Here is the log .
ComboFix 09-09-25.01 - owner 09/27/2009 13:08.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.565 [GMT -4:00]
Running from: c:\documents and settings\owner\Desktop\Combo-Fix.exe
AV: Trend Micro AntiVirus *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\owner\Local Settings\Application Data\DoubleD
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Cache\2154df11395ea0249c4c54961007ff8a.gif
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Cache\362f27667f6d7af7e9d2a6856d6560f6.gif
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Cache\4b6752554c03dd13115a0078de71aa4d.gif
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Cache\default1.dat
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Cache\fb0a3aaf0df9fc6e0a7bc656b80c3973.gif
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Cache\loading.dat
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Cache\loading.gif
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Cache\loading_bg.gif
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Cache\loading_logo.jpg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\Module_Cursor.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\Module_DailyVideo.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\Module_Game.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\Module_Glitter.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\Module_Logo.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\Module_Option.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\Module_Recipe.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\Module_Ringtone.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\Module_Screensaver.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\Module_Search.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\Module_Smiley.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\Module_Smiley_Config.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\Module_Smiley_TellAFriend.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\Module_Wallpaper.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\Module_Web.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\nsm.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\pixel.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\ProductInfo.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\profile.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\SearchEngineList.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\tbcore.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\ToolbarLayout.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\UpdateCentre.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\UpdateCentreBk.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\URLDynamic.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Data\URLStatic.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\About.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\Component_ComboBox.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\Module_Cursor.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\Module_DailyVideo.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\Module_Game.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\Module_Glitter.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\Module_Logo.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\Module_Option.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\Module_Recipe.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\Module_Ringtone.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\Module_Screensaver.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\Module_Search.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\Module_Smiley.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\Module_Wallpaper.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\Module_Web.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnDefault.png
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnDisplay.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnDisplay.png
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnDisplay18.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnDisplay20.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnGlitters.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnGlitters.png
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnGlitters18.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnGlitters20.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnSmiley.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnSmiley.png
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnSmiley18.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnSmiley20.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnTellFd.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnTellFd.png
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnTellFd18.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnTellFd20.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnWink.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnWink.png
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnWink18.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Icons\TBBtnWink20.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Skins\myskin1.skf
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Skins\myskin2.skf
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.0.11120\Skins\myskin3.skf
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Cache\2154df11395ea0249c4c54961007ff8a.gif
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Cache\362f27667f6d7af7e9d2a6856d6560f6.gif
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Cache\4b6752554c03dd13115a0078de71aa4d.gif
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Cache\default1.dat
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Cache\fb0a3aaf0df9fc6e0a7bc656b80c3973.gif
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Cache\loading.dat
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Cache\loading.gif
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Cache\loading_bg.gif
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Cache\loading_logo.jpg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\Module_Cursor.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\Module_DailyVideo.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\Module_Game.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\Module_Glitter.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\Module_Logo.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\Module_Option.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\Module_Recipe.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\Module_Ringtone.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\Module_Screensaver.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\Module_Search.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\Module_Smiley.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\Module_Smiley_Config.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\Module_Smiley_TellAFriend.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\Module_Wallpaper.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\Module_Web.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\nsm.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\pixel.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\ProductInfo.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\profile.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\SearchEngineList.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\tbcore.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\ToolbarLayout.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\UpdateCentre.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\UpdateCentreBk.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\URLDynamic.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Data\URLStatic.mx
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\About.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\Component_ComboBox.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\Module_Cursor.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\Module_DailyVideo.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\Module_Game.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\Module_Glitter.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\Module_Logo.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\Module_Option.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\Module_Recipe.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\Module_Ringtone.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\Module_Screensaver.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\Module_Search.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\Module_Smiley.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\Module_Wallpaper.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\Module_Web.mg
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnDefault.png
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnDisplay.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnDisplay.png
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnDisplay18.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnDisplay20.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnGlitters.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnGlitters.png
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnGlitters18.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnGlitters20.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnSmiley.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnSmiley.png
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnSmiley18.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnSmiley20.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnTellFd.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnTellFd.png
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnTellFd18.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnTellFd20.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnWink.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnWink.png
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnWink18.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Icons\TBBtnWink20.bmp
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Skins\myskin1.skf
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Skins\myskin2.skf
c:\documents and settings\owner\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar\3.10.3.13450\Skins\myskin3.skf
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm100.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm102.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm10D.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm113.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm11B.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm11E.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm124.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm13.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm136.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm150.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm162.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm165.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm1A6.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm1C0.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm23.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm3A.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm3F.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm4F.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm5B.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm6A.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm76.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm77.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm83.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm87.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm89.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm8F.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm99.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm9A.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm9B.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm9D.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tm9E.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tmA0.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tmB0.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tmB1.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tmB7.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tmE.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tmE2.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\_tmF.tmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\bg.jpg
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\CurrentVersion.xml
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data\ProductInfo.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\ExtractZipFile.zip
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\icon.ico
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\productinfo.dll
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Setup.exe
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\stbdl.exe
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\stbup.exe
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\tdf.dat
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\2154df11395ea0249c4c54961007ff8a.gif
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\362f27667f6d7af7e9d2a6856d6560f6.gif
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\4b6752554c03dd13115a0078de71aa4d.gif
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\default1.dat
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\fb0a3aaf0df9fc6e0a7bc656b80c3973.gif
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\loading.dat
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\loading.gif
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\loading_bg.gif
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\loading_logo.jpg
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Cursor.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_DailyVideo.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Game.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Glitter.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Logo.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Option.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Recipe.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Ringtone.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Screensaver.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Search.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_Config.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_TellAFriend.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Wallpaper.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Web.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\pixel.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ProductInfo.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\profile.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\SearchEngineList.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\tbcore.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ToolbarLayout.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentre.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentreBk.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLDynamic.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLStatic.mx
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\About.mg
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Component_ComboBox.mg
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Cursor.mg
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_DailyVideo.mg
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Game.mg
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Glitter.mg
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Logo.mg
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Option.mg
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Recipe.mg
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Ringtone.mg
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Screensaver.mg
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Search.mg
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Smiley.mg
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Wallpaper.mg
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Web.mg
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDefault.png
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.bmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.png
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay18.bmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay20.bmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.bmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.png
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters18.bmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters20.bmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.bmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.png
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley18.bmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley20.bmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.bmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.png
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd18.bmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd20.bmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.bmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.png
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink18.bmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink20.bmp
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin1.skf
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin2.skf
c:\documents and settings\owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin3.skf
c:\documents and settings\owner\Local Settings\Temporary Internet Files\ISOSetup.exe
c:\documents and settings\owner\Local Settings\Temporary Internet Files\stb06759.tmp
c:\program files\Internet Saving Optimizer
c:\program files\Internet Saving Optimizer\2.2.0.2880\adwpx.exe
c:\program files\Internet Saving Optimizer\2.2.0.2880\Data\config.md
c:\program files\Internet Saving Optimizer\2.2.0.2880\NPCommon.dll
c:\program files\Internet Saving Optimizer\2.2.0.2880\NPIEAddOn.dll
c:\program files\Internet Saving Optimizer\2.2.0.2880\unins000.dat
c:\program files\Internet Saving Optimizer\2.2.0.2880\unins000.exe
c:\program files\Internet Saving Optimizer\3.4.0.4340\adwpx.exe
c:\program files\Internet Saving Optimizer\3.4.0.4340\Data\config.md
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.xul
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\NPAddOn.jar
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.xpt
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFHelperComponent.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\install.rdf
c:\program files\Internet Saving Optimizer\3.4.0.4340\NPCommon.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\NPIEaddon.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.dat
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
c:\program files\Media Access Startup
c:\program files\Media Access Startup\1.3.0.790\Data\config.md
c:\program files\Media Access Startup\1.3.0.790\FF\chrome.manifest
c:\program files\Media Access Startup\1.3.0.790\FF\chrome\content\HPAddOn.js
c:\program files\Media Access Startup\1.3.0.790\FF\chrome\content\HPAddOn.xul
c:\program files\Media Access Startup\1.3.0.790\FF\chrome\HPAddOn.jar
c:\program files\Media Access Startup\1.3.0.790\FF\components\HPFFAddOn.dll
c:\program files\Media Access Startup\1.3.0.790\FF\components\HPFFAddOn.xpt
c:\program files\Media Access Startup\1.3.0.790\FF\components\HPFFHelperComponent.js
c:\program files\Media Access Startup\1.3.0.790\FF\install.rdf
c:\program files\Media Access Startup\1.3.0.790\HPCommon.dll
c:\program files\Media Access Startup\1.3.0.790\HPIEAddOn.dll
c:\program files\Media Access Startup\1.3.0.790\hppx.exe
c:\program files\Media Access Startup\1.3.0.790\MAHelper.exe
c:\program files\Media Access Startup\1.3.0.790\unins000.dat
c:\program files\Media Access Startup\1.3.0.790\unins000.exe
c:\program files\Media Access Startup\1.5.0.850\Data\config.md
c:\program files\Media Access Startup\1.5.0.850\FF\chrome.manifest
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.js
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.xul
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\HPAddOn.jar
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.dll
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.xpt
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFHelperComponent.js
c:\program files\Media Access Startup\1.5.0.850\FF\install.rdf
c:\program files\Media Access Startup\1.5.0.850\HPCommon.dll
c:\program files\Media Access Startup\1.5.0.850\hppx.exe
c:\program files\Media Access Startup\1.5.0.850\MAHelper.exe
c:\program files\Media Access Startup\1.5.0.850\unins000.dat
c:\program files\Media Access Startup\1.5.0.850\unins000.exe
c:\program files\System Search Dispatcher\1.2.0.750\ssd.dll
c:\recycler\S-1-5-21-101775000-1921279437-1250746718-500
c:\recycler\S-1-5-21-2479869782-2774869949-588352338-500
c:\recycler\S-1-5-21-408668197-359428221-1528176614-500
c:\recycler\S-1-5-21-515967899-1177238915-725345543-500
c:\windows\Installer\WinRMSrv.msi
c:\windows\system32\drivers\ESQULetyabumpbpifxmpfmuiqaordqjntjagk.sys
c:\windows\system32\ESQULrrswruacqvdyibodynmlfdtdgooeoqtw.dll
c:\windows\system32\ESQULyvtqowuptmovtyuqrkkufqjuypefqftl.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_ESQULserv.sys
-------\Legacy_ESQULserv.sys
-------\Service_ESQULserv.sys
((((((((((((((((((((((((( Files Created from 2009-08-27 to 2009-09-27 )))))))))))))))))))))))))))))))
.
2009-09-25 12:44 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-09-24 19:02 . 2009-09-24 19:02 -------- d-----w- c:\program files\ooVoo
2009-09-24 18:59 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-09-24 18:49 . 2009-09-24 18:50 15 ----a-w- c:\documents and settings\owner\settings.dat
2009-09-24 18:47 . 2009-09-24 18:47 -------- d-----w- c:\documents and settings\owner\Local Settings\Application Data\WinZip
2009-09-24 18:47 . 2009-09-24 18:47 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-09-21 22:00 . 2009-09-21 22:00 -------- d-----w- c:\documents and settings\owner\Application Data\ooVoo Details
2009-09-21 21:47 . 2009-09-21 21:47 -------- d-----w- c:\windows\CtDrvInstall
2009-09-21 21:47 . 2004-07-29 17:14 91577 ----a-w- c:\windows\system32\drivers\P0620Vid.sys
2009-09-21 21:47 . 2004-07-13 05:01 20480 ----a-w- c:\windows\P0620Cfg.exe
2009-09-21 21:47 . 2004-07-13 05:01 126976 ----a-w- c:\windows\system32\P0620Vfw.dll
2009-09-21 21:47 . 2004-04-06 05:00 40960 ----a-w- c:\windows\system32\P0620Hwx.dll
2009-09-21 21:47 . 2004-03-23 05:00 32768 ----a-w- c:\windows\system32\P0620Pin.dll
2009-09-21 21:47 . 2004-03-22 06:09 81920 ----a-w- c:\windows\CtDrvIns.exe
2009-09-21 21:47 . 2004-03-08 05:00 20480 ----a-w- c:\windows\system32\P0620Srv.exe
2009-09-21 21:47 . 2004-01-18 22:03 69632 ----a-w- c:\windows\system32\p0620sti.dll
2009-09-21 21:47 . 2003-10-03 05:05 65536 ----a-w- c:\windows\system32\CtCamMgr.dll
2009-09-21 21:47 . 2009-09-21 21:47 -------- d-----w- C:\WCamInst
2009-09-11 02:22 . 2009-09-11 02:22 -------- d-----w- c:\program files\iPhone Configuration Utility
2009-09-11 02:05 . 2009-09-11 02:05 -------- d-----w- c:\program files\iPod
2009-09-11 02:05 . 2009-09-11 02:06 -------- d-----w- c:\program files\iTunes
2009-09-11 02:05 . 2009-09-11 02:06 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-10 23:12 . 2009-09-10 23:12 -------- d-----w- c:\documents and settings\owner\Application Data\dvdcss
2009-09-05 22:56 . 2009-09-05 22:56 411368 ----a-w- c:\windows\system32\deploytk.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-27 16:27 . 2005-11-16 22:24 -------- d-----w- c:\program files\Java
2009-09-24 19:02 . 2005-11-16 18:29 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-21 22:54 . 2009-03-10 16:47 -------- d-----w- c:\program files\Trend Micro
2009-09-20 20:24 . 2009-05-28 22:33 -------- d-----w- c:\documents and settings\owner\Application Data\U3
2009-09-13 21:50 . 2009-03-11 03:03 -------- d-----w- c:\documents and settings\owner\Application Data\Apple Computer
2009-09-11 02:20 . 2009-03-17 18:36 -------- d-----w- c:\program files\Safari
2009-09-11 02:05 . 2009-03-11 03:00 -------- d-----w- c:\program files\Common Files\Apple
2009-09-11 02:03 . 2009-03-11 03:01 -------- d-----w- c:\program files\QuickTime
2009-09-05 18:06 . 2005-11-19 03:02 -------- d-----w- c:\program files\Google
2009-08-28 23:42 . 2009-03-17 18:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-08-28 23:42 . 2009-03-11 03:01 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-08-25 20:57 . 2009-07-19 20:39 -------- d-----w- c:\program files\PeerGuardian2
2009-08-14 16:04 . 2009-03-29 01:23 -------- d-----w- c:\program files\AIM6
2009-08-14 16:03 . 2009-03-11 19:30 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL Downloads
2009-08-12 18:46 . 2009-08-12 18:46 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-08-10 03:24 . 2009-03-19 02:02 30308 ---ha-w- c:\windows\system32\mlfcache.dat
2009-08-08 16:09 . 2005-11-16 23:31 36472 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-08 02:37 . 2009-08-08 02:37 -------- d-----w- c:\program files\MSBuild
2009-08-08 02:37 . 2009-08-08 02:37 -------- d-----w- c:\program files\Reference Assemblies
2009-08-05 09:01 . 2005-11-16 02:06 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-02 22:48 . 2009-05-02 03:48 -------- d-----w- c:\documents and settings\owner\Application Data\Canon
2009-07-17 19:01 . 2005-11-16 02:06 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-14 03:43 . 2005-11-16 02:07 286208 ----a-w- c:\windows\system32\wmpdxm.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Aim6"="c:\program files\AIM6\aim6.exe" [2009-05-19 49968]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-09-04 6856704]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]
"oovoo.exe"="c:\program files\ooVoo\oovoo.exe" [2009-09-02 17385144]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-10-12 139264]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-23 339968]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"VAIO Recovery"="c:\windows\Sonysys\VAIO Recovery\PartSeal.exe" [2003-04-20 28672]
"ExecAfterFirstBoot"="c:\windows\SONYSYS\EFlyer\ExecAfterFirstBoot.exe" [2005-03-16 204800]
"VAIO Update 2"="c:\program files\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-10-12 151552]
"HostManager"="c:\program files\Common Files\AOL\1236704552\ee\AOLSoftware.exe" [2008-11-06 41264]
"PartSeal"="c:\windows\Sonysys\VAIO Recovery\PartSeal.exe" [2003-04-20 28672]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2009-04-01 995528]
"OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"OPSE reminder"="c:\program files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" [2003-07-07 729088]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-09 305440]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-05 149280]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-10-08 88363]
c:\documents and settings\owner\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Extender Resource Monitor.lnk - c:\windows\ehome\RMSysTry.exe [2005-10-20 18432]
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2003-4-9 598150]
KODAK Software Updater.lnk - c:\program files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe [2002-3-13 16384]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-6-19 525640]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\AOL\\acs\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\acs\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1236704552\\ee\\aolsoftware.exe"=
"c:\\Program Files\\AOL 9.5\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\AOL\\1236704552\\ee\\AOLServiceHost.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\iPhone Tunnel Suite 2.7 BETA\\iTunnel\\iTunnel.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\ooVoo\\ooVoo.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3776:UDP"= 3776:UDP:Media Center Extender Service
"3390:TCP"= 3390:TCP:Remote Media Center Experience
"443:TCP"= 443:TCP:ooVoo TCP port 443
"443:UDP"= 443:UDP:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:ooVoo UDP port 37675
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB --> c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB [?]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [3/10/2009 10:52 PM 50192]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [8/14/2008 10:23 AM 36368]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [3/28/2009 9:29 PM 24652]
S2 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [3/10/2009 10:53 PM 677128]
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB --> c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
QWAVE REG_MULTI_SZ QWAVE
.
Contents of the 'Scheduled Tasks' folder
2009-09-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
2009-09-27 c:\windows\Tasks\User_Feed_Synchronization-{FBC52612-5327-4383-BDFB-F1BE46185D57}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 23:36]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.theprizeday.com/today.phpuInternet Settings,ProxyOverride = localhost;*.local
IE: &AOL Toolbar Search - c:\documents and settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
FF - ProfilePath - c:\documents and settings\owner\Application Data\Mozilla\Firefox\Profiles\nlbgqkgd.default\
FF - prefs.js: browser.startup.homepage -
hxxp://en-US.start3.mozilla.com/firefox ... S:officialFF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
AddRemove-{16B6279B-9FF5-41fb-8BF9-404324F5DD1F}}_is1 - c:\program files\Media Access Startup\1.5.0.850\unins000.exe
AddRemove-{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1 - c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-09-27 13:35
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(4512)
c:\windows\system32\WININET.dll
c:\program files\ScanSoft\OmniPageSE2.0\ophookSE2.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Bonjour\mdnsNSP.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\AOL\acs\AOLacsd.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
c:\windows\ehome\RMSvc.exe
c:\program files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
c:\program files\Sony\Sony TV Tuner Library\SMceMan.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\program files\AIM6\aolsoftware.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\McrdSvc.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wscntfy.exe
c:\program files\Trend Micro\Internet Security\SfCtlCom.exe
c:\program files\Sony\Sony TV Tuner Library\RM_SV.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\msiexec.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Microsoft Office\OFFICE11\EXCEL.EXE
c:\program files\Trend Micro\BM\TMBMSRV.exe
c:\windows\system32\notepad.exe
.
**************************************************************************
.
Completion time: 2009-09-27 13:46 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-27 17:44
Pre-Run: 105,893,715,968 bytes free
Post-Run: 111,793,213,440 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
570 --- E O F --- 2009-09-27 16:23