32\mfc40u.dll
    [-] 2006-11-01 19:17 927504 925F8B61ED301A317BA850EBEECBDAA0 c:\windows\SYSTEM32\DLLCACHE\mfc40u.dll

  4. #44
    Senior Member
    Join Date
    Jul 2009
    Posts
    101

    Default

    combofix continued:


    [-] 2005-01-14 05:07 395776 94456045BEB4545B5EBE1DCC85951AFA c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll
    [-] 2005-04-28 19:35 396288 DA383FB39A6F1C445F3AFC94B3EB1248 c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
    [-] 2005-07-26 04:20 398336 C369DF215D352B6F3A0B8C3469AA34F8 c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
    [-] 2009-02-09 10:01 401408 24B5D53B9ACCC1E2EDCF0A878D6659D4 c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll
    [-] 2009-02-09 12:10 401408 6B27A5C03DFB94B4245739065431322C c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll
    [-] 2009-02-09 10:56 401408 9222562D44021B988B9F9F62207FB6F2 c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
    [-] 2004-03-06 02:16 263680 4EA08A8BBDF8DDEE0F173BB999C153C3 c:\windows\$NtServicePackUninstall$\rpcss.dll
    [-] 2002-08-29 10:00 260608 493FCBED180DCACF0B5D4C8C29949CA9 c:\windows\$NtUninstallKB823980$\rpcss.dll
    [-] 2003-07-05 17:12 202752 CB95493F46B8113362D8925AD6A5A4FA c:\windows\$NtUninstallKB824146$\rpcss.dll
    [-] 2003-08-25 18:53 260608 7A6F20EEAC4B2168451878AF9054396F c:\windows\$NtUninstallKB828741$\rpcss.dll
    [-] 2004-08-04 07:56 395776 5C83A4408604F737717AB96371201680 c:\windows\$NtUninstallKB873333$\rpcss.dll
    [-] 2005-01-14 08:55 395776 419899803CA479B73B02390318C787C0 c:\windows\$NtUninstallKB894391$\rpcss.dll
    [-] 2005-04-28 19:31 395776 C8061F289E000703E7672916B7FE1571 c:\windows\$NtUninstallKB902400$\rpcss.dll
    [-] 2005-07-26 04:39 397824 CE94A2BD25E3E9F4D46A7373FF455C6D c:\windows\$NtUninstallKB956572$\rpcss.dll
    [-] 2004-08-04 07:56 395776 5C83A4408604F737717AB96371201680 c:\windows\ServicePackFiles\i386\rpcss.dll
    [-] 2008-04-14 00:12 399360 2589FE6015A316C0F5D5112B4DA7B509 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\rpcss.dll
    [-] 2009-02-09 10:20 399360 01095FEBF33BEEA00C2A0730B9B3EC28 c:\windows\SYSTEM32\rpcss.dll
    [-] 2009-02-09 10:20 399360 01095FEBF33BEEA00C2A0730B9B3EC28 c:\windows\SYSTEM32\DLLCACHE\rpcss.dll

    [-] 2003-10-21 23:06 32256 41C5F3B926942EBDD35C6BF4154FE5F8 c:\windows\$NtServicePackUninstall$\msgsvc.dll
    [-] 2002-08-29 10:00 34304 A81487520F11F65BF270D50EE29887B2 c:\windows\$NtUninstallKB828035$\msgsvc.dll
    [-] 2004-08-04 07:56 33792 95FD808E4AC22ABA025A7B3EAC0375D2 c:\windows\ServicePackFiles\i386\msgsvc.dll
    [-] 2008-04-14 00:11 33792 986B1FF5814366D71E0AC5755C88F2D3 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\msgsvc.dll
    [-] 2004-08-04 07:56 33792 95FD808E4AC22ABA025A7B3EAC0375D2 c:\windows\SYSTEM32\msgsvc.dll
    [-] 2004-08-04 07:56 33792 95FD808E4AC22ABA025A7B3EAC0375D2 c:\windows\SYSTEM32\DLLCACHE\msgsvc.dll

    [-] 2002-08-29 10:00 557056 0B5D337119929505EE72D4E4A41ED1FD c:\windows\$NtServicePackUninstall$\comctl32.dll
    [-] 2004-08-04 07:56 611328 A77DFB85FAEE49D66C74DA6024EBC69B c:\windows\$NtUninstallKB923191$\comctl32.dll
    [-] 2004-08-04 07:56 611328 A77DFB85FAEE49D66C74DA6024EBC69B c:\windows\ServicePackFiles\i386\comctl32.dll
    [-] 2008-04-14 00:11 617472 06F247492BC786CE5C24A23E178C711A c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\comctl32.dll
    [-] 2008-04-14 00:12 1054208 BD38D1EBE24A46BD3EDA059560AFBA12 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\asms\60\msft\windows\common\controls\comctl32.dll
    [-] 2006-08-25 15:45 617472 B0124CB21D28B1C9F678B566B6B57D92 c:\windows\SYSTEM32\comctl32.dll
    [-] 2006-08-25 15:45 617472 B0124CB21D28B1C9F678B566B6B57D92 c:\windows\SYSTEM32\DLLCACHE\comctl32.dll
    [-] 2002-08-29 10:00 921088 AEF3D788DBF40C7C4D204EA45EB0C505 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\COMCTL32.DLL
    [-] 2002-08-29 10:00 921600 76B90BD220F1B1CC9E183C6B1AE9FBB4 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\COMCTL32.DLL
    [-] 2004-04-16 22:56 921600 A7B3F3FB365B8B3B29C7C7322392C765 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll
    [-] 2004-08-04 07:57 1050624 5AF68A5E44734A082442668E9C787743 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
    [-] 2006-08-25 15:45 1054208 C4E80875C1CF1222FC5EFD0314AE5C01 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    [-] 2002-08-29 10:00 11648 9859C0F6936E723E4892D7141B1327D5 c:\windows\SYSTEM32\DLLCACHE\acpiec.sys
    [-] 2002-08-29 10:00 11648 9859C0F6936E723E4892D7141B1327D5 c:\windows\SYSTEM32\DRIVERS\ACPIEC.SYS

    [-] 2002-08-29 10:00 4096 52BB2A508CB3EB8AAA5F6F142F5B73D6 c:\windows\$NtServicePackUninstall$\sfc.dll
    [-] 2004-08-04 07:56 5120 E8A12A12EA9088B4327D49EDCA3ADD3E c:\windows\ServicePackFiles\i386\sfc.dll
    [-] 2008-04-14 00:12 5120 96E1C926F22EE1BFBAE82901A35F6BF3 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sfc.dll
    [-] 2004-08-04 07:56 5120 E8A12A12EA9088B4327D49EDCA3ADD3E c:\windows\SYSTEM32\sfc.dll
    [-] 2004-08-04 07:56 5120 E8A12A12EA9088B4327D49EDCA3ADD3E c:\windows\SYSTEM32\DLLCACHE\sfc.dll

    [-] 2002-08-29 10:00 399360 3ADD563ED7A1C66E6F5E0F7A661AA96D c:\windows\$NtServicePackUninstall$\netlogon.dll
    [-] 2004-08-04 07:56 407040 96353FCECBA774BB8DA74A1C6507015A c:\windows\ServicePackFiles\i386\netlogon.dll
    [7] 2009-02-06 18:46 408064 6C476D33D82F1054849790181E8F7772 c:\windows\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\sp2qfe\netlogon.dll
    [-] 2008-04-14 00:12 407040 1B7F071C51B77C272875C3A23E1E4550 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
    [-] 2004-08-04 07:56 407040 96353FCECBA774BB8DA74A1C6507015A c:\windows\SYSTEM32\netlogon.dll
    [-] 2004-08-04 07:56 407040 96353FCECBA774BB8DA74A1C6507015A c:\windows\SYSTEM32\DLLCACHE\netlogon.dll

    [-] 2004-07-01 22:08 361984 696AC82FB290A03F205901442E0E9589 c:\windows\$NtServicePackUninstall$\qmgr.dll
    [-] 2002-08-29 10:00 221696 6A1CF14D0E7D0B2241F552223769C8A7 c:\windows\$NtUninstallKB842773$\qmgr.dll
    [-] 2004-08-04 07:56 382464 2C69EC7E5A311334D10DD95F338FCCEA c:\windows\ServicePackFiles\i386\qmgr.dll
    [-] 2008-04-14 00:12 409088 574738F61FCA2935F5265DC4E5691314 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\qmgr.dll
    [-] 2004-08-04 07:56 382464 2C69EC7E5A311334D10DD95F338FCCEA c:\windows\SYSTEM32\qmgr.dll
    [-] 2004-07-01 22:08 361984 696AC82FB290A03F205901442E0E9589 c:\windows\SYSTEM32\bits\qmgr.dll
    [-] 2004-08-04 07:56 382464 2C69EC7E5A311334D10DD95F338FCCEA c:\windows\SYSTEM32\DLLCACHE\qmgr.dll

    [-] 2002-08-29 10:00 174592 97418A5C642A5C748A28BD7CF6860B57 c:\windows\$NtServicePackUninstall$\scecli.dll
    [-] 2004-08-04 07:56 180224 0F78E27F563F2AAF74B91A49E2ABF19A c:\windows\ServicePackFiles\i386\scecli.dll
    [-] 2008-04-14 00:12 181248 A86BB5E61BF3E39B62AB4C7E7085A084 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll
    [-] 2004-08-04 07:56 180224 0F78E27F563F2AAF74B91A49E2ABF19A c:\windows\SYSTEM32\scecli.dll
    [-] 2004-08-04 07:56 180224 0F78E27F563F2AAF74B91A49E2ABF19A c:\windows\SYSTEM32\DLLCACHE\scecli.dll

    [-] 2002-08-29 10:00 49152 BF3C8CF53C77B48206B39910B6D6CBCC c:\windows\$NtServicePackUninstall$\eventlog.dll
    [-] 2004-08-04 07:56 55808 82B24CB70E5944E6E34662205A2A5B78 c:\windows\ServicePackFiles\i386\eventlog.dll
    [-] 2008-04-14 00:11 56320 6D4FEB43EE538FC5428CC7F0565AA656 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
    [-] 2004-08-04 07:56 55808 82B24CB70E5944E6E34662205A2A5B78 c:\windows\SYSTEM32\eventlog.dll
    [-] 2004-08-04 07:56 55808 82B24CB70E5944E6E34662205A2A5B78 c:\windows\SYSTEM32\DLLCACHE\eventlog.dll

    [-] 2002-08-29 10:00 13568 03F403B07A884FC2AA54A0916C410931 c:\windows\$NtServicePackUninstall$\asyncmac.sys
    [-] 2004-08-04 06:05 14336 02000ABF34AF4C218C35D257024807D6 c:\windows\ServicePackFiles\i386\asyncmac.sys
    [-] 2008-04-13 18:57 14336 B153AFFAC761E7F5FCFA822B9C4E97BC c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\asyncmac.sys
    [-] 2004-08-04 06:05 14336 02000ABF34AF4C218C35D257024807D6 c:\windows\SYSTEM32\DLLCACHE\asyncmac.sys
    [-] 2004-08-04 06:05 14336 02000ABF34AF4C218C35D257024807D6 c:\windows\SYSTEM32\DRIVERS\asyncmac.sys

    [-] 2007-02-09 11:23 574976 05AB81909514BFD69CBB1F2C147CF6B9 c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys
    [-] 2002-08-29 10:00 561920 E3AE9C79498210A5F39FE5A9AD62BC55 c:\windows\$NtServicePackUninstall$\ntfs.sys
    [-] 2004-08-04 06:15 574592 B78BE402C3F63DD55521F73876951CDD c:\windows\$NtUninstallKB930916$\ntfs.sys
    [-] 2004-08-04 06:15 574592 B78BE402C3F63DD55521F73876951CDD c:\windows\ServicePackFiles\i386\ntfs.sys
    [-] 2008-04-13 19:15 574976 78A08DD6A8D65E697C18E1DB01C5CDCA c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntfs.sys
    [-] 2007-02-09 11:10 574464 19A811EF5F1ED5C926A028CE107FF1AF c:\windows\SYSTEM32\DLLCACHE\ntfs.sys
    [-] 2007-02-09 11:10 574464 19A811EF5F1ED5C926A028CE107FF1AF c:\windows\SYSTEM32\DRIVERS\ntfs.sys

    [-] 2002-11-27 01:03 52224 36678803A8030EE9A771935CFC1848BD c:\windows\$NtServicePackUninstall$\mspmsnsv.dll
    [-] 2004-08-04 07:56 52224 C086483E3DBA8C1C0A687EC8D5B3D4C1 c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
    [-] 2002-11-27 01:03 52224 36678803A8030EE9A771935CFC1848BD c:\windows\RegisteredPackages\{A0000BA0-97AD-43FB-8A05-3542C3AB99CD}\mspmsnsv.dll
    [-] 2004-08-04 07:56 52224 C086483E3DBA8C1C0A687EC8D5B3D4C1 c:\windows\ServicePackFiles\i386\mspmsnsv.dll
    [-] 2006-10-19 03:47 27136 C51B4A5C05A5475708E3C81C7765B71D c:\windows\SYSTEM32\mspmsnsv.dll
    [-] 2006-10-19 03:47 27136 C51B4A5C05A5475708E3C81C7765B71D c:\windows\SYSTEM32\DLLCACHE\mspmsnsv.dll

    [-] 2004-08-04 07:56 129536 EEF46DAB68229A14DA3D8E73C99E2959 c:\windows\ServicePackFiles\i386\xmlprov.dll
    [-] 2008-04-14 00:12 129024 295D21F14C335B53CB8154E5B1F892B9 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\xmlprov.dll
    [-] 2004-08-04 07:56 129536 EEF46DAB68229A14DA3D8E73C99E2959 c:\windows\SYSTEM32\xmlprov.dll
    [-] 2004-08-04 07:56 129536 EEF46DAB68229A14DA3D8E73C99E2959 c:\windows\SYSTEM32\DLLCACHE\xmlprov.dll

    [-] 2003-03-25 21:40 53760 8B6DA0009AB7B3B8A5E9E28015A32EA7 c:\windows\$NtServicePackUninstall$\cryptsvc.dll
    [-] 2002-08-29 10:00 53248 41C70161BFCB17E7E12ED89BADD2AEF4 c:\windows\$NtUninstallQ817287$\cryptsvc.dll
    [-] 2004-08-04 07:56 60416 10654F9DDCEA9C46CFB77554231BE73B c:\windows\ServicePackFiles\i386\cryptsvc.dll
    [-] 2008-04-14 00:11 62464 3D4E199942E29207970E04315D02AD3B c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\cryptsvc.dll
    [-] 2004-08-04 07:56 60416 10654F9DDCEA9C46CFB77554231BE73B c:\windows\SYSTEM32\cryptsvc.dll
    [-] 2004-08-04 07:56 60416 10654F9DDCEA9C46CFB77554231BE73B c:\windows\SYSTEM32\DLLCACHE\cryptsvc.dll

    [-] 2002-08-29 10:00 49152 3671D928554E124A8AC326A1769F2FFB c:\windows\$NtServicePackUninstall$\browser.dll
    [-] 2004-08-04 07:56 77312 E3CFCCDDA4EDD1D0DC9168B2E18F27B8 c:\windows\ServicePackFiles\i386\browser.dll
    [-] 2008-04-14 00:11 77824 A06CE3399D16DB864F55FAEB1F1927A9 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\browser.dll
    [-] 2004-08-04 07:56 77312 E3CFCCDDA4EDD1D0DC9168B2E18F27B8 c:\windows\SYSTEM32\browser.dll
    [-] 2004-08-04 07:56 77312 E3CFCCDDA4EDD1D0DC9168B2E18F27B8 c:\windows\SYSTEM32\DLLCACHE\browser.dll

    [-] 2005-07-08 16:28 249344 1418A3A6E76E5A2E3F5E43866E793A8B c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
    [-] 2002-08-29 10:00 233984 9B3A213B6591A79EBABBFB4E4EA0A23E c:\windows\$NtServicePackUninstall$\tapisrv.dll
    [-] 2004-08-04 07:56 246272 EB4A4187D74A8EFDCBEA3EA2CB1BDFBD c:\windows\$NtUninstallKB893756$\tapisrv.dll
    [-] 2004-08-04 07:56 246272 EB4A4187D74A8EFDCBEA3EA2CB1BDFBD c:\windows\ServicePackFiles\i386\tapisrv.dll
    [-] 2008-04-14 00:12 249856 3CB78C17BB664637787C9A1C98F79C38 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tapisrv.dll
    [-] 2005-07-08 16:27 249344 FB78839B36025AA286A51289ED28B73E c:\windows\SYSTEM32\tapisrv.dll
    [-] 2005-07-08 16:27 249344 FB78839B36025AA286A51289ED28B73E c:\windows\SYSTEM32\DLLCACHE\tapisrv.dll

    [-] 2008-06-20 17:36 245248 1DFCA7713EA5A70D5D93B436AEA0317A c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
    [-] 2008-06-20 17:46 245248 832E4DD8964AB7ACC880B2837CB1ED20 c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
    [-] 2008-06-20 17:43 245248 FCEE5FCB99F7C724593365C706D28388 c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
    [-] 2002-08-29 10:00 228352 18A8BE5A66B93F9C9615F7D4C148EDE2 c:\windows\$NtServicePackUninstall$\mswsock.dll
    [-] 2004-08-04 07:56 245248 4E74AF063C3271FBEA20DD940CFD1184 c:\windows\$NtUninstallKB951748$\mswsock.dll
    [-] 2004-08-04 07:56 245248 4E74AF063C3271FBEA20DD940CFD1184 c:\windows\ServicePackFiles\i386\mswsock.dll
    [-] 2008-04-14 00:12 245248 B4138E99236F0F57D4CF49BAE98A0746 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\mswsock.dll
    [-] 2008-06-20 17:41 245248 097722F235A1FB698BF9234E01B52637 c:\windows\SYSTEM32\mswsock.dll
    [-] 2008-06-20 17:41 245248 097722F235A1FB698BF9234E01B52637 c:\windows\SYSTEM32\DLLCACHE\mswsock.dll

    [-] 2005-08-22 18:24 197632 3516D8A18B36784B1005B950B84232E1 c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
    [-] 2002-08-29 10:00 154112 E7FF9267BBEB1386975278A27378526F c:\windows\$NtServicePackUninstall$\netman.dll
    [-] 2004-08-04 07:56 198144 DAB9E6C7105D2EF49876FE92C524F565 c:\windows\$NtUninstallKB905414$\netman.dll
    [-] 2004-08-04 07:56 198144 DAB9E6C7105D2EF49876FE92C524F565 c:\windows\ServicePackFiles\i386\netman.dll
    [-] 2008-04-14 00:12 198144 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netman.dll
    [-] 2005-08-22 18:29 197632 36739B39267914BA69AD0610A0299732 c:\windows\SYSTEM32\netman.dll
    [-] 2005-08-22 18:29 197632 36739B39267914BA69AD0610A0299732 c:\windows\SYSTEM32\DLLCACHE\netman.dll

    [-] 2005-07-26 04:20 243200 95F5FEA4C6DE2C3F28784D0DCC8F0DD3 c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
    [-] 2008-07-07 20:06 253952 A4AB3DCA4A383F0DF4988ABDEB84F9A4 c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
    [-] 2008-07-07 20:26 253952 D4991D98F2DB73C60D042F1AEF79EFAE c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
    [-] 2008-07-07 20:23 253952 F17F6226BDC0CD5F0BEF0DAF84D29BEC c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
    [-] 2004-03-06 02:16 226816 B748D0ABBACD362052D4D61DCD562289 c:\windows\$NtServicePackUninstall$\es.dll
    [-] 2002-08-29 10:00 225280 C9702DDD814C39DC1254CF757C31C6E4 c:\windows\$NtUninstallKB828741$\es.dll
    [-] 2004-08-04 07:56 243200 ACD36A2DD7D1E9D8A060AA651DC07E63 c:\windows\$NtUninstallKB902400$\es.dll
    [-] 2005-07-26 04:39 243200 34BBD9ACC1538818F2C878898C64E793 c:\windows\$NtUninstallKB950974$\es.dll
    [-] 2004-08-04 07:56 243200 ACD36A2DD7D1E9D8A060AA651DC07E63 c:\windows\ServicePackFiles\i386\es.dll
    [-] 2008-04-14 00:11 246272 19A799805B24990867B00C120D300C3A c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\es.dll
    [-] 2008-07-07 20:32 253952 60D1A6342238378BFB7545C81EE3606C c:\windows\SYSTEM32\es.dll
    [-] 2008-07-07 20:32 253952 60D1A6342238378BFB7545C81EE3606C c:\windows\SYSTEM32\DLLCACHE\es.dll

    [-] 2005-09-01 01:44 19968 648BF0B4DDE4F7A1156DAE7174D36EFA c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
    [-] 2002-08-29 10:00 15360 7D8C58C0CBB7331E9296A7357827CA8E c:\windows\$NtServicePackUninstall$\linkinfo.dll
    [-] 2004-08-04 07:56 18944 C2BBD044C741EA4292016C36F718D2E4 c:\windows\$NtUninstallKB900725$\linkinfo.dll
    [-] 2004-08-04 07:56 18944 C2BBD044C741EA4292016C36F718D2E4 c:\windows\ServicePackFiles\i386\linkinfo.dll
    [-] 2008-04-14 00:11 19968 2DC5A8019E2387987905F77C664E4BE2 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\linkinfo.dll
    [-] 2005-09-01 01:41 19968 A1A688EE56CF3BBD24EDEB815D48E9BA c:\windows\SYSTEM32\linkinfo.dll
    [-] 2005-09-01 01:41 19968 A1A688EE56CF3BBD24EDEB815D48E9BA c:\windows\SYSTEM32\DLLCACHE\linkinfo.dll

    [-] 2002-08-29 10:00 43008 75B5821307B2F4491F9ED06732366872 c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
    [-] 2004-08-04 07:56 71680 4B8D61792F7175BED48859CC18CE4E38 c:\windows\ServicePackFiles\i386\ssdpsrv.dll
    [-] 2008-04-14 00:12 71680 0A5679B3714EDAB99E357057EE88FCA6 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ssdpsrv.dll
    [-] 2004-08-04 07:56 71680 4B8D61792F7175BED48859CC18CE4E38 c:\windows\SYSTEM32\ssdpsrv.dll
    [-] 2004-08-04 07:56 71680 4B8D61792F7175BED48859CC18CE4E38 c:\windows\SYSTEM32\DLLCACHE\ssdpsrv.dll

    [-] 2007-02-05 20:19 185344 36ACA6CDC19C95FF468A1426EB7F32F0 c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
    [-] 2002-08-29 10:00 164864 848CE0601B58410FF2DFB6BC8449AFE7 c:\windows\$NtServicePackUninstall$\upnphost.dll
    [-] 2004-08-04 07:56 185344 0546477BDE979E33294FE97F6B3DE84A c:\windows\$NtUninstallKB931261$\upnphost.dll
    [-] 2004-08-04 07:56 185344 0546477BDE979E33294FE97F6B3DE84A c:\windows\ServicePackFiles\i386\upnphost.dll
    [-] 2008-04-14 00:12 185856 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\upnphost.dll
    [-] 2007-02-05 20:17 185344 ACA5D98663D879C6BAAFCEA7E2F1B710 c:\windows\SYSTEM32\upnphost.dll
    [-] 2007-02-05 20:17 185344 ACA5D98663D879C6BAAFCEA7E2F1B710 c:\windows\SYSTEM32\DLLCACHE\upnphost.dll

    [-] 2002-08-29 10:00 158720 38E9CFAC7881435764051FD7B1F010FB c:\windows\$NtServicePackUninstall$\srsvc.dll
    [-] 2004-08-04 07:56 170496 92BDF74F12D6CBEC43C94D4B7F804838 c:\windows\ServicePackFiles\i386\srsvc.dll
    [-] 2008-04-14 00:12 171008 3805DF0AC4296A34BA4BF93B346CC378 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\srsvc.dll
    [-] 2004-08-04 07:56 170496 92BDF74F12D6CBEC43C94D4B7F804838 c:\windows\SYSTEM32\srsvc.dll
    [-] 2004-08-04 07:56 170496 92BDF74F12D6CBEC43C94D4B7F804838 c:\windows\SYSTEM32\DLLCACHE\srsvc.dll

    [-] 2004-08-04 07:56 13824 49911DD39E023BB6C45E4E436CFBD297 c:\windows\ServicePackFiles\i386\wscntfy.exe
    [-] 2008-04-14 00:12 13824 F92E1076C42FCD6DB3D72D8CFE9816D5 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\wscntfy.exe
    [-] 2004-08-04 07:56 13824 49911DD39E023BB6C45E4E436CFBD297 c:\windows\SYSTEM32\wscntfy.exe
    [-] 2004-08-04 07:56 13824 49911DD39E023BB6C45E4E436CFBD297 c:\windows\SYSTEM32\DLLCACHE\wscntfy.exe

    [-] 2002-08-29 10:00 392704 AAC49EF5C84A2EBD7409A51A1B65C542 c:\windows\$NtServicePackUninstall$\ntmssvc.dll
    [-] 2004-08-04 07:56 435200 B62F29C00AC55A761B2E45877D85EA0F c:\windows\ServicePackFiles\i386\ntmssvc.dll
    [-] 2008-04-14 00:12 435200 156F64A3345BD23C600655FB4D10BC08 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntmssvc.dll
    [-] 2004-08-04 07:56 435200 B62F29C00AC55A761B2E45877D85EA0F c:\windows\SYSTEM32\ntmssvc.dll
    [-] 2004-08-04 07:56 435200 B62F29C00AC55A761B2E45877D85EA0F c:\windows\SYSTEM32\DLLCACHE\ntmssvc.dll

    [-] 2002-08-29 10:00 82944 442ED09256E1D55D128219CF1AB27554 c:\windows\$NtServicePackUninstall$\rasauto.dll
    [-] 2004-08-04 07:56 89088 44DB7A9BDD2FB58747D123FBF1D35ADB c:\windows\ServicePackFiles\i386\rasauto.dll
    [-] 2008-04-14 00:12 88576 AD188BE7BDF94E8DF4CA0A55C00A5073 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\rasauto.dll
    [-] 2004-08-04 07:56 89088 44DB7A9BDD2FB58747D123FBF1D35ADB c:\windows\SYSTEM32\rasauto.dll
    [-] 2004-08-04 07:56 89088 44DB7A9BDD2FB58747D123FBF1D35ADB c:\windows\SYSTEM32\DLLCACHE\rasauto.dll

    [-] 2002-08-29 10:00 1157632 2564949DBE5F643F50913BBE45D346E2 c:\windows\$NtServicePackUninstall$\sfcfiles.dll
    [-] 2004-08-04 07:56 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 c:\windows\ServicePackFiles\i386\sfcfiles.dll
    [-] 2008-04-14 00:12 1614848 9DD07AF82244867CA36681EA2D29CE79 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sfcfiles.dll
    [-] 2004-08-04 07:56 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 c:\windows\SYSTEM32\sfcfiles.dll
    [-] 2004-08-04 07:56 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 c:\windows\SYSTEM32\DLLCACHE\sfcfiles.dll

    [-] 2004-06-08 22:02 172544 08D72F6490CD85AA1C12EF3B56299936 c:\windows\$NtServicePackUninstall$\schedsvc.dll
    [-] 2002-08-29 10:00 159232 719B05113003A1934EA25EA1FED68C85 c:\windows\$NtUninstallKB841873$\schedsvc.dll
    [-] 2004-08-04 07:56 190976 92360854316611F6CC471612213C3D92 c:\windows\ServicePackFiles\i386\schedsvc.dll
    [-] 2008-04-14 00:12 192512 0A9A7365A1CA4319AA7C1D6CD8E4EAFA c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\schedsvc.dll
    [-] 2004-08-04 07:56 190976 92360854316611F6CC471612213C3D92 c:\windows\SYSTEM32\schedsvc.dll
    [-] 2004-08-04 07:56 190976 92360854316611F6CC471612213C3D92 c:\windows\SYSTEM32\DLLCACHE\schedsvc.dll

    [-] 2002-08-29 10:00 51712 9DF4527D53613601D3F79946EAA1DCB1 c:\windows\$NtServicePackUninstall$\regsvc.dll
    [-] 2004-08-04 07:56 59904 3151427DB7D87107D1C5BE58FAC53960 c:\windows\ServicePackFiles\i386\regsvc.dll
    [-] 2008-04-14 00:12 59904 5B19B557B0C188210A56A6B699D90B8F c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\regsvc.dll
    [-] 2004-08-04 07:56 59904 3151427DB7D87107D1C5BE58FAC53960 c:\windows\SYSTEM32\regsvc.dll
    [-] 2004-08-04 07:56 59904 3151427DB7D87107D1C5BE58FAC53960 c:\windows\SYSTEM32\DLLCACHE\regsvc.dll

    [-] 2006-12-19 21:50 135168 53D9184A21C5CBF600D918E51EF3A7E5 c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
    [-] 2002-08-29 10:00 116224 61684089A54936E40F65DA02D47A28AE c:\windows\$NtServicePackUninstall$\shsvcs.dll
    [-] 2004-08-04 07:56 134656 E7518DC542D3EBDCB80EDD98462C7821 c:\windows\$NtUninstallKB928255$\shsvcs.dll
    [-] 2004-08-04 07:56 134656 E7518DC542D3EBDCB80EDD98462C7821 c:\windows\ServicePackFiles\i386\shsvcs.dll
    [-] 2008-04-14 00:12 135168 1926899BF9FFE2602B63074971700412 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\shsvcs.dll
    [-] 2006-12-19 21:52 134656 6815DEF9B810AEFAC107EEAF72DA6F82 c:\windows\SYSTEM32\shsvcs.dll
    [-] 2006-12-19 21:52 134656 6815DEF9B810AEFAC107EEAF72DA6F82 c:\windows\SYSTEM32\DLLCACHE\shsvcs.dll

    [-] 2006-02-15 00:30 142464 1EE7B434BA961EF845DE136224C30FEC c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
    [-] 2002-08-29 04:16 142208 FF773FEDA15E8BD97FD54FE87A0ACDBE c:\windows\$NtServicePackUninstall$\aec.sys
    [-] 2004-08-04 05:39 142464 841F385C6CFAF66B58FBD898722BB4F0 c:\windows\$NtUninstallKB900485$\aec.sys
    [-] 2006-02-15 00:22 142464 1EE7B434BA961EF845DE136224C30FEC c:\windows\Driver Cache\I386\aec.sys
    [-] 2004-08-04 05:39 142464 841F385C6CFAF66B58FBD898722BB4F0 c:\windows\ServicePackFiles\i386\aec.sys
    [-] 2008-04-13 16:39 142592 8BED39E3C35D6A489438B8141717A557 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\aec.sys
    [-] 2006-02-15 00:22 142464 1EE7B434BA961EF845DE136224C30FEC c:\windows\SYSTEM32\DLLCACHE\aec.sys
    [-] 2006-02-15 00:22 142464 1EE7B434BA961EF845DE136224C30FEC c:\windows\SYSTEM32\DRIVERS\aec.sys

    [-] 2002-08-29 10:00 156672 AE0BDD0E65987747988861103B50FA4F c:\windows\$NtServicePackUninstall$\appmgmts.dll
    [-] 2004-08-04 07:56 167936 9C3C12975C97119412802B181FBEEFFE c:\windows\ServicePackFiles\i386\appmgmts.dll
    [-] 2008-04-14 00:11 167936 D8849F77C0B66226335A59D26CB4EDC6 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\appmgmts.dll
    [-] 2004-08-04 07:56 167936 9C3C12975C97119412802B181FBEEFFE c:\windows\SYSTEM32\appmgmts.dll
    [-] 2004-08-04 07:56 167936 9C3C12975C97119412802B181FBEEFFE c:\windows\SYSTEM32\DLLCACHE\appmgmts.dll
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
    "OM_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2005-11-30 57344]
    "AbacastDistributedOnDemand:11"="c:\documents and settings\Mary\Local Settings\Application Data\AbacastDistributedOnDemand\Node\11\AbacastDistributedOnDemand.exe" [2008-09-30 54776]
    "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\WCESCOMM.EXE" [2003-04-22 413775]
    "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy162-8-10-2009\TeaTimer.exe" [2009-03-05 2260480]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-04-01 5562368]
    "diagent"="c:\program files\Creative\SBLive\Diagnostics\diagent.exe" [2002-04-03 135264]
    "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
    "DVDSentry"="c:\windows\System32\DSentry.exe" [2002-08-14 28672]
    "MMTray"="c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2004-07-01 131072]
    "AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 684032]
    "Dell AIO Printer A940"="c:\program files\Dell AIO Printer A940\dlbabmgr.exe" [2003-02-17 86102]
    "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "Atari Launcher"="c:\program files\Hasbro Interactive\Atari Arcade Hits 1\Atari icon.exe" [1999-06-25 49664]
    "mmtask"="c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" [2004-07-01 53248]
    "ViewMgr"="c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe" [2004-11-12 106557]
    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-03-02 180269]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-04-01 86016]
    "SiteAdvisor"="c:\program files\SiteAdvisor\6172\SiteAdv.exe" [2006-12-20 36952]
    "OM_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master\FirstStart.exe" [2005-11-30 40960]
    "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-01-09 645328]
    "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
    "nwiz"="nwiz.exe" - c:\windows\SYSTEM32\nwiz.exe [2005-04-01 1495040]

    c:\documents and settings\Ramsey\Start Menu\Programs\Startup\
    PowerReg Scheduler V3.exe [2004-4-11 229376]

    c:\documents and settings\Mary\Start Menu\Programs\Startup\
    PowerReg Scheduler.exe [2004-6-30 256000]

    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2005-11-4 176128]
    KODAK Software Updater.lnk - c:\program files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-2-13 16423]
    Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ lsdelete

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
    "c:\\Program Files\\Microsoft ActiveSync\\WCESCOMM.EXE"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
    "c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
    "c:\\Documents and Settings\\Mary\\Local Settings\\Application Data\\AbacastDistributedOnDemand\\Node\\11\\AbacastDistributedOnDemand.exe"=

    R2 RioPNP;RioPNP;c:\windows\SYSTEM32\DRIVERS\RioPnP.sys [5/24/2006 12:17 AM 6736]
    S3 gel90xne;gel90xne;\??\c:\docume~1\Mary\LOCALS~1\Temp\gel90xne.sys --> c:\docume~1\Mary\LOCALS~1\Temp\gel90xne.sys [?]
    S3 RioDrv;Rio600 driver;c:\windows\SYSTEM32\DRIVERS\riodrv.sys [8/29/2002 5:00 AM 12032]
    .
    Contents of the 'Scheduled Tasks' folder

    2009-07-05 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

    2008-11-15 c:\windows\Tasks\McDefragTask.job
    - c:\program files\mcafee\mqc\QcConsol.exe [2007-01-17 15:53]

    2009-08-01 c:\windows\Tasks\McQcTask.job
    - c:\program files\mcafee\mqc\QcConsol.exe [2007-01-17 15:53]

    2009-09-03 c:\windows\Tasks\WGASetup.job
    - c:\windows\system32\KB905474\wgasetup.exe [2009-05-06 03:18]
    .
    - - - - ORPHANS REMOVED - - - -

    HKCU-Run-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe


    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.my.yahoo.com/
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = *.local
    IE: {{10F055B8-F443-4adf-948A-EC551E9DBCE4} - c:\documents and settings\Mary\Start Menu\Programs\UltimateBet\UltimateBet.lnk
    Trusted Zone: internet
    Trusted Zone: mcafee.com
    DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
    DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-09-03 09:13
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...


    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'explorer.exe'(3380)
    c:\docume~1\Mary\LOCALS~1\Temp\IadHide5.dll
    c:\program files\SiteAdvisor\6172\saHook.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files\Lavasoft\Ad-Aware\aawservice.exe
    c:\windows\SYSTEM32\LEXBCES.EXE
    c:\windows\SYSTEM32\LEXPPS.EXE
    c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\windows\SYSTEM32\CTsvcCDA.EXE
    c:\progra~1\McAfee\MSC\mcmscsvc.exe
    c:\program files\Common Files\McAfee\MNA\McNASvc.exe
    c:\progra~1\COMMON~1\McAfee\McProxy\McProxy.exe
    c:\progra~1\McAfee\VIRUSS~1\Mcshield.exe
    c:\program files\McAfee\MPF\MpfSrv.exe
    c:\windows\SYSTEM32\nvsvc32.exe
    c:\windows\SYSTEM32\MsPMSPSv.exe
    c:\program files\Dell AIO Printer A940\dlbabmon.exe
    c:\program files\iPod\bin\iPodService.exe
    c:\progra~1\Yahoo!\MESSEN~1\Ymsgr_tray.exe
    c:\windows\SYSTEM32\wscntfy.exe
    .
    **************************************************************************
    .
    Completion time: 2009-09-03 9:26 - machine was rebooted
    ComboFix-quarantined-files.txt 2009-09-03 14:25

    Pre-Run: 52,013,998,080 bytes free
    Post-Run: 52,600,180,736 bytes free

    WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
    [spybotsd]
    timeout.old=30

    1604 --- E O F --- 2009-09-03 03:36

  5. #45
    Senior Member
    Join Date
    Jul 2009
    Posts
    101

    Default

    I'll send dds.txt log next.

  6. #46
    Senior Member
    Join Date
    Jul 2009
    Posts
    101

    Default

    Here's the dds log:



    DDS (Ver_09-07-30.01) - NTFSx86
    Run by Mary at 10:11:04.84 on Thu 09/03/2009
    Internet Explorer: 7.0.5730.13
    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.69 [GMT -5:00]

    AV: McAfee VirusScan *On-access scanning disabled* (Outdated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
    FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    C:\WINDOWS\System32\MsPMSPSv.exe
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\System32\DSentry.exe
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
    C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Hasbro Interactive\Atari Arcade Hits 1\Atari icon.exe
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\Documents and Settings\Mary\Local Settings\Application Data\AbacastDistributedOnDemand\Node\11\AbacastDistributedOnDemand.exe
    C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
    C:\Documents and Settings\Mary\Desktop\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.my.yahoo.com/
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = *.local
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy162-8-10-2009\SDHelper.dll
    TB: Yahoo! Companion: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\ycomp5_3_19_0.dll
    TB: McAfee SiteAdvisor: {0bf43445-2f28-4351-9252-17fe6e806aa0} - c:\program files\siteadvisor\6253\SiteAdv.dll
    TB: Merriam-Webster Online: {b7b76dd6-b6f0-4443-af81-6a3ecf12a57d} - c:\windows\_MWOLTB.DLL
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
    TB: {11359F4A-B191-42D7-905A-594F8CF0387B} - No File
    uRun: [Yahoo! Pager] "c:\progra~1\yahoo!\messen~1\YAHOOM~1.EXE" -quiet
    uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
    uRun: [OM_Monitor] c:\program files\olympus\olympus master\Monitor.exe -NoStart
    uRun: [AbacastDistributedOnDemand:11] c:\documents and settings\mary\local settings\application data\abacastdistributedondemand\node\11\AbacastDistributedOnDemand.exe -r:11 -x:1
    uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\WCESCOMM.EXE"
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy162-8-10-2009\TeaTimer.exe
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~2.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6; .NET CLR 1.0.3705; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.msnbc.msn.com/id/20044245/ns/entertainment-comics_games_news_of_the_weird/?cat=uj"
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [diagent] "c:\program files\creative\sblive\diagnostics\diagent.exe" startup
    mRun: [UpdReg] c:\windows\UpdReg.EXE
    mRun: [DVDSentry] c:\windows\system32\DSentry.exe
    mRun: [MMTray] c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe
    mRun: [AdaptecDirectCD] "c:\program files\roxio\easy cd creator 5\directcd\DirectCD.exe"
    mRun: [Dell AIO Printer A940] "c:\program files\dell aio printer a940\dlbabmgr.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
    mRun: [Atari Launcher] c:\program files\hasbro interactive\atari arcade hits 1\Atari icon.exe
    mRun: [mmtask] c:\program files\musicmatch\musicmatch jukebox\mmtask.exe
    mRun: [ViewMgr] c:\program files\viewpoint\viewpoint manager\ViewMgr.exe
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
    mRun: [nwiz] nwiz.exe /install
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [SiteAdvisor] c:\program files\siteadvisor\6172\SiteAdv.exe
    mRun: [OM_Monitor] c:\program files\olympus\olympus master\FirstStart.exe
    mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
    mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    StartupFolder: c:\documents and settings\mary\start menu\programs\startup\PowerReg Scheduler.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodaks~1.lnk - c:\program files\kodak\kodak software updater\7288971\program\Kodak Software Updater.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
    mPolicies-explorer: <NO NAME> =
    IE: {10F055B8-F443-4adf-948A-EC551E9DBCE4} - c:\documents and settings\mary\start menu\programs\ultimatebet\UltimateBet.lnk
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
    IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INETREPL.DLL
    IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INETREPL.DLL
    IE: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - {4C171D40-8277-11D5-AD55-00010333D0AD} - c:\program files\yahoo!\messenger\yhexbmes0411.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy162-8-10-2009\SDHelper.dll
    Trusted Zone: internet
    Trusted Zone: mcafee.com
    DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
    DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
    DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
    DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} - hxxp://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
    DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} - hxxp://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
    DPF: {41F17733-B041-4099-A042-B518BB6A408C} - hxxp://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/bonnie/us/win/QuickTimeInstaller.exe
    DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,73/mcinsctl.cab
    DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} - hxxp://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
    DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156782442455
    DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} - hxxp://cid-46c60f1cf692a806.spaces.live.com/PhotoUpload/MsnPUpld.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3}
    DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} - hxxp://cdn2.zone.msn.com/binframework/v10/ZAxRcMgr.cab31267.cab
    DPF: {ABB660B6-6694-407B-950A-EDBA5A159722}
    DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
    DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,16/mcgdmgr.cab
    DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} - hxxp://a.download.toontown.com/sv1.0.37.7/ttinst.cab
    DPF: {C487F60B-59B9-47D9-BFDF-AB26786F8823} - hxxp://zone.msn.com/bingame/zpagames/zpa_stoo.cab62201.cab
    DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
    DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} - hxxp://zone.msn.com/binframework/v10/StProxy.cab55579.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
    Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - c:\program files\microsoft activesync\AATP.DLL
    Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - c:\program files\siteadvisor\6253\SiteAdv.dll
    WinCE Filter: image/bmp - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
    WinCE Filter: image/gif - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
    WinCE Filter: image/jpeg - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
    WinCE Filter: image/xbm - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
    WinCE Filter: text/asp - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - c:\program files\microsoft activesync\CENETFLT.DLL
    WinCE Filter: text/html - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - c:\program files\microsoft activesync\CENETFLT.DLL
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    ============= SERVICES / DRIVERS ===============

    R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2007-1-17 214024]
    R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-9-10 611664]
    R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2007-8-1 359952]
    R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2007-1-17 144704]
    R2 RioPNP;RioPNP;c:\windows\system32\drivers\RioPnP.sys [2006-5-24 6736]
    R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2007-1-17 79880]
    R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2007-1-17 35272]
    S3 gel90xne;gel90xne;\??\c:\docume~1\mary\locals~1\temp\gel90xne.sys --> c:\docume~1\mary\locals~1\temp\gel90xne.sys [?]
    S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2007-1-17 34216]
    S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2007-1-17 40552]
    S3 RioDrv;Rio600 driver;c:\windows\system32\drivers\riodrv.sys [2002-8-29 12032]
    S4 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2007-1-17 606736]

    =============== Created Last 30 ================

    2009-09-03 09:19 <DIR> --d----- c:\windows\system32\dllcache\cache
    2009-09-03 08:51 <DIR> a-dshr-- C:\cmdcons
    2009-09-03 08:47 229,888 a------- c:\windows\PEV.exe
    2009-09-03 08:47 161,792 a------- c:\windows\SWREG.exe
    2009-09-03 08:47 98,816 a------- c:\windows\sed.exe
    2009-09-03 08:47 <DIR> --ds---- C:\ComboFix3
    2009-08-28 12:34 <DIR> --d----- c:\program files\Trend Micro
    2009-08-10 09:57 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Citrix
    2009-08-10 09:53 <DIR> --d----- c:\program files\Citrix
    2009-08-10 09:52 61,224 a------- c:\documents and settings\mary\GoToAssistDownloadHelper.exe
    2009-08-10 07:11 <DIR> --d----- c:\program files\Spybot - Search & Destroy162-8-10-2009
    2009-08-07 01:35 <DIR> --d----- c:\windows\system32\XPSViewer
    2009-08-07 01:33 597,504 -------- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2009-08-07 01:33 575,488 -------- c:\windows\system32\xpsshhdr.dll
    2009-08-07 01:33 575,488 -------- c:\windows\system32\dllcache\xpsshhdr.dll
    2009-08-07 01:33 117,760 -------- c:\windows\system32\prntvpt.dll
    2009-08-07 01:33 89,088 -------- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2009-08-07 01:33 <DIR> --d----- C:\6ac41002c281cabaddbad3
    2009-08-07 01:33 1,676,288 -------- c:\windows\system32\xpssvcs.dll
    2009-08-07 01:33 1,676,288 -------- c:\windows\system32\dllcache\xpssvcs.dll
    2009-08-07 01:27 <DIR> --d----- c:\program files\MSXML 6.0
    2009-08-06 21:24 <DIR> --d-h--- c:\windows\system32\GroupPolicy
    2009-08-05 09:35 <DIR> --d----- c:\docume~1\mary\applic~1\BitZipper
    2009-08-05 09:35 <DIR> --d----- c:\program files\BitZipper
    2009-08-04 17:02 <DIR> --d----- c:\windows\system32\CatRoot

    ==================== Find3M ====================

    2009-08-26 08:11 77,688 a------- c:\docume~1\mary\applic~1\GDIPFONTCACHEV1.DAT
    2009-08-05 04:11 204,800 a------- c:\windows\system32\mswebdvd.dll
    2009-08-05 04:11 204,800 a------- c:\windows\system32\dllcache\mswebdvd.dll
    2009-07-13 23:43 10,841,088 a------- c:\windows\system32\dllcache\wmp.dll
    2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll
    2009-07-13 23:43 286,208 a------- c:\windows\system32\dllcache\wmpdxm.dll
    2009-06-16 09:55 119,808 a------- c:\windows\system32\t2embed.dll
    2009-06-16 09:55 119,808 a------- c:\windows\system32\dllcache\t2embed.dll
    2009-06-16 09:55 82,432 a------- c:\windows\system32\fontsub.dll
    2009-06-16 09:55 82,432 a------- c:\windows\system32\dllcache\fontsub.dll
    2009-06-12 06:50 80,896 a------- c:\windows\system32\tlntsess.exe
    2009-06-12 06:50 80,896 a------- c:\windows\system32\dllcache\tlntsess.exe
    2009-06-12 06:50 76,288 a------- c:\windows\system32\telnet.exe
    2009-06-12 06:50 76,288 a------- c:\windows\system32\dllcache\telnet.exe

    ============= FINISH: 10:11:48.48 ===============

  7. #47
    Senior Member
    Join Date
    Jul 2009
    Posts
    101

    Default

    Here's the dds attach log:


    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_09-07-30.01)

    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume2
    Install Date: 7/18/2003 3:48:23 PM
    System Uptime: 9/3/2009 9:10:58 AM (1 hours ago)

    Motherboard: Dell Computer Corp. | | 02Y832
    Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz | Microprocessor | 2394/533mhz

    ==== Disk Partitions =========================

    A: is Removable
    C: is FIXED (NTFS) - 74 GiB total, 49.034 GiB free.
    D: is CDROM ()
    E: is CDROM ()

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP2063: 9/1/2009 2:26:54 PM - Software Distribution Service 3.0
    RP2064: 9/1/2009 5:11:06 PM - Software Distribution Service 3.0
    RP2065: 9/1/2009 7:31:21 PM - Software Distribution Service 3.0
    RP2066: 9/2/2009 5:59:40 PM - Software Distribution Service 3.0
    RP2067: 9/2/2009 10:36:18 PM - Software Distribution Service 3.0

    ==== Installed Programs ======================

    Abacast Distributed Live

    ==== Event Viewer Messages From Past Week ========

    9/3/2009 9:13:29 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the PEVSystemStart service to connect.
    9/1/2009 2:25:35 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000003A' while processing the file '{29F8DDC1- .. C3C1298FF}' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
    8/31/2009 8:40:35 PM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\WindowsShell.Manifest. Reference error message: The operation completed successfully. .
    8/31/2009 7:03:37 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls.mui. Reference error message: Insufficient system resources exist to complete the requested service. .
    8/31/2009 6:20:02 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 240 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
    8/31/2009 4:19:59 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 120 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
    8/31/2009 3:19:59 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 60 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
    8/31/2009 2:49:58 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
    8/31/2009 2:34:42 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
    8/31/2009 2:29:32 PM, error: nv [108] - The driver nv4_disp for the display device \Device\Video0 got stuck in an infinite loop. This usually indicates a problem with the device itself or with the device driver programming the hardware incorrectly. Please check with your hardware device vendor for any driver updates.
    8/31/2009 2:13:00 PM, error: Srv [2019] - The server was unable to allocate from the system nonpaged pool because the pool was empty.
    8/31/2009 2:10:01 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000009A' while processing the file 'mcnasvc000.log' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
    8/31/2009 2:08:02 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls. Reference error message: Insufficient system resources exist to complete the requested service. .
    8/31/2009 2:08:02 PM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\system32\WININET.dll. Reference error message: The operation completed successfully. .

    ==== End Of File ===========================

  8. #48
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    Are you familiar with these folders:
    c:\program files\Marysafetynet1
    c:\program files\fixthisthing


    Installed programs list is pretty incomplete looking. Let's see if we have success in producing another with HijackThis.

    Generate an Uninstall List

    * Open HijackThis
    * Click on Open Misc Tools Section
    * Click on Open Uninstall Manager
    * Click on Save list
    * Save it to your Desktop
    * Post it on your next reply.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  9. #49
    Senior Member
    Join Date
    Jul 2009
    Posts
    101

    Default

    Yes, I am familiar with both folders. When I began the process with email help, we were trying to run different programs such as runalyzer to run and I had to rename things to see if that would get them to run. It didn't work, usually.


    I'll try Hijack this now.

  10. #50
    Senior Member
    Join Date
    Jul 2009
    Posts
    101

    Default

    This is a seriously short list but here it is...

    HijackThis 2.0.2

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •