Hi km2357
I managed to uninstall all of the programs that you told me to and run ComboFix so here is the log that it produced. Thank you so much again for your time and help, it's much appreciated!
ComboFix 09-11-24.04 - Dave 25/11/2009 12:12.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.44.1033.18.191.6 [GMT 0:00]
Running from: d:\documents and settings\Dave\Desktop\raverdave.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\recycler\S-1-5-21-4156357671-1225664236-4064586095-1003
c:\windows\system32\drivers\ESQULhylqbbqoeparwwiyouirwvyqmqsnsdtx.sys
c:\windows\system32\ESQULbrkrjdnkitlsdjkksgpefmnmfdgbxeib.dll
c:\windows\system32\ESQULudoltfmqjvipxjwunjxxhbowprccaiqp.dll
c:\windows\system32\ESQULzcounter
c:\windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
d:\documents and settings\Dave\Local Settings\Application Data\DoubleD
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\_tm16.tmp
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\_tm32.tmp
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\bg.jpg
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\CurrentVersion.xml
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data\ProductInfo.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\ExtractZipFile.zip
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\icon.ico
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\productinfo.dll
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Setup.exe
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\stbup.exe
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\tdf.dat
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\248d6576afce4ee94af42d7350131106.gif
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\24a70fb875fab686b6b3c217612bc07c.gif
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\default1.dat
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\loading.dat
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\loading.gif
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Cursor.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_DailyVideo.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Game.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Glitter.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Logo.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Option.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Recipe.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Ringtone.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Screensaver.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Search.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_Config.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_TellAFriend.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Wallpaper.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Web.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\pixel.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ProductInfo.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\profile.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\SearchEngineList.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\tbcore.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ToolbarLayout.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentre.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentreBk.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLDynamic.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLStatic.mx
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\About.mg
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Component_ComboBox.mg
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Cursor.mg
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Cursor.png
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_DailyVideo.mg
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Game.mg
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Glitter.mg
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Glitter.png
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Logo.mg
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Option.mg
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Recipe.mg
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Ringtone.mg
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Screensaver.mg
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Search.mg
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Smiley.mg
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Smiley.png
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Wallpaper.mg
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Web.mg
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDefault.png
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.bmp
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.png
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay18.bmp
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay20.bmp
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.bmp
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.png
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters18.bmp
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters20.bmp
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnOption.png
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.bmp
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.png
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley18.bmp
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley20.bmp
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.bmp
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.png
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd18.bmp
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd20.bmp
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.bmp
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.png
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink18.bmp
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink20.bmp
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin1.skf
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin2.skf
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin3.skf
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin4.skf
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\TellafriendSkin.skf
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\TellafriendSkin_s.skf
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\ToastSkin.skf
d:\documents and settings\Dave\Local Settings\Temporary Internet Files\stb06759.tmp
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Cache\248d6576afce4ee94af42d7350131106.gif
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Cache\24a70fb875fab686b6b3c217612bc07c.gif
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Cache\default1.dat
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Cache\loading.dat
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Cache\loading.gif
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_Cursor.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_DailyVideo.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_Game.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_Glitter.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_Logo.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_Option.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_Recipe.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_Ringtone.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_Screensaver.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_Search.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_Smiley.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_Smiley_Config.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_Smiley_Config.mx.new
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_Smiley_TellAFriend.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_Wallpaper.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_Web.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_WebDropdown_01.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_WebDropdown_02.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_WebDropdown_03.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_WebDropdown_04.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_WebDropdown_05.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_WebDropdown_06.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\Module_WebDropdown_07.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\pixel.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\ProductInfo.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\profile.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\SearchEngineList.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\tbcore.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\ToolbarLayout.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\UpdateCentre.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\UpdateCentreBk.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\URLDynamic.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Data\URLStatic.mx
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\About.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Component_ComboBox.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_Cursor.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_Cursor.png
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_DailyVideo.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_Game.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_Glitter.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_Glitter.png
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_Logo.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_Option.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_Recipe.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_Ringtone.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_Screensaver.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_Search.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_Smiley.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_Smiley.png
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_Wallpaper.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_Web.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_WebDropdown_01.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_WebDropdown_01.png
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_WebDropdown_02.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_WebDropdown_02.png
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_WebDropdown_03.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_WebDropdown_03.png
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_WebDropdown_04.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_WebDropdown_04.png
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_WebDropdown_05.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_WebDropdown_05.png
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_WebDropdown_06.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_WebDropdown_06.png
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_WebDropdown_07.mg
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\Module_WebDropdown_07.png
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnDefault.png
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnDisplay.bmp
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnDisplay.png
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnDisplay18.bmp
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnDisplay20.bmp
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnGlitters.bmp
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnGlitters.png
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnGlitters18.bmp
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnGlitters20.bmp
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnOption.png
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnSmiley.bmp
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnSmiley.png
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnSmiley18.bmp
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnSmiley20.bmp
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnTellFd.bmp
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnTellFd.png
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnTellFd18.bmp
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnTellFd20.bmp
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnWink.bmp
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnWink.png
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnWink18.bmp
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Icons\TBBtnWink20.bmp
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Skins\myskin1.skf
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Skins\myskin2.skf
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Skins\myskin3.skf
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Skins\myskin4.skf
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Skins\TellafriendSkin.skf
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Skins\TellafriendSkin_s.skf
d:\documents and settings\Internet\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.1.3.20290\Skins\ToastSkin.skf
d:\documents and settings\Internet\Local Settings\Temporary Internet Files\_tm1.tmp
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_ESQULserv.sys
-------\Legacy_ESQULserv.sys
((((((((((((((((((((((((( Files Created from 2009-10-25 to 2009-11-25 )))))))))))))))))))))))))))))))
.
2009-11-24 23:32 . 2009-11-24 23:33 -------- d-----w- C:\rsit
2009-11-17 15:23 . 2009-11-17 15:23 -------- d-----w- c:\program files\Trend Micro
2009-11-17 15:07 . 2009-11-17 15:07 -------- d-----w- d:\documents and settings\Dave\Local Settings\Application Data\AVG Security Toolbar
2009-11-14 22:56 . 2009-11-14 22:56 -------- d-----w- d:\documents and settings\Dave\Local Settings\Application Data\Unity
2009-11-12 14:14 . 2009-11-12 14:14 -------- d-----w- C:\b2ef70b41efbc5cf5198b6
2009-11-11 13:38 . 2009-11-11 13:38 -------- d-sh--w- d:\documents and settings\Dave\PrivacIE
2009-11-07 13:19 . 2009-11-07 13:19 -------- d-----w- d:\documents and settings\Internet\Application Data\OD2
2009-11-07 11:44 . 2009-11-07 11:44 -------- d-----w- d:\documents and settings\Georgia\Local Settings\Application Data\Mozilla
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-24 00:08 . 2009-04-05 16:01 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-24 00:03 . 2009-04-05 16:01 -------- d-----w- d:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-11 13:41 . 2009-09-02 09:54 -------- d-----w- c:\program files\Opera
2009-10-19 15:06 . 2009-07-08 14:07 -------- d-----w- d:\documents and settings\Dave\Application Data\BitTorrent
2009-10-08 14:45 . 2009-07-08 14:26 5 ----a-w- c:\windows\system32\SySCut.dat
2009-09-02 09:05 . 2009-04-05 16:15 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-09-02 09:05 . 2009-04-05 16:15 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-09-02 09:05 . 2009-04-05 16:15 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-14 15:07 1004800 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"Ulead AutoDetector v2"="c:\program files\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 90112]
"PCMService"="c:\apps\Powercinema\PCMService.exe" [2005-05-11 127118]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-11-03 2028312]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2005-06-20 77824]
"SiSPower"="SiSPower.dll" - c:\windows\system32\SiSPower.dll [2005-01-04 49152]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
d:\documents and settings\All Users\Start Menu\Programs\Startup\
Utility Tray.lnk - c:\windows\system32\sistray.exe [2005-12-11 331776]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-09-02 09:05 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\SoulseekNS\\slsk.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [05/04/2009 16:15 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [05/04/2009 16:15 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [05/04/2009 16:15 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [05/04/2009 16:15 297752]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29/04/2009 09:27 721904]
.
Contents of the 'Scheduled Tasks' folder
2009-04-05 c:\windows\Tasks\Registration reminder 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2004-08-10 14:00]
.
.
------- Supplementary Scan -------
.
IE: &Search -
http://edits.mywebsearch.com/toolbaredi ... p=ZUfox000IE: {{08E730A4-FB02-45BD-A900-01E4AD8016F6} -
http://www.sky.comFF - ProfilePath - d:\documents and settings\Dave\Application Data\Mozilla\Firefox\Profiles\dmwq6200.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://search.live.com/results.aspx?FORM=IEFM1&q=FF - prefs.js: browser.startup.homepage -
hxxp://www.google.co.uk/FF - prefs.js: keyword.URL -
hxxp://uk.yhs.search.yahoo.com/avg/sear ... -web_uk&p=FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: d:\documents and settings\Dave\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHANS REMOVED - - - -
AddRemove-HijackThis - c:\program files\Trend Micro\HijackThis\HijackThis.exe
AddRemove-RealJukebox 1.0 - c:\program files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
AddRemove-RealPlayer 6.0 - c:\program files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-11-25 12:28
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-11-25 12:33
ComboFix-quarantined-files.txt 2009-11-25 12:33
Pre-Run: 15,961,739,264 bytes free
Post-Run: 15,943,933,952 bytes free
- - End Of File - - 81E8193E9F1557C20331F14D530A64DC