Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ie Pop-ups, Trojan, Spyware/adware, Vundo


  • Please log in to reply
20 replies to this topic

#1 I_Hate_Viruses

I_Hate_Viruses

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:41 AM

Posted 07 May 2007 - 05:26 PM

So I've done the steps that was given to me and I downloaded scans and such. I still have the problems, not much of the IE pop-ups. I keep getting the C:\Windows\system32\cmd.exe thing popping up. Also, McAffee keeps popping up about generic.dx, genericspy.b, and vundo.dll has been dectected. Here is my HijackThis Log.....


Logfile of HijackThis v1.99.1
Scan saved at 6:19:30 PM, on 5/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Nhksrv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Common Files\AOL\1128475720\ee\AOLSoftware.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Verizon Online\Support Center\bin\mpbtn.exe
c:\program files\common files\aol\1128475720\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1128475720\ee\aolsoftware.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: 216.19.0.250 idenupdate.motorola.com
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1128475720\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\retadpu1000272.exe 61A847B5BBF72813329B385475FB01F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310
O4 - HKLM\..\Run: [SManager] smanager.7.exe
O4 - HKLM\..\Run: [WindowsService] rundll32.exe "C:\WINDOWS\system32\pwndhlwt.dll",realset
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Broadband Support Center.lnk = C:\Program Files\Verizon Online\Support Center\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab46479.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.av.aol.com/molbin/shared/m...83/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://aolsvc.aol.com/onlinegames/trydiner...h2.1.0.0.67.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1111975828213
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1143404524843
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (ZPA_TexasHoldem Object) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab45837.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab53083.cab
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://aolsvc.aol.com/onlinegames/free-tri...tg.1.0.0.33.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.av.aol.com/molbin/shared/m...,20/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab41227.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://zone.msn.com/bingame/dash/default/D...sh.1.0.0.87.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolsvc.aol.com/onlinegames/bejewele...aploader_v7.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\perfc000.dat
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

BC AdBot (Login to Remove)

 


m

#2 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:10:41 AM

Posted 08 May 2007 - 12:09 AM

Please download the following to the Desktop:
VundoFix.exe
* Double-click VundoFix.exe to run it
* Click: Scan for Vundo
* Once done scanning, click: Remove Vundo
* A prompt asking if you want to remove the files appears, click: Yes
* The Desktop goes blank as it starts removing Vundo.
* When completed, a prompt to shutdown the computer appears, click OK
* Turn the computer back on.

A log is created and found in C:\vundofix.txt

~~~~
Run HijackThis, Scan
Check box for (if entry is still present):

O4 - HKLM\..\Run: [runner1] C:\WINDOWS\retadpu1000272.exe 61A847B5BBF72813329B385475FB01F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310
O4 - HKLM\..\Run: [SManager] smanager.7.exe
O4 - HKLM\..\Run: [WindowsService] rundll32.exe "C:\WINDOWS\system32\pwndhlwt.dll",realest

O20 - AppInit_DLLs: C:\WINDOWS\system32\perfc000.dat

Select: Fix checked

~~~~
Copy all the files in blue below (CTRL+C) and paste (CTRL+V) them to Notepad
(Start > Programs > Accessories > Notepad):

C:\WINDOWS\retadpu1000272.exe 61A847B5BBF72813329B385475FB01F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310
C:\WINDOWS\smanager.7.exe
C:\WINDOWS\pwndhlwt.dll
C:\WINDOWS\system32\pwndhlwt.dll
C:\WINDOWS\system32\perfc000.dat


Next, download Killbox:
http://www.downloads.subratam.org/KillBox.zip
Place it in a folder on the Desktop.
Extract Pocket KillBox from the zip file
Double-click on the red circle with white X to run it.

At the main screen of KillBox, select the option: Delete on Reboot
Open the Notepad file saved earlier and copy the files to the clipboard
(Highlight all (Ctrl+A) and Copy (Ctrl + C).

In Killbox, go to the File menu, and choose: Paste from Clipboard
Then select: All Files (button)
Now, press the button with a red circle and a white X (Delete File button)
KillBox will alert you the files will be deleted on next reboot, click Yes
When asked to Reboot, select Yes

Click OK at any PendingFileRenameOperations prompt, and let us know if you receive this message.

Also, if the computer does not restart automatically, please restart it manually.

~~~~
Next, download SuperAntiSpyware Home Edition Free Version
http://www.superantispyware.com/downloadfi...ANTISPYWAREFREE
Install the program

Run SuperAntiSpyware and click: Check for updates
Once the update is finished, on the main screen, click: Scan your computer
Check: Perform Complete Scan
Click Next to start the scan.

Superantispyware scans the computer, and when finished, lists all the infections found.
Make sure everything found has a check next to it, and press: Next
Click Finish

It is possible that the program asks to reboot in order to delete some files.

Obtain the SuperAntiSpyware log as follows:
Click: Preferences
Click the Statistics/Logs tab
Under Scanner Logs, double-click SuperAntiSpyware Scan Log
It opens in your default text editor (such as Notepad)
Save the report to post in your reply.

~~~~
Download ComboFix (by sUBs):

http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe

Save it to the Desktop.
Double-click combofix.exe and follow the prompts.

CAUTION: Do not mouse-click ComboFix's window while it is running.
It may cause it to stall.

When finished, it produces a log.

~~~~
Please provide the following in your reply:
The C:\vundofix.txt
The SuperAntiSpyware log
The ComboFix log
A new HijackThis log

Old duck...


#3 I_Hate_Viruses

I_Hate_Viruses
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:41 AM

Posted 08 May 2007 - 09:53 PM

Here's those logs...


VundoFix V6.3.21

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 2:56:44 AM 5/6/2007

Listing files found while scanning....


VundoFix V6.3.21

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 1:25:57 AM 5/7/2007

Listing files found while scanning....


VundoFix V6.3.21

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 10:52:27 AM 5/7/2007

Listing files found while scanning....

C:\WINDOWS\system32\lnnmp.bak1
C:\WINDOWS\system32\lnnmp.bak2
C:\WINDOWS\system32\lnnmp.ini
C:\WINDOWS\system32\ovmmhkjs.dll
C:\WINDOWS\system32\pmnnl.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\lnnmp.bak1
C:\WINDOWS\system32\lnnmp.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\lnnmp.bak2
C:\WINDOWS\system32\lnnmp.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\lnnmp.ini
C:\WINDOWS\system32\lnnmp.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\pmnnl.dll
C:\WINDOWS\system32\pmnnl.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.3.21

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 9:54:19 AM 5/8/2007

Listing files found while scanning....


VundoFix V6.3.21

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 9:55:45 AM 5/8/2007

Listing files found while scanning....

C:\WINDOWS\system32\ihhkj.bak1
C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\jkhhi.dll
C:\WINDOWS\system32\mljji.dll
C:\WINDOWS\system32\oghqrkpv.dll
C:\WINDOWS\system32\ssttt.dll
C:\WINDOWS\system32\ihhkj.bak1
C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\jkhhi.dll
C:\WINDOWS\system32\mljji.dll
C:\WINDOWS\system32\oghqrkpv.dll
C:\WINDOWS\system32\ssttt.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\ihhkj.bak1
C:\WINDOWS\system32\ihhkj.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\ihhkj.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\jkhhi.dll
C:\WINDOWS\system32\jkhhi.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\oghqrkpv.dll
C:\WINDOWS\system32\oghqrkpv.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ssttt.dll
C:\WINDOWS\system32\ssttt.dll Has been deleted!

Performing Repairs to the registry.
Done!


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/08/2007 at 09:24 PM

Application Version : 3.7.1018

Core Rules Database Version : 3233
Trace Rules Database Version: 1244

Scan type : Complete Scan
Total Scan Time : 01:31:43

Memory items scanned : 497
Memory threats detected : 3
Registry items scanned : 5326
Registry threats detected : 52
File items scanned : 47166
File threats detected : 79

Adware.Vundo Variant
C:\WINDOWS\SYSTEM32\DDCCC.DLL
C:\WINDOWS\SYSTEM32\DDCCC.DLL
HKLM\Software\Classes\CLSID\{BCDA1A12-286E-4690-8338-1418B742464C}
HKCR\CLSID\{BCDA1A12-286E-4690-8338-1418B742464C}
HKCR\CLSID\{BCDA1A12-286E-4690-8338-1418B742464C}\InprocServer32
HKCR\CLSID\{BCDA1A12-286E-4690-8338-1418B742464C}\InprocServer32#ThreadingModel
HKLM\Software\Classes\CLSID\{CB9C3047-916C-469F-B33D-0D7C38226247}
HKCR\CLSID\{CB9C3047-916C-469F-B33D-0D7C38226247}
HKCR\CLSID\{CB9C3047-916C-469F-B33D-0D7C38226247}\InprocServer32
HKCR\CLSID\{CB9C3047-916C-469F-B33D-0D7C38226247}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\MLJJI.DLL
HKLM\Software\Classes\CLSID\{D651AFF4-9590-424d-BD1E-8E33E090DFB3}
HKCR\CLSID\{D651AFF4-9590-424D-BD1E-8E33E090DFB3}
HKCR\CLSID\{D651AFF4-9590-424D-BD1E-8E33E090DFB3}\InprocServer32
HKCR\CLSID\{D651AFF4-9590-424D-BD1E-8E33E090DFB3}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\KABYPGXL.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BCDA1A12-286E-4690-8338-1418B742464C}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB9C3047-916C-469F-B33D-0D7C38226247}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D651AFF4-9590-424d-BD1E-8E33E090DFB3}
Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\ddccc
HKCR\CLSID\{D651AFF4-9590-424D-BD1E-8E33E090DFB3}

Trojan.Mezzia/Resident
C:\WINDOWS\SYSTEM32\WINMMT32.DLL
C:\WINDOWS\SYSTEM32\WINMMT32.DLL

Unclassified.Unknown Origin
C:\WINDOWS\SYSTEM32\CBXUVST.DLL
C:\WINDOWS\SYSTEM32\CBXUVST.DLL
HKLM\Software\Classes\CLSID\{D2692EE8-4795-44F4-A8FF-8FAC5D4FE947}
HKCR\CLSID\{D2692EE8-4795-44F4-A8FF-8FAC5D4FE947}
HKCR\CLSID\{D2692EE8-4795-44F4-A8FF-8FAC5D4FE947}\InprocServer32
HKCR\CLSID\{D2692EE8-4795-44F4-A8FF-8FAC5D4FE947}\InprocServer32#ThreadingModel
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2692EE8-4795-44F4-A8FF-8FAC5D4FE947}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{D2692EE8-4795-44F4-A8FF-8FAC5D4FE947}
Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\cbxuvst
HKCR\CLSID\{D2692EE8-4795-44F4-A8FF-8FAC5D4FE947}
C:\WINDOWS\SYSTEM32\AWTUURQ.DLL
C:\WINDOWS\SYSTEM32\GEBCCDB.DLL
C:\WINDOWS\SYSTEM32\JKKKHED.DLL
C:\WINDOWS\SYSTEM32\MLJHECC.DLL
C:\WINDOWS\SYSTEM32\OPNOPQR.DLL
C:\WINDOWS\SYSTEM32\RQRRSQO.DLL
C:\WINDOWS\SYSTEM32\TUVUTQQ.DLL
C:\WINDOWS\SYSTEM32\XXYAWTU.DLL

Trojan.Downloader-CREW
HKLM\Software\Classes\CLSID\{6E642655-D835-4908-9575-9419BA645CF0}
HKCR\CLSID\{6E642655-D835-4908-9575-9419BA645CF0}
HKCR\CLSID\{6E642655-D835-4908-9575-9419BA645CF0}\InprocServer32
HKCR\CLSID\{6E642655-D835-4908-9575-9419BA645CF0}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\YLMGNOAV.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E642655-D835-4908-9575-9419BA645CF0}
C:\SYSTEM VOLUME INFORMATION\_RESTORE{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP2\A0000182.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP2\A0000183.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP2\A0000184.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP2\A0000185.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP2\A0000186.DLL

Unclassified.Unknown Origin/System
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{034895A5-2275-492C-9279-0A70EA12B43E}
HKCR\CLSID\{034895A5-2275-492C-9279-0A70EA12B43E}
HKCR\CLSID\{034895A5-2275-492C-9279-0A70EA12B43E}\InprocServer32
HKCR\CLSID\{034895A5-2275-492C-9279-0A70EA12B43E}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\JKHHI.DLL

Trojan.WinFixer
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E734A22-0774-46BF-BB89-91303F861460}
HKCR\CLSID\{3E734A22-0774-46BF-BB89-91303F861460}
HKCR\CLSID\{3E734A22-0774-46BF-BB89-91303F861460}\InprocServer32
HKCR\CLSID\{3E734A22-0774-46BF-BB89-91303F861460}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\SSTTT.DLL
C:\WINDOWS\SYSTEM32\MLJGG.DLL

Trojan.Downloader-Win/GHY
Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\winmmt32

Adware.Tracking Cookie
C:\Documents and Settings\Stacy Wisniewski\Cookies\stacy_wisniewski@advertising[2].txt
C:\Documents and Settings\Stacy Wisniewski\Cookies\stacy_wisniewski@adopt.euroclick[2].txt
C:\Documents and Settings\Stacy Wisniewski\Cookies\stacy_wisniewski@azjmp[1].txt
C:\Documents and Settings\Stacy Wisniewski\Cookies\stacy_wisniewski@ar.atwola[1].txt
C:\Documents and Settings\Stacy Wisniewski\Cookies\stacy_wisniewski@cdn.euroclick[1].txt
C:\Documents and Settings\Stacy Wisniewski\Cookies\stacy_wisniewski@tribalfusion[1].txt
C:\Documents and Settings\Stacy Wisniewski\Cookies\stacy_wisniewski@precisionclick[2].txt
C:\Documents and Settings\Stacy Wisniewski\Cookies\stacy_wisniewski@doubleclick[1].txt
C:\Documents and Settings\Stacy Wisniewski\Cookies\stacy_wisniewski@mediaplex[1].txt
C:\Documents and Settings\Stacy Wisniewski\Cookies\stacy_wisniewski@fastclick[2].txt
C:\Documents and Settings\Stacy Wisniewski\Cookies\stacy_wisniewski@2o7[2].txt
C:\Documents and Settings\Stacy Wisniewski\Cookies\stacy_wisniewski@atdmt[2].txt
C:\Documents and Settings\Stacy Wisniewski\Cookies\stacy_wisniewski@tradedoubler[1].txt
C:\Documents and Settings\Stacy Wisniewski\Cookies\stacy_wisniewski@atwola[1].txt
C:\Documents and Settings\Stacy Wisniewski\Cookies\stacy_wisniewski@bs.serving-sys[1].txt
C:\Documents and Settings\Stacy Wisniewski\Cookies\stacy_wisniewski@overture[1].txt
C:\Documents and Settings\Stacy Wisniewski\Cookies\stacy_wisniewski@trafficmp[1].txt
C:\Documents and Settings\Stacy Wisniewski\Cookies\stacy_wisniewski@serving-sys[1].txt

Trojan.Unknown Origin
HKLM\SOFTWARE\Microsoft\MSSMGR
HKLM\SOFTWARE\Microsoft\MSSMGR#Brnd
HKLM\SOFTWARE\Microsoft\MSSMGR#BSTV
HKLM\SOFTWARE\Microsoft\MSSMGR#SSTV
C:\DOCUMENTS AND SETTINGS\STACY WISNIEWSKI\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\P6SUN7NF\XC42[1].EXE
C:\DOCUMENTS AND SETTINGS\STACY WISNIEWSKI\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\R0EY4445\XC23[2].EXE
C:\DOCUMENTS AND SETTINGS\STACY WISNIEWSKI\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\X6E933NP\XC60[1].EXE
C:\WINDOWS\TEMP\WIN88.TMP.EXE
C:\WINDOWS\TEMP\WIN97.TMP.EXE
C:\WINDOWS\TEMP\WINB0.TMP.EXE
C:\WINDOWS\TEMP\WINC0.TMP.EXE
C:\WINDOWS\TEMP\WINC02.TMP.EXE
C:\WINDOWS\TEMP\WINC21.TMP.EXE
C:\WINDOWS\TEMP\WINC41.TMP.EXE
C:\WINDOWS\TEMP\WINC4C.TMP.EXE
C:\WINDOWS\TEMP\WINC8A.TMP.EXE
C:\WINDOWS\TEMP\WINCAD.TMP.EXE
C:\WINDOWS\TEMP\WINCC9.TMP.EXE
C:\WINDOWS\TEMP\WIND44.TMP
C:\WINDOWS\TEMP\WIND44.TMP.EXE
C:\WINDOWS\TEMP\WIND4D.TMP.EXE
C:\WINDOWS\TEMP\WIND52.TMP
C:\WINDOWS\TEMP\WIND54.TMP.EXE
C:\WINDOWS\TEMP\WINF60.TMP.EXE
C:\WINDOWS\Prefetch\WIN88.TMP.EXE-2B3C111A.pf
C:\WINDOWS\Prefetch\WIN97.TMP.EXE-11F81E77.pf
C:\WINDOWS\Prefetch\WINB0.TMP.EXE-369EAFF1.pf
C:\WINDOWS\Prefetch\WINC0.TMP.EXE-070BEB39.pf
C:\WINDOWS\Prefetch\WIND44.TMP.EXE-3ACDA20A.pf
C:\WINDOWS\Prefetch\WIND4D.TMP.EXE-06999193.pf
C:\WINDOWS\Prefetch\WIND54.TMP.EXE-10522EBE.pf
C:\WINDOWS\Prefetch\WINF60.TMP.EXE-33B3041A.pf

Adware.ClickSpring/Outer Info Network
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#Publisher
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#HelpLink
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#InstallLocation
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#NoModify
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#NoRepair
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#DisplayVersion

Trojan.Downloader-Gen/Mandingo
C:\DOCUMENTS AND SETTINGS\STACY WISNIEWSKI\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\KUY6E9A5\XC29[1].EXE

Adware.ClickSpring/Yazzle
C:\PROGRAM FILES\COMMON FILES\YAZZLE1162OINADMIN.EXE
C:\PROGRAM FILES\COMMON FILES\YAZZLE1162OINUNINSTALLER.EXE
C:\WINDOWS\PREFETCH\YAZZLE1162OINADMIN.EXE-2F553437.PF

Trojan.IERedirector
C:\SYSTEM VOLUME INFORMATION\_RESTORE{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP2\A0000188.DLL

Trojan.Rootkit-TnCore
C:\SYSTEM VOLUME INFORMATION\_RESTORE{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP2\A0000189.SYS

Trojan.ZenoSearch
C:\SYSTEM VOLUME INFORMATION\_RESTORE{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP2\A0000192.EXE

Trojan.Downloader-Gen/LIB
C:\SYSTEM VOLUME INFORMATION\_RESTORE{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP3\A0004294.DLL
C:\VUNDOFIX BACKUPS\OGHQRKPV.DLL.BAD

Trojan.Downloader-Gen/RetAd
C:\WINDOWS\RETADPU1000106.EXE

Trojan.Downloader-Gen/HardFall
C:\WINDOWS\SYSTEM32\JKKJKKH.DLL



ComboFix Log::::


"Stacy Wisniewski" - 2007-05-08 21:48:21 Service Pack 2
ComboFix 07-05.08.3.V - Running from: "C:\Documents and Settings\Stacy Wisniewski\Desktop\"


(((((((((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\jnjuhdte.dll
C:\WINDOWS\system32\mljjjji.dll
C:\WINDOWS\system32\winmmt32.dll
C:\WINDOWS\system32\etdhujnj.ini
C:\WINDOWS\system32\cbxuvst.dll


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\dinerdash.exe
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\playfirst_logo.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\strings.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\accessories\cup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\accessories\customer_cup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\accessories\heart.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\accessories\menu_down.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\accessories\menu_up.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\accessories\plates.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\accessories\ticket.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\accessories\tray.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\music\mainmenumusic.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_bring_check_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_deliver_order_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_diner.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_food_ready_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_gain_heart_1.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_pencil_write_2.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_rollover_1.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_seat_people_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\choosedifficulty.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\credits.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\flo_lose.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\flo_win.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\help1.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\help2.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\highscores.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\levelintro.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\levelintro_mask.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\levelover.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\levelover_mask.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\mainmenu.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\popup.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\popup_mask.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\upgradegrid.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\upgradetitle.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\upsell.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\arrowleft_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\arrowleft_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\arrowright_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\arrowright_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\backchalk.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\backchalkup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\backtomenu_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\backtomenu_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\back_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\back_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\cancel.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\cancelup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\career.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\career_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\close.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\closeup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\continue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\continueover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\credits_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\credits_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\download_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\download_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\easy.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\easy_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\endlessshift.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\endlessshift_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\hard.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\hard_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\help.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\help_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\highscores.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\highscores_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\instructions_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\instructions_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\letsplay.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\letsplayover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\medium.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\medium_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\moreinfo.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\moreinfoup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\off.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\off_on.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\on.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\on_on.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\pause.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\pauseover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\quit.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\quitgame.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\quitgameover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\quitover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\resumegame.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\resumegameover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\submit.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\submitup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\tryagain.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\tryagainover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\upgrade_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\upgrade_up.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\viewglobal.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\viewglobalup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\viewhighscore.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\viewhighscoreon.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\viewlocal.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\viewlocalup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\comics\webcomic.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\config\career.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\config\customer.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\config\endless.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\config\global.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\config\powerups.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\cook\cook.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\cook\cook.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\cook\stove.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\cursor\arrow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\cursor\click.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\cursor\click2.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\cursor\grab.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\cursor\open.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\blue\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\blue\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\blue\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\green\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\green\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\green\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\purple\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\purple\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\purple\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\red\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\red\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\red\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\yellow\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\yellow\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\yellow\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\blue\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\blue\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\blue\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\green\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\green\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\green\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\purple\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\purple\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\purple\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\red\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\red\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\red\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\yellow\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\yellow\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\yellow\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\flo\idle.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\flo\idle.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\flo\lower.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\flo\lower.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\flo\upper.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\flo\upper.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\fonts\arial.mvec
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\fonts\komikaaxis.mvec
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\chair.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\chair.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\dirt2top.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\dirt4top.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\dishcart.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\dishcart.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\drinkstation_off.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\drinkstation_on1.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\drinkstation_on2.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\ticketstation.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\ticketstation.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\arrowdown.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\arrowdownon.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\arrowleft.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\arrowlefton.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\arrowright.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\arrowrighton.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\arrowup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\arrowupon.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\p1icon.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\textedit.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\title.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_1.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_1_a.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_1_b.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_1_c.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_2.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_2_a.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_2_b.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_2_c.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_2_d.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_3.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_3_a.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_3_b.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_3_c.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_3_d.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\fifth_level_diner.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\first_level_diner.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\fourth_level_diner.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\second_level_diner.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\tableshadow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\background.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\upgrades.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\food\food1.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\food\food1.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\food\food2.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\food\food2.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\food\food3.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\food\food3.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\frames\upgrade_0001.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\tables\2top.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\tables\2top.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\tables\4top.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\tables\4top.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\choosedifficulty.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\chooseplayer.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\chooserestaurant.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\credits.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\game.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\gothighscore.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\help.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\help2.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\hiscore.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\hiscoreinfo.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\hiscoresubmit.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\levelintro.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\levelover.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\loading.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\mainloop.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\mainmenu.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\ok.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\pause.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\style.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\tutorialintro.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\upgrade.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\upsell.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\webcomic.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\yesno.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\splash\aol_logo.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\splash\gamelabsplash.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\splash\playfirst_logo.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\angersmoke.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\angersmoke.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\chairflags.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\chairflags.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\check.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\checkmark.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\clock.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\closed.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\closingtime.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\coinflip.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\coinflip.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\dollar.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\expert.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\expertscore.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\foodpoof.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\foodpoof.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\fork_timer.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\goalcompleted.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\heartgrow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\heartgrow.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\jar.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\jar.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\level.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\level_career.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\score.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\sound.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\staroff.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\staron.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\tablenumber.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\tablenumberup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\traynumber.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\tutorialarrow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\tutorialbox.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\tutorial_character.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\upgradeanim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\upgradeanim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\doodles\coffee.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\doodles\tables.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\doodles\wallpaper.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\upgrades\drinks.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\upgrades\maitred.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\upgrades\oven.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\upgrades\select.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\upgrades\shoes.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\upgrades\stereo.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\upgrades\table.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\dinerdash.exe
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\playfirst_logo.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\strings.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\accessories\cup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\accessories\customer_cup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\accessories\heart.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\accessories\menu_down.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\accessories\menu_up.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\accessories\plates.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\accessories\ticket.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\accessories\tray.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\music\mainmenumusic.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_bring_check_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_deliver_order_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_diner.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_food_ready_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_gain_heart_1.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_pencil_write_2.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_rollover_1.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_seat_people_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\choosedifficulty.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\credits.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\flo_lose.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\flo_win.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\help1.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\help2.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\highscores.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\levelintro.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\levelintro_mask.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\levelover.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\levelover_mask.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\mainmenu.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\popup.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\popup_mask.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\upgradegrid.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\upgradetitle.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\upsell.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\arrowleft_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\arrowleft_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\arrowright_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\arrowright_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\backchalk.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\backchalkup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\backtomenu_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\backtomenu_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\back_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\back_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\cancel.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\cancelup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\career.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\career_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\close.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\closeup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\continue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\continueover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\credits_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\credits_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\download_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\download_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\easy.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\easy_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\endlessshift.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\endlessshift_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\hard.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\hard_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\help.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\help_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\highscores.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\highscores_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\instructions_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\instructions_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\letsplay.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\letsplayover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\medium.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\medium_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\moreinfo.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\moreinfoup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\off.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\off_on.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\on.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\on_on.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\pause.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\pauseover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\quit.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\quitgame.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\quitgameover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\quitover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\resumegame.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\resumegameover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\submit.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\submitup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\tryagain.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\tryagainover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\upgrade_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\upgrade_up.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\viewglobal.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\viewglobalup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\viewhighscore.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\viewhighscoreon.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\viewlocal.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\viewlocalup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\comics\webcomic.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\config\career.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\config\customer.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\config\endless.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\config\global.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\config\powerups.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\cook\cook.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\cook\cook.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\cook\stove.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\cursor\arrow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\cursor\click.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\cursor\click2.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\cursor\grab.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\cursor\open.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\blue\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\blue\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\blue\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\green\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\green\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\green\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\purple\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\purple\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\purple\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\red\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\red\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\red\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\yellow\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\yellow\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\yellow\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\blue\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\blue\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\blue\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\green\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\green\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\green\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\purple\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\purple\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\purple\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\red\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\red\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\red\sit_legs.png
C:\WINDOWS\DOWNLO~1.&#

#4 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:10:41 AM

Posted 08 May 2007 - 09:58 PM

That took care of some load!!

Please continue and post the entire contents of the ComboFix report, even if it takes two consecutive jposts to do so.

Also post a new HijackThis log.

Old duck...


#5 I_Hate_Viruses

I_Hate_Viruses
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:41 AM

Posted 08 May 2007 - 09:59 PM

I see that the last 2 logs didn't fit so here they are:

"Stacy Wisniewski" - 2007-05-08 21:48:21 Service Pack 2
ComboFix 07-05.08.3.V - Running from: "C:\Documents and Settings\Stacy Wisniewski\Desktop\"


(((((((((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\jnjuhdte.dll
C:\WINDOWS\system32\mljjjji.dll
C:\WINDOWS\system32\winmmt32.dll
C:\WINDOWS\system32\etdhujnj.ini
C:\WINDOWS\system32\cbxuvst.dll


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\dinerdash.exe
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\playfirst_logo.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\strings.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\accessories\cup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\accessories\customer_cup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\accessories\heart.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\accessories\menu_down.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\accessories\menu_up.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\accessories\plates.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\accessories\ticket.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\accessories\tray.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\music\mainmenumusic.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_bring_check_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_deliver_order_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_diner.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_food_ready_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_gain_heart_1.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_pencil_write_2.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_rollover_1.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\audio\sfx\sfx_seat_people_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\choosedifficulty.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\credits.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\flo_lose.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\flo_win.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\help1.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\help2.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\highscores.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\levelintro.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\levelintro_mask.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\levelover.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\levelover_mask.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\mainmenu.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\popup.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\popup_mask.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\upgradegrid.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\upgradetitle.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\backgrounds\upsell.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\arrowleft_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\arrowleft_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\arrowright_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\arrowright_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\backchalk.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\backchalkup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\backtomenu_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\backtomenu_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\back_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\back_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\cancel.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\cancelup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\career.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\career_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\close.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\closeup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\continue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\continueover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\credits_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\credits_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\download_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\download_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\easy.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\easy_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\endlessshift.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\endlessshift_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\hard.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\hard_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\help.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\help_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\highscores.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\highscores_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\instructions_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\instructions_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\letsplay.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\letsplayover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\medium.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\medium_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\moreinfo.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\moreinfoup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\off.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\off_on.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\on.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\on_on.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\pause.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\pauseover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\quit.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\quitgame.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\quitgameover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\quitover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\resumegame.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\resumegameover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\submit.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\submitup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\tryagain.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\tryagainover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\upgrade_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\upgrade_up.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\viewglobal.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\viewglobalup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\viewhighscore.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\viewhighscoreon.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\viewlocal.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\buttons\viewlocalup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\comics\webcomic.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\config\career.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\config\customer.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\config\endless.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\config\global.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\config\powerups.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\cook\cook.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\cook\cook.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\cook\stove.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\cursor\arrow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\cursor\click.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\cursor\click2.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\cursor\grab.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\cursor\open.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\blue\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\blue\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\blue\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\green\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\green\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\green\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\purple\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\purple\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\purple\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\red\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\red\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\red\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\yellow\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\yellow\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\old_male\yellow\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\blue\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\blue\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\blue\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\green\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\green\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\green\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\purple\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\purple\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\purple\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\red\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\red\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\red\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\yellow\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\yellow\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\customers\young_female\yellow\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\flo\idle.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\flo\idle.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\flo\lower.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\flo\lower.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\flo\upper.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\flo\upper.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\fonts\arial.mvec
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\fonts\komikaaxis.mvec
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\chair.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\chair.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\dirt2top.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\dirt4top.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\dishcart.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\dishcart.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\drinkstation_off.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\drinkstation_on1.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\drinkstation_on2.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\ticketstation.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\furniture\ticketstation.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\arrowdown.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\arrowdownon.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\arrowleft.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\arrowlefton.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\arrowright.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\arrowrighton.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\arrowup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\arrowupon.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\p1icon.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\textedit.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\hiscore\title.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_1.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_1_a.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_1_b.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_1_c.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_2.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_2_a.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_2_b.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_2_c.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_2_d.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_3.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_3_a.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_3_b.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_3_c.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\endless_1_3_d.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\fifth_level_diner.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\first_level_diner.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\fourth_level_diner.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\layouts\second_level_diner.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\tableshadow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\background.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\upgrades.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\food\food1.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\food\food1.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\food\food2.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\food\food2.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\food\food3.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\food\food3.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\frames\upgrade_0001.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\tables\2top.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\tables\2top.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\tables\4top.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\restaurants\diner\tables\4top.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\choosedifficulty.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\chooseplayer.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\chooserestaurant.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\credits.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\game.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\gothighscore.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\help.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\help2.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\hiscore.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\hiscoreinfo.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\hiscoresubmit.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\levelintro.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\levelover.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\loading.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\mainloop.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\mainmenu.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\ok.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\pause.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\style.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\tutorialintro.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\upgrade.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\upsell.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\webcomic.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\scripts\yesno.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\splash\aol_logo.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\splash\gamelabsplash.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\splash\playfirst_logo.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\angersmoke.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\angersmoke.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\chairflags.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\chairflags.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\check.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\checkmark.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\clock.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\closed.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\closingtime.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\coinflip.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\coinflip.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\dollar.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\expert.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\expertscore.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\foodpoof.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\foodpoof.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\fork_timer.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\goalcompleted.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\heartgrow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\heartgrow.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\jar.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\jar.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\level.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\level_career.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\score.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\sound.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\staroff.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\staron.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\tablenumber.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\tablenumberup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\traynumber.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\tutorialarrow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\tutorialbox.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\tutorial_character.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\upgradeanim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\upgradeanim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\doodles\coffee.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\doodles\tables.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\doodles\wallpaper.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\upgrades\drinks.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\upgrades\maitred.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\upgrades\oven.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\upgrades\select.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\upgrades\shoes.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\upgrades\stereo.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72\assets\ui\upgrades\table.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\dinerdash.exe
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\playfirst_logo.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\strings.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\accessories\cup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\accessories\customer_cup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\accessories\heart.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\accessories\menu_down.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\accessories\menu_up.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\accessories\plates.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\accessories\ticket.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\accessories\tray.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\music\mainmenumusic.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_bring_check_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_deliver_order_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_diner.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_food_ready_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_gain_heart_1.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_pencil_write_2.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_rollover_1.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\audio\sfx\sfx_seat_people_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\choosedifficulty.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\credits.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\flo_lose.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\flo_win.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\help1.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\help2.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\highscores.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\levelintro.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\levelintro_mask.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\levelover.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\levelover_mask.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\mainmenu.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\popup.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\popup_mask.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\upgradegrid.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\upgradetitle.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\backgrounds\upsell.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\arrowleft_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\arrowleft_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\arrowright_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\arrowright_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\backchalk.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\backchalkup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\backtomenu_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\backtomenu_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\back_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\back_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\cancel.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\cancelup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\career.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\career_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\close.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\closeup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\continue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\continueover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\credits_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\credits_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\download_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\download_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\easy.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\easy_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\endlessshift.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\endlessshift_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\hard.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\hard_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\help.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\help_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\highscores.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\highscores_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\instructions_blue.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\instructions_yellow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\letsplay.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\letsplayover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\medium.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\medium_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\moreinfo.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\moreinfoup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\off.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\off_on.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\on.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\on_on.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\pause.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\pauseover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\quit.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\quitgame.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\quitgameover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\quitover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\resumegame.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\resumegameover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\submit.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\submitup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\tryagain.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\tryagainover.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\upgrade_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\upgrade_up.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\viewglobal.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\viewglobalup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\viewhighscore.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\viewhighscoreon.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\viewlocal.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\buttons\viewlocalup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\comics\webcomic.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\config\career.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\config\customer.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\config\endless.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\config\global.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\config\powerups.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\cook\cook.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\cook\cook.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\cook\stove.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\cursor\arrow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\cursor\click.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\cursor\click2.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\cursor\grab.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\cursor\open.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\blue\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\blue\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\blue\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\green\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\green\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\green\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\purple\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\purple\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\purple\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\red\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\red\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\red\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\yellow\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\yellow\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\old_male\yellow\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\blue\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\blue\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\blue\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\green\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\green\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\green\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\purple\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\purple\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\purple\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\red\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\red\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\red\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\yellow\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\yellow\anim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\customers\young_female\yellow\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\flo\idle.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\flo\idle.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\flo\lower.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\flo\lower.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\flo\upper.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\flo\upper.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\fonts\arial.mvec
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\fonts\komikaaxis.mvec
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\furniture\chair.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\furniture\chair.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\furniture\dirt2top.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\furniture\dirt4top.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\furniture\dishcart.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\furniture\dishcart.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\furniture\drinkstation_off.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\furniture\drinkstation_on1.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\furniture\drinkstation_on2.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\furniture\ticketstation.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\furniture\ticketstation.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\hiscore\arrowdown.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\hiscore\arrowdownon.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\hiscore\arrowleft.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\hiscore\arrowlefton.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\hiscore\arrowright.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\hiscore\arrowrighton.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\hiscore\arrowup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\hiscore\arrowupon.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\hiscore\p1icon.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\hiscore\textedit.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\hiscore\title.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\layouts\endless_1_1.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\layouts\endless_1_1_a.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\layouts\endless_1_1_b.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\layouts\endless_1_1_c.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\layouts\endless_1_2.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\layouts\endless_1_2_a.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\layouts\endless_1_2_b.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\layouts\endless_1_2_c.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\layouts\endless_1_2_d.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\layouts\endless_1_3.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\layouts\endless_1_3_a.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\layouts\endless_1_3_b.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\layouts\endless_1_3_c.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\layouts\endless_1_3_d.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\layouts\fifth_level_diner.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\layouts\first_level_diner.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\layouts\fourth_level_diner.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\layouts\second_level_diner.txt
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\restaurants\tableshadow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\restaurants\diner\background.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\restaurants\diner\upgrades.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\restaurants\diner\food\food1.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\restaurants\diner\food\food1.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\restaurants\diner\food\food2.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\restaurants\diner\food\food2.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\restaurants\diner\food\food3.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\restaurants\diner\food\food3.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\restaurants\diner\frames\upgrade_0001.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\restaurants\diner\tables\2top.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\restaurants\diner\tables\2top.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\restaurants\diner\tables\4top.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\restaurants\diner\tables\4top.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\choosedifficulty.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\chooseplayer.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\chooserestaurant.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\credits.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\game.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\gothighscore.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\help.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\help2.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\hiscore.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\hiscoreinfo.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\hiscoresubmit.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\levelintro.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\levelover.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\loading.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\mainloop.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\mainmenu.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\ok.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\pause.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\style.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\tutorialintro.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\upgrade.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\upsell.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\webcomic.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\scripts\yesno.lua
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\splash\aol_logo.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\splash\gamelabsplash.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\splash\playfirst_logo.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\angersmoke.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\angersmoke.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\chairflags.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\chairflags.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\check.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\checkmark.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\clock.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\closed.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\closingtime.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\coinflip.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\coinflip.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\dollar.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\expert.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\expertscore.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\foodpoof.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\foodpoof.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\fork_timer.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\goalcompleted.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\heartgrow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\heartgrow.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\jar.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\jar.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\level.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\level_career.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\score.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\sound.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\staroff.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\staron.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\tablenumber.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\tablenumberup.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\traynumber.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\tutorialarrow.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\tutorialbox.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\tutorial_character.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\upgradeanim.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\upgradeanim.xml
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\doodles\coffee.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\doodles\tables.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\doodles\wallpaper.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\upgrades\drinks.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\upgrades\maitred.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\upgrades\oven.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\upgrades\select.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\upgrades\shoes.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\upgrades\stereo.png
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87\assets\ui\upgrades\table.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\dinerdash2.exe
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\playfirstlogo.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\strings.xml
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\accessories\dirty_dishes.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\accessories\foodtray.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\accessories\heart1.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\accessories\heart2.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\accessories\heart3.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\accessories\menu_down.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\accessories\menu_up.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\accessories\mop_prop.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\accessories\ticket.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\music\mainmenumusic.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\music\cafe\cafe_music_a1.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\music\cafe\cafe_music_a2.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\music\cafe\cafe_music_a3.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\music\cafe\cafe_music_a4.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\baby_cry.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\chef_cook1.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\closing_time.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\customer_ditch.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.

#6 I_Hate_Viruses

I_Hate_Viruses
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:41 AM

Posted 08 May 2007 - 10:01 PM

The combo post wont put all of it on there!!! Ugh!

#7 I_Hate_Viruses

I_Hate_Viruses
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:41 AM

Posted 08 May 2007 - 10:04 PM

C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\dialog_down.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\dialog_up.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\drink_table.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\expert.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\highchair_deliver.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\highchair_pickup.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\keystroke2.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\level_lose.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\level_win.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\menu_click.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\menu_rollover.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\mop_pickup.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\mop_spill.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_bring_check_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_dropoff_drinks_1.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_food_ready_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_gain_heart_1.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_menu_down.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_pencil_write_2.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_seat_people_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\spill.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\table_drink.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\tip_2.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\flo_lose.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\flo_win.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\fullscreendialog.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\high_score_menu_bg.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\levelintro.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\levelintro.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\levelover.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\longdialog.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\longdialog.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\mainmenu.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\mainmenu_logo.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\popup.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\popup.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\textfield.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\upgrade_lines.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\arrowdown_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\arrowdown_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\arrowdown_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\arrowup_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\arrowup_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\arrowup_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\checkbox_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\checkbox_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\checkbox_rotated_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\checkbox_rotated_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\decor_highlight.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\decor_normal.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\decor_selected.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a1.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a2.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a3.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_large_1.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_large_2.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_large_3.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_small_1.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_small_2.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_small_3.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\left_arrow_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\left_arrow_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\left_arrow_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\main_menu_button1_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\main_menu_button1_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\main_menu_button1_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\main_menu_button1_mask.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\main_menu_button2_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\main_menu_button2_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\main_menu_button2_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\main_menu_button2_mask.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\map_button_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\map_button_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\map_button_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\right_arrow_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\right_arrow_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\right_arrow_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\upgrade_down.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\upgrade_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\upgrade_up.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\welcome_player.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\config\actionpoints.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\config\career.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\config\customer.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\config\endless.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\config\global.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\config\powerups.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\cook\stove.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\cursor\arrow.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\cursor\click.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\cursor\click2.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\cursor\grab.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\cursor\open.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\dad_male\anim.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\dad_male\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\dad_male\blue.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\dad_male\blue_legs.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\dad_male\legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\dad_male\red.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\dad_male\red_legs.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\kid_male\anim.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\kid_male\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\kid_male\blue.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\kid_male\blue_legs.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\kid_male\legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\kid_male\red.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\kid_male\red_legs.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\anim.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\baby.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\baby.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\blue.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\blue_baby.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\blue_legs.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\red.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\red_baby.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\red_legs.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\young_female\anim.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\young_female\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\young_female\blue.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\young_female\blue_legs.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\young_female\legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\young_female\red.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\young_female\red_legs.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\flo\idle.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\flo\idle.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\flo\lower.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\flo\lower.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\flo\upper.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\flo\upper.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\fonts\mercurius.mvec
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\bench.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\bench.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\blue_highchairbaby.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\chair.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\chair.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\dirt2top.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\dirt4top.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\dishcart.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\dishcart.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\green_highchairbaby.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\highchairbaby.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\highchairbaby.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\highchair_prop_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\highchair_prop_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\luxury_bench.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\luxury_bench.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\mop_station_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\mop_station_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\mop_station_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\podium.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\podium_heart.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\podium_heart.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\purple_highchairbaby.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\radio.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\red_highchairbaby.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\spill.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\spill.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\stereo.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\ticketstation.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\ticketstation.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\yellow_highchairbaby.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\family.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help1_colormatch1.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help1_colormatch2.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help1_noise.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help1_score.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help2_cleardishes.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help2_givecheck.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help2_pickupfood.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help2_servefood.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help2_takeorder.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help_dividerline.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\hiscore\local-hs-bb.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\hiscore\p1icon.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\career_1_1.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\career_1_2.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\career_1_3.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\career_1_4.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\career_1_5.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\career_1_6.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\endless_1_1.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\endless_1_1_a.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\endless_1_1_b.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\endless_1_1_c.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\tableshadow.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\background.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\upgrades.xml
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\blue.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\green.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\green.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\grey.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\red.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\food\cup1.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\food\food.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\food\food.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\frames\2_0.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\frames\2_1.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\furniture\drinkstation1_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\furniture\drinkstation1_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\furniture\drinkstation1_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\people\cook.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\people\cook.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\props\cup_prop1.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\tables\2top.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\tables\2top.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\tables\4top.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\tables\4top.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\upgrade_icons\cafe_icon_2_0.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\upgrade_icons\cafe_icon_2_1.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\careerupgrade.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\choosedifficulty.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\closeconfirm.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\entername.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\game.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\getmoregames.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\help1.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\help2.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\hiscore.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\hiscoreinfo.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\hiscoresubmit.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\levelintro.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\levelover.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\loading.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\mainloop.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\mainmenu.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\ok.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\pause.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\style.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\upgrade.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\upsell.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\yesno.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\splash\aol_logo.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\splash\playfirst_logo.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\angersmoke.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\angersmoke.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\chairflags.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\chairflags.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\check.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\checkmark.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\closed.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\coinflip.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\coinflip.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\decor_lines.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\dollar.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\expert.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\foodpoof.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\foodpoof.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\heartgrow.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\heartgrow.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\jar.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\jar.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\lives_icon.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\noisering.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\tablenumber_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\tablenumber_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\traynumber.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\tutorialarrow.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\tutorialbox.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\ui_base.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\ui_hand.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\ui_timer_off.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\ui_timer_on.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgradeanim.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\bubbles\request_bubble.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\bubbles\request_mop.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\bubbles\request_rejectmeal.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_d.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_e.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_f.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_bench_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_bench_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_bench_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_drink_station1_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_drink_station1_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_drink_station1_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_luxury_bench_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_luxury_bench_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_luxury_bench_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_oven_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_oven_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_oven_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_podium_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_podium_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_podium_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_powerbars_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_powerbars_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_powerbars_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_radio_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_radio_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_radio_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_stereo_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_stereo_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_stereo_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_table_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_table_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_table_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\upsell\dd1.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\upsell\dd2.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\upsell\dd3.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\upsell\dd4.jpg
C:\DOCUME~1\STACYW~1\Desktop.\internet explorer.lnk
C:\install.log
C:\WINDOWS\hosts
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.72
C:\WINDOWS\DOWNLO~1.\DinerDash.1.0.0.87
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48


((((((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_CORE
-------\LEGACY_IPRIP
-------\core


((((((((((((((((((((((((((((((( Files Created from 2007-04-08 to 2007-05-08 ))))))))))))))))))))))))))))))))))


2007-05-08 21:49 40,183 ---hs---- C:\Program Files\Common Files\Yazzle1162OinUninstaller.exe
2007-05-08 19:25 <DIR> d-------- C:\!KillBox
2007-05-08 19:18 1,472,550 ---hs---- C:\WINDOWS\system32\cccdd.bak1
2007-05-07 23:13 1,471,727 ---hs---- C:\WINDOWS\system32\tttss.bak1
2007-05-07 17:14 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2007-05-07 17:13 1,471,727 ---hs---- C:\WINDOWS\system32\ijjlm.bak1
2007-05-07 15:16 <DIR> d-------- C:\DOCUME~1\DAWNWI~1\APPLIC~1\SUPERAntiSpyware.com
2007-05-07 15:12 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-05-07 15:01 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
2007-05-07 15:00 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-05-07 15:00 <DIR> d-------- C:\DOCUME~1\STACYW~1\APPLIC~1\SUPERAntiSpyware.com
2007-05-07 14:26 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
2007-05-07 01:39 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-05-07 01:38 75,512 --a------ C:\WINDOWS\zllsputility.exe
2007-05-07 01:35 1,087,216 --a------ C:\WINDOWS\system32\zpeng24.dll
2007-05-07 01:35 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2007-05-07 01:33 <DIR> d-------- C:\WINDOWS\Internet Logs
2007-05-06 23:06 <DIR> d-------- C:\DOCUME~1\STACYW~1\APPLIC~1\Google
2007-05-06 23:00 <DIR> d-------- C:\Program Files\Google
2007-05-06 23:00 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
2007-05-06 21:51 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-05-06 21:44 <DIR> d-------- C:\Program Files\Common Files\Panda Software
2007-05-06 18:12 <DIR> d-------- C:\DOCUME~1\STACYW~1\.housecall6.6
2007-05-06 15:02 8,464 --a------ C:\WINDOWS\system32\sporder.dll
2007-05-06 13:41 <DIR> d-------- C:\DOCUME~1\STACYW~1\APPLIC~1\Lavasoft
2007-05-06 13:39 <DIR> d-------- C:\Program Files\Lavasoft
2007-05-06 13:37 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-05-06 12:57 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-05-06 02:56 <DIR> d-------- C:\VundoFix Backups
2007-05-06 01:32 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
2007-05-06 01:31 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2007
2007-05-06 00:57 132,660 --a------ C:\WINDOWS\system32\tmbvweba.dll.ren
2007-05-06 00:57 1,463,064 --a------ C:\WINDOWS\system32\abewvbmt.ini.ren
2007-05-06 00:50 <DIR> d-a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
2007-05-06 00:48 <DIR> d-------- C:\DOCUME~1\STACYW~1\APPLIC~1\Simply Super Software
2007-05-06 00:43 4,872,304 --a------ C:\Program Files\trsetup.exe
2007-05-05 22:38 132,660 --a------ C:\WINDOWS\system32\ymuwdpjo.dll.ren
2007-05-05 22:38 1,463,099 --a------ C:\WINDOWS\system32\ojpdwumy.ini.ren
2007-05-05 22:35 1,464,199 --a------ C:\WINDOWS\system32\lnnmp.bak1.ren
2007-05-05 22:33 1,465,551 --ahs---- C:\WINDOWS\system32\lnnmp.ini.ren
2007-05-05 12:10 <DIR> d-------- C:\Temp\tn3
2007-05-05 12:09 498,483 --a------ C:\Temp\gorPUS.exe
2007-05-05 12:09 14,918 --a------ C:\WINDOWS\141x.exe
2007-05-05 12:09 <DIR> d-------- C:\WINDOWS\system32\smpi1
2007-05-05 12:09 <DIR> d-------- C:\Temp\17O7
2007-05-05 12:09 <DIR> d-------- C:\Temp
2007-05-01 11:35 146,432 ---hs---- C:\Program Files\Common Files\Yazzle1162OinAdmin.exe
2007-04-13 10:44 <DIR> d-------- C:\DOCUME~1\Scott\APPLIC~1\MySpace


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-05-07 03:37:16 -------- d-----w C:\Program Files\America Online 9.0
2007-05-07 03:37:13 -------- d-----w C:\Program Files\QuickTime
2007-05-07 03:37:12 -------- d-----w C:\Program Files\Dell AIO Printer A920
2007-05-07 01:17:13 -------- d-----w C:\Program Files\Microsoft Picture It! 2002
2007-04-20 23:36:30 -------- d-----w C:\Program Files\Motorola
2007-04-03 21:05:50 -------- d-----w C:\Program Files\MySpace
2007-03-17 13:43:01 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
2007-03-08 15:36:28 577,536 ----a-w C:\WINDOWS\system32\user32.dll
2007-03-08 15:36:28 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
2007-03-08 15:36:28 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-03-08 13:47:48 1,843,584 ----a-w C:\WINDOWS\system32\win32k.sys
2007-03-04 01:05:32 67,480 ----a-w C:\Program Files\MySpaceIM_Setup.exe


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
"{3E1500AC-87A5-416b-A211-82E848649DA9}"="C:\PROGRA~1\Ofb11\Ofb11.dll" [x]
"{53707962-6F74-2D53-2644-206D7942484F}"="C:\PROGRA~1\SPYBOT~1\SDHelper.dll"
"{5CA3D70E-1895-11CF-8E15-001234567890}"="C:\WINDOWS\system32\dla\tfswshx.dll"
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"="C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll"
"{BCDA1A12-286E-4690-8338-1418B742464C}"="C:\WINDOWS\system32\ddccc.dll" [x]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"DellTouch"="C:\\WINDOWS\\DELLMMKB.EXE"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"WorksFUD"="C:\\Program Files\\Microsoft Works\\wkfud.exe"
"Microsoft Works Portfolio"="C:\\Program Files\\Microsoft Works\\WksSb.exe /AllUsers"
"Microsoft Works Update Detection"="C:\\Program Files\\Common Files\\Microsoft Shared\\Works Shared\\WkUFind.exe"
"REGSHAVE"="C:\\Program Files\\REGSHAVE\\REGSHAVE.EXE /AUTORUN"
"Dell AIO Printer A920"="\"C:\\Program Files\\Dell AIO Printer A920\\dlbkbmgr.exe\""
"VSOCheckTask"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcmnhdlr.exe\" /checktask"
"VirusScan Online"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcvsshld.exe\""
"MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe"
"MCUpdateExe"="C:\\PROGRA~1\\mcafee.com\\agent\\mcupdate.exe"
"DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\""
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"ISUSPM Startup"="C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup"
"ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"HostManager"="C:\\Program Files\\Common Files\\AOL\\1128475720\\ee\\AOLSoftware.exe"
"AOLDialer"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"
"Motive SmartBridge"="C:\\PROGRA~1\\VERIZO~1\\SUPPOR~1\\SMARTB~1\\MotiveSB.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""
"SManager"="smanager.7.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"
"AOL Fast Start"="\"C:\\Program Files\\America Online 9.0\\AOL.EXE\" -b"
@=""

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"="C:\Program Files\SUPERAntiSpyware\SASSEH.DLL"


HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddccc
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljji
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmnlj

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages msv1_0\0\0
Security Packages kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages scecli\0\0




[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService DnsCache\0\0
rpcss RpcSs\0\0
imgsvc StiSvc\0\0
termsvcs TermService\0\0
HTTPFilter HTTPFilter\0\0
DcomLaunch DcomLaunch\0TermService\0\0
WudfServiceGroup WUDFSvc\0\0

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost



Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (FAMILY-Stacy Wisniewski).job
C:\WINDOWS\tasks\McAfee.com Update Check (FAMILY-Dawn Wisniewski).job
C:\WINDOWS\tasks\McAfee.com Update Check (FAMILY-Duane Wisniewski).job
C:\WINDOWS\tasks\McAfee.com Update Check (FAMILY-Scott).job
C:\WINDOWS\tasks\McAfee.com Update Check (FAMILY-Stacy Wisniewski).job
C:\WINDOWS\tasks\Symantec NetDetect.job

********************************************************************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-08 22:24:26
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


********************************************************************

Completion time: 2007-05-08 22:28:57 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-05-08 22:28


Hijack This Log:

Logfile of HijackThis v1.99.1
Scan saved at 10:49:16 PM, on 5/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Nhksrv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\AOL\1128475720\ee\AOLSoftware.exe
C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\Verizon Online\Support Center\bin\mpbtn.exe
c:\program files\common files\aol\1128475720\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1128475720\ee\aolsoftware.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Microsoft Works\MSWorks.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ofb1 - {3E1500AC-87A5-416b-A211-82E848649DA9} - C:\PROGRA~1\Ofb11\Ofb11.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {BCDA1A12-286E-4690-8338-1418B742464C} - C:\WINDOWS\system32\ddccc.dll (file missing)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1128475720\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [SManager] smanager.7.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Broadband Support Center.lnk = C:\Program Files\Verizon Online\Support Center\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab46479.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.av.aol.com/molbin/shared/m...83/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://aolsvc.aol.com/onlinegames/trydiner...h2.1.0.0.67.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1111975828213
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1143404524843
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (ZPA_TexasHoldem Object) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab45837.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab53083.cab
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://aolsvc.aol.com/onlinegames/free-tri...tg.1.0.0.33.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.av.aol.com/molbin/shared/m...,20/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab41227.c

#8 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:10:41 AM

Posted 08 May 2007 - 10:17 PM

The HijackThis log got chopped off this time! :thumbsup:

Old duck...


#9 I_Hate_Viruses

I_Hate_Viruses
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:41 AM

Posted 08 May 2007 - 10:23 PM

:thumbsup: Here we go...lol


O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab41227.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://zone.msn.com/bingame/dash/default/D...sh.1.0.0.87.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolsvc.aol.com/onlinegames/bejewele...aploader_v7.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: ddccc - C:\WINDOWS\system32\ddccc.dll (file missing)
O20 - Winlogon Notify: mljji - C:\WINDOWS\system32\mljji.dll (file missing)
O20 - Winlogon Notify: pmnlj - C:\WINDOWS\system32\pmnlj.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

#10 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:10:41 AM

Posted 09 May 2007 - 08:55 AM

Please run VundoFix once again. Looks as if it left some remnants.

~~~~
Next, run HijackThis, Scan
Check box for:

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: ofb1 - {3E1500AC-87A5-416b-A211-82E848649DA9} - C:\PROGRA~1\Ofb11\Ofb11.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {BCDA1A12-286E-4690-8338-1418B742464C} - C:\WINDOWS\system32\ddccc.dll (file missing)

O4 - HKLM\..\Run: [SManager] smanager.7.exe

O20 - Winlogon Notify: ddccc - C:\WINDOWS\system32\ddccc.dll (file missing)
O20 - Winlogon Notify: mljji - C:\WINDOWS\system32\mljji.dll (file missing)
O20 - Winlogon Notify: pmnlj - C:\WINDOWS\system32\pmnlj.dll (file missing)

Select: Fix checked

~~~~
Restart the computer.

~~~~
Run HijackThis and do another Scan to post its results in your reply.

~~~~
Please post the new VundoFix report, and also a new HijackThis log.

Old duck...


#11 I_Hate_Viruses

I_Hate_Viruses
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:41 AM

Posted 09 May 2007 - 02:20 PM

VundoFix V6.3.21

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 2:56:44 AM 5/6/2007

Listing files found while scanning....


VundoFix V6.3.21

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 1:25:57 AM 5/7/2007

Listing files found while scanning....


VundoFix V6.3.21

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 10:52:27 AM 5/7/2007

Listing files found while scanning....

C:\WINDOWS\system32\lnnmp.bak1
C:\WINDOWS\system32\lnnmp.bak2
C:\WINDOWS\system32\lnnmp.ini
C:\WINDOWS\system32\ovmmhkjs.dll
C:\WINDOWS\system32\pmnnl.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\lnnmp.bak1
C:\WINDOWS\system32\lnnmp.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\lnnmp.bak2
C:\WINDOWS\system32\lnnmp.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\lnnmp.ini
C:\WINDOWS\system32\lnnmp.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\pmnnl.dll
C:\WINDOWS\system32\pmnnl.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.3.21

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 9:54:19 AM 5/8/2007

Listing files found while scanning....


VundoFix V6.3.21

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 9:55:45 AM 5/8/2007

Listing files found while scanning....

C:\WINDOWS\system32\ihhkj.bak1
C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\jkhhi.dll
C:\WINDOWS\system32\mljji.dll
C:\WINDOWS\system32\oghqrkpv.dll
C:\WINDOWS\system32\ssttt.dll
C:\WINDOWS\system32\ihhkj.bak1
C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\jkhhi.dll
C:\WINDOWS\system32\mljji.dll
C:\WINDOWS\system32\oghqrkpv.dll
C:\WINDOWS\system32\ssttt.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\ihhkj.bak1
C:\WINDOWS\system32\ihhkj.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\ihhkj.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\jkhhi.dll
C:\WINDOWS\system32\jkhhi.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\oghqrkpv.dll
C:\WINDOWS\system32\oghqrkpv.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ssttt.dll
C:\WINDOWS\system32\ssttt.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.3.21

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 11:48:29 AM 5/9/2007

Listing files found while scanning....

C:\WINDOWS\system32\cccdd.bak1
C:\WINDOWS\system32\cccdd.ini
C:\WINDOWS\system32\ddccc.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\cccdd.bak1
C:\WINDOWS\system32\cccdd.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\cccdd.ini
C:\WINDOWS\system32\cccdd.ini Has been deleted!

Performing Repairs to the registry.
Done!

Logfile of HijackThis v1.99.1
Scan saved at 3:14:33 PM, on 5/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Nhksrv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\AOL\1128475720\ee\AOLSoftware.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Verizon Online\Support Center\bin\mpbtn.exe
c:\program files\common files\aol\1128475720\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1128475720\ee\aolsoftware.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1128475720\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Broadband Support Center.lnk = C:\Program Files\Verizon Online\Support Center\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab46479.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.av.aol.com/molbin/shared/m...83/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://aolsvc.aol.com/onlinegames/trydiner...h2.1.0.0.67.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1111975828213
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1143404524843
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (ZPA_TexasHoldem Object) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab45837.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab53083.cab
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://aolsvc.aol.com/onlinegames/free-tri...tg.1.0.0.33.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.av.aol.com/molbin/shared/m...,20/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab41227.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://zone.msn.com/bingame/dash/default/D...sh.1.0.0.87.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolsvc.aol.com/onlinegames/bejewele...aploader_v7.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

#12 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:10:41 AM

Posted 09 May 2007 - 05:52 PM

Please update your version of Java!
There are vulnerabilities in older versions.

Go to Start > Control Panel > Add/Remove Programs
In the list of Currently Installed Programs, look for all previous versions of Java:
J2SE Runtime Environment number x, etc.
Select the entry and then Remove

Next, download and install the newest version:
Java Runtime Environment (JRE) 6u1
http://java.sun.com/javase/downloads/index.jsp

~~~~
The HijackThis log looks fine. No apparent malware issues.

Are you still having malware problems?

Edited by Aaflac, 09 May 2007 - 05:55 PM.

Old duck...


#13 I_Hate_Viruses

I_Hate_Viruses
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:41 AM

Posted 09 May 2007 - 06:26 PM

Well I'm not having the internet explorer pop-ups anymore (knock on wood) but I'm running Ad-Aware SE scan again to see if there is anything and there are a few things that it picked up. I'll post a log of it shortly when it is finished scanning.

#14 I_Hate_Viruses

I_Hate_Viruses
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:41 AM

Posted 09 May 2007 - 07:00 PM

Here is the Ad-Aware Se log:

Ad-Aware SE Build 1.06r1
Logfile Created on:Wednesday, May 09, 2007 7:19:07 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R169 07.05.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.Yazzle(TAC index:7):13 total references
MRU List(TAC index:0):40 total references
Tracking Cookie(TAC index:3):2 total references
Virtumonde(TAC index:10):10 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R169 07.05.2007
Internal build : 210
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 1157767 Bytes
Total size : 3819118 Bytes
Signature data size : 3778068 Bytes
Reference data size : 40538 Bytes
Signatures total : 98399
CSI Fingerprints total : 7107
CSI data size : 413856 Bytes
Target categories : 15
Target families : 1100


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:29 %
Total physical memory:260912 kb
Available physical memory:74220 kb
Total page file size:640732 kb
Available on page file:300468 kb
Total virtual memory:2097024 kb
Available virtual memory:1997528 kb
OS:Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


5-9-2007 7:19:07 PM - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\Stacy Wisniewski\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\Stacy Wisniewski\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\mediaplayer\player\recenturllist
Description : list of recently used web addresses in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\mediaplayer\player\settings
Description : last save as directory used in jasc paint shop pro


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-19\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-20\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\mediaplayer\preferences
Description : last search path used in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\office\10.0\clip organizer\search\last query
Description : last query in microsoft clip organizer


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\office\10.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\office\10.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\office\10.0\word\recent templates
Description : list of recent templates used by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : software\musicmatch
Description : download location of the musicmatch installer


MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\fileconv
Description : file conversion location settings in musicmatch jukebox


MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\mmradio
Description : information on the last station listened to using musicmatch radio


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 440
ThreadCreationTime : 5-9-2007 10:04:06 PM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 488
ThreadCreationTime : 5-9-2007 10:04:07 PM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 512
ThreadCreationTime : 5-9-2007 10:04:08 PM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 556
ThreadCreationTime : 5-9-2007 10:04:08 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 568
ThreadCreationTime : 5-9-2007 10:04:08 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 740
ThreadCreationTime : 5-9-2007 10:04:09 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 788
ThreadCreationTime : 5-9-2007 10:04:09 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 852
ThreadCreationTime : 5-9-2007 10:04:09 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 912
ThreadCreationTime : 5-9-2007 10:04:09 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1020
ThreadCreationTime : 5-9-2007 10:04:10 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [lexbces.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1172
ThreadCreationTime : 5-9-2007 10:04:12 PM
BasePriority : Normal
FileVersion : 8.16
ProductVersion : 8.16
ProductName : MarkVision for Windows (32 bit)
CompanyName : Lexmark International, Inc.
FileDescription : LexBce Service
InternalName : LexBce Service
LegalCopyright : © 1993 - 2003 Lexmark International, Inc.
OriginalFilename : LexBceS.exe

#:12 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1196
ThreadCreationTime : 5-9-2007 10:04:12 PM
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:13 [lexpps.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1204
ThreadCreationTime : 5-9-2007 10:04:12 PM
BasePriority : Normal
FileVersion : 8.16
ProductVersion : 8.16
ProductName : MarkVision for Windows (32 bit)
CompanyName : Lexmark International, Inc.
FileDescription : LEXPPS.EXE
InternalName : LEXPPS
LegalCopyright : © 1993 - 2003 Lexmark International, Inc.
OriginalFilename : LEXPPS.EXE
Comments : MarkVision for Windows '95 New P2P Server (32-bit)

#:14 [nhksrv.exe]
FilePath : C:\WINDOWS\
ProcessID : 1368
ThreadCreationTime : 5-9-2007 10:04:19 PM
BasePriority : Normal


#:15 [aolacsd.exe]
FilePath : C:\Program Files\Common Files\AOL\ACS\
ProcessID : 1384
ThreadCreationTime : 5-9-2007 10:04:19 PM
BasePriority : Normal


#:16 [aoltsmon.exe]
FilePath : C:\Program Files\Common Files\AOL\TopSpeed\2.0\
ProcessID : 1396
ThreadCreationTime : 5-9-2007 10:04:19 PM
BasePriority : Normal
FileVersion : 2, 0, 0, 0
ProductVersion : 2, 0, 0, 0
ProductName : AOL TopSpeed™ Monitor
CompanyName : America Online, Inc
FileDescription : AOL TopSpeed™ Monitor
InternalName : AOL TopSpeed™ Monitor
LegalCopyright : Copyright © 2004 America Online, Inc.
OriginalFilename : aoltsmon.exe

#:17 [mcvsrte.exe]
FilePath : c:\PROGRA~1\mcafee.com\vso\
ProcessID : 1456
ThreadCreationTime : 5-9-2007 10:04:19 PM
BasePriority : Normal
FileVersion : 8, 0, 0, 12
ProductVersion : 8, 0, 0, 0
ProductName : McAfee VirusScan
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee VirusScan Real-time Engine
InternalName : mcvsrte
LegalCopyright : Copyright © 1998-2003 Networks Associates Technology, Inc
OriginalFilename : mcvsrte.exe
Comments : McAfee VirusScan Real-time Engine

#:18 [aoltpspd.exe]
FilePath : C:\Program Files\Common Files\AOL\TopSpeed\2.0\
ProcessID : 1480
ThreadCreationTime : 5-9-2007 10:04:19 PM
BasePriority : Normal
FileVersion : 2, 0, 0, 0
ProductVersion : 2, 0, 0, 0
ProductName : AOL TopSpeed™
CompanyName : America Online Inc
FileDescription : AOL TopSpeed™
InternalName : AOL TopSpeed™ Loader
LegalCopyright : Copyright © 2003-2004
LegalTrademarks : AOL TopSpeed™
OriginalFilename : aoltpspd.exe

#:19 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1684
ThreadCreationTime : 5-9-2007 10:04:21 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:20 [tcpsvcs.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1868
ThreadCreationTime : 5-9-2007 10:04:23 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : TCP/IP Services Application
InternalName : TCPSVCS.EXE
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : TCPSVCS.EXE

#:21 [snmp.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1912
ThreadCreationTime : 5-9-2007 10:04:23 PM
BasePriority : Normal
FileVersion : 5.1.2600.3038 (xpsp_sp2_gdr.061119-2303)
ProductVersion : 5.1.2600.3038
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : SNMP Service
InternalName : snmp.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : snmp.exe

#:22 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1952
ThreadCreationTime : 5-9-2007 10:04:23 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:23 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1996
ThreadCreationTime : 5-9-2007 10:04:23 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:24 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 436
ThreadCreationTime : 5-9-2007 10:04:27 PM
BasePriority : Normal
FileVersion : 6.5
ProductVersion : QuickTime 6.5
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:25 [wkufind.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\Works Shared\
ProcessID : 616
ThreadCreationTime : 5-9-2007 10:04:28 PM
BasePriority : Normal
FileVersion : 6.00.3215.0
ProductVersion : 6.00.3215.0
ProductName : Microsoft® Works 6.0
CompanyName : Microsoft® Corporation
FileDescription : Microsoft® Works Update Detection
InternalName : WkUFind
LegalCopyright : Copyright © Microsoft Corporation 1987-2001. All rights reserved.
OriginalFilename : WkUFind.exe

#:26 [dlbkbmgr.exe]
FilePath : C:\Program Files\Dell AIO Printer A920\
ProcessID : 948
ThreadCreationTime : 5-9-2007 10:04:29 PM
BasePriority : Normal
FileVersion : 0.1.1.1
ProductVersion : 0.1.1.1
ProductName : Button Manager Executable
CompanyName : Dell Computer Corporation
FileDescription : Dell AIO Printer A920Button Manager
InternalName : dlbkbmgr.exe
OriginalFilename : dlbkbmgr.exe

#:27 [mcvsshld.exe]
FilePath : C:\PROGRA~1\mcafee.com\vso\
ProcessID : 996
ThreadCreationTime : 5-9-2007 10:04:29 PM
BasePriority : Normal
FileVersion : 8, 0, 0, 15
ProductVersion : 8, 0, 0, 0
ProductName : McAfee VirusScan
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee VirusScan ActiveShield Resource
InternalName : msvcshld
LegalCopyright : Copyright © 1998-2003 Networks Associates Technology, Inc
OriginalFilename : mcvsshld.exe
Comments : McAfee VirusScan ActiveShield Resource

#:28 [dvdlauncher.exe]
FilePath : C:\Program Files\CyberLink\PowerDVD\
ProcessID : 1092
ThreadCreationTime : 5-9-2007 10:04:29 PM
BasePriority : Normal
FileVersion : 3.00.0000
ProductVersion : 3.00.0000
ProductName : Cyberlink PowerCinema 3.0
CompanyName : CyberLink Corp.
FileDescription : CyberLink PowerCinema Resident Program
InternalName : CyberLink PowerCinema Resident Program
LegalCopyright : Copyright © 2003 CyberLink Corp.
OriginalFilename : DVDLauncher.EXE

#:29 [tfswctrl.exe]
FilePath : C:\WINDOWS\system32\dla\
ProcessID : 1104
ThreadCreationTime : 5-9-2007 10:04:29 PM
BasePriority : Normal
FileVersion : 1.04.08a
CompanyName : Sonic Solutions
FileDescription : Drive Letter Access Component
LegalCopyright : Copyright © 2004 Sonic Solutions

#:30 [issch.exe]
FilePath : C:\Program Files\Common Files\InstallShield\UpdateService\
ProcessID : 1248
ThreadCreationTime : 5-9-2007 10:04:30 PM
BasePriority : Normal
FileVersion : 3, 10, 100, 1155
ProductVersion : 3, 10
ProductName : InstallShield Update Service
CompanyName : InstallShield Software Corporation
FileDescription : InstallShield Update Service Scheduler
InternalName : Scheduler
LegalCopyright : Copyright © 1990-2004 InstallShield Software Corporation
OriginalFilename : issch.exe

#:31 [aolsoftware.exe]
FilePath : C:\Program Files\Common Files\AOL\1128475720\ee\
ProcessID : 1412
ThreadCreationTime : 5-9-2007 10:04:30 PM
BasePriority : Normal
FileVersion : 1.5.6.1
ProductVersion : 1.5.6.1
ProductName : AOL Service Libraries
CompanyName : America Online, Inc.
FileDescription : AOL
InternalName : AOLSoftware
LegalCopyright : © 2006 America Online, Inc.
OriginalFilename : AOLSoftware.exe

#:32 [dlbkbmon.exe]
FilePath : C:\Program Files\Dell AIO Printer A920\
ProcessID : 1432
ThreadCreationTime : 5-9-2007 10:04:30 PM
BasePriority : Normal
FileVersion : 0.1.1.1
ProductVersion : 0.1.1.1
ProductName : Button Monitor Executable
CompanyName : Dell Computer Corporation
FileDescription : Dell AIO Printer A920Button Monitor
InternalName : dlbkbmon.exe
OriginalFilename : dlbkbmon.exe

#:33 [mcvsescn.exe]
FilePath : c:\progra~1\mcafee.com\vso\
ProcessID : 1588
ThreadCreationTime : 5-9-2007 10:04:30 PM
BasePriority : Normal
FileVersion : 8, 0, 0, 30
ProductVersion : 8, 0, 0, 0
ProductName : McAfee VirusScan
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee VirusScan E-mail Scan Module
InternalName : mcvsescn
LegalCopyright : Copyright © 1998-2003 Networks Associates Technology, Inc
OriginalFilename : mcvsescn.EXE
Comments : McAfee VirusScan E-mail Scan Module

#:34 [motivesb.exe]
FilePath : C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\
ProcessID : 1612
ThreadCreationTime : 5-9-2007 10:04:30 PM
BasePriority : Normal
FileVersion : 5.6.11.asst_classic.smartbridge.0
ProductVersion : 5.6.11.asst_classic.smartbridge
ProductName : Motive System
CompanyName : Motive Communications, Inc.
FileDescription : Motive SmartBridge
InternalName : version
LegalCopyright : Copyright 1998-2003
OriginalFilename : version

#:35 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1768
ThreadCreationTime : 5-9-2007 10:04:32 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:36 [superantispyware.exe]
FilePath : C:\Program Files\SUPERAntiSpyware\
ProcessID : 1800
ThreadCreationTime : 5-9-2007 10:04:34 PM
BasePriority : Normal
FileVersion : 3, 7, 0, 1018
ProductVersion : 3, 7, 0, 1018
ProductName : SUPERAntiSpyware
CompanyName : SUPERAntiSpyware.com
FileDescription : SUPERAntiSpyware
InternalName : SUPERAntiSpyware
LegalCopyright : Copyright © 2005-2007 by SUPERAntiSpyware.com and SUPERAdBlocker.com
OriginalFilename : SUPERAntiSpyware.exe

#:37 [mcshield.exe]
FilePath : c:\PROGRA~1\mcafee.com\vso\
ProcessID : 2264
ThreadCreationTime : 5-9-2007 10:04:45 PM
BasePriority : High


#:38 [wkcalrem.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\Works Shared\
ProcessID : 2292
ThreadCreationTime : 5-9-2007 10:04:45 PM
BasePriority : Normal
FileVersion : 6.00.1911.0
ProductVersion : 6.00.1911.0
ProductName : Microsoft® Works 6.0
CompanyName : Microsoft® Corporation
FileDescription : Microsoft® Works Calendar Reminder Service
InternalName : WkCalRem
LegalCopyright : Copyright © Microsoft Corporation 1987-2000. All rights reserved.
OriginalFilename : WKCALREM.EXE

#:39 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2568
ThreadCreationTime : 5-9-2007 10:04:49 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:40 [mcagent.exe]
FilePath : c:\program files\mcafee.com\agent\
ProcessID : 2688
ThreadCreationTime : 5-9-2007 10:04:53 PM
BasePriority : Normal
FileVersion : 4, 3, 0, 10
ProductVersion : 4, 3, 0, 0
ProductName : McAfee SecurityCenter
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee SecurityCenter Agent
InternalName : mcagent
LegalCopyright : Copyright © 1998-2002 Networks Associates Technology, Inc.
OriginalFilename : mcagent.exe

#:41 [mpbtn.exe]
FilePath : C:\Program Files\Verizon Online\Support Center\bin\
ProcessID : 3060
ThreadCreationTime : 5-9-2007 10:05:06 PM
BasePriority : Normal


#:42 [aolsp scheduler.exe]
FilePath : c:\program files\common files\aol\1128475720\ee\services\antiSpywareApp\ver2_0_32_1\
ProcessID : 3676
ThreadCreationTime : 5-9-2007 10:06:11 PM
BasePriority : Normal


#:43 [aolsoftware.exe]
FilePath : c:\program files\common files\aol\1128475720\ee\
ProcessID : 3684
ThreadCreationTime : 5-9-2007 10:06:12 PM
BasePriority : Normal
FileVersion : 1.5.6.1
ProductVersion : 1.5.6.1
ProductName : AOL Service Libraries
CompanyName : America Online, Inc.
FileDescription : AOL
InternalName : AOLSoftware
LegalCopyright : © 2006 America Online, Inc.
OriginalFilename : AOLSoftware.exe

#:44 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3104
ThreadCreationTime : 5-9-2007 10:38:01 PM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

#:45 [iexplore.exe]
FilePath : C:\Program Files\internet explorer\
ProcessID : 2216
ThreadCreationTime : 5-9-2007 10:45:23 PM
BasePriority : Normal
FileVersion : 7.00.6000.16441 (vista_gdr.070219-1500)
ProductVersion : 7.00.6000.16441
ProductName : Windows® Internet Explorer
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 40


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Virtumonde Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1644491937-1757981266-682003330-1006\software\microsoft\windows\currentversion\ext\stats\{d2692ee8-4795-44f4-a8ff-8fac5d4fe947}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 41


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 41


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stacy_wisniewski@msnportal.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:stacy wisniewski@msnportal.112.2o7.net/
Expires : 5-7-2012 6:08:00 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stacy_wisniewski@2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:stacy wisniewski@2o7.net/
Expires : 5-7-2012 7:11:12 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 43


Virtumonde Object Recognized!
Type : File
Data : cbxuvst.dll.vir
TAC Rating : 10
Category : Malware
Comment :
Object : C:\QooBox\Quarantine\C\WINDOWS\system32\



Adware.Yazzle Object Recognized!
Type : File
Data : A0000005.exe
TAC Rating : 7
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP1\



Adware.Yazzle Object Recognized!
Type : File
Data : A0000193.exe
TAC Rating : 7
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP2\



Adware.Yazzle Object Recognized!
Type : File
Data : A0004231.exe
TAC Rating : 7
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP2\



Virtumonde Object Recognized!
Type : File
Data : A0004357.dll
TAC Rating : 10
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP3\



Virtumonde Object Recognized!
Type : File
Data : A0004358.dll
TAC Rating : 10
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP3\



Virtumonde Object Recognized!
Type : File
Data : A0004359.dll
TAC Rating : 10
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP3\



Virtumonde Object Recognized!
Type : File
Data : A0004360.dll
TAC Rating : 10
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP3\



Virtumonde Object Recognized!
Type : File
Data : A0004361.dll
TAC Rating : 10
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP3\



Virtumonde Object Recognized!
Type : File
Data : A0004362.dll
TAC Rating : 10
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP3\



Virtumonde Object Recognized!
Type : File
Data : A0004363.dll
TAC Rating : 10
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP3\



Virtumonde Object Recognized!
Type : File
Data : A0004364.dll
TAC Rating : 10
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP3\



Adware.Yazzle Object Recognized!
Type : File
Data : A0004366.exe
TAC Rating : 7
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP3\



Adware.Yazzle Object Recognized!
Type : File
Data : A0006620.exe
TAC Rating : 7
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{F9030085-AF7C-4DF5-B520-AF85501EE74E}\RP4\



Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 57


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 57




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adware.Yazzle Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\outerinfo

Adware.Yazzle Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\outerinfo
Value : DisplayName

Adware.Yazzle Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\outerinfo
Value : UninstallString

Adware.Yazzle Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\outerinfo
Value : HelpLink

Adware.Yazzle Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\outerinfo
Value : InstallLocation

Adware.Yazzle Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\outerinfo
Value : NoModify

Adware.Yazzle Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\outerinfo
Value : NoRepair

Adware.Yazzle Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\outerinfo
Value : DisplayVersion

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 8
Objects found so far: 65

7:48:17 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:29:10.766
Objects scanned:220125
Objects identified:25
Objects ignored:0
New critical objects:25

#15 I_Hate_Viruses

I_Hate_Viruses
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:41 AM

Posted 09 May 2007 - 07:50 PM

I just ran the scan again and I think it got rid of that Adware.Yazzle thing....hopefully




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users