Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PSGUARD.msmsgs


  • Please log in to reply

#1
KittyKaat

KittyKaat

    Member

  • Member
  • PipPip
  • 15 posts
i am not very good with computers but i followed another post that seemed to have the same problems and this is the rapport.txt file that i got from it.. im not honestly sure if i did it right cause im really not good with this stuff! the virus was effecting my msn..


mitFraudFix v2.31


Scan done at 20:55:42.37, Sun 04/27/2008
Run from H:\Documents and Settings\KAT!\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\WgaTray.exe
H:\WINDOWS\system32\ctfmon.exe
H:\WINDOWS\tsnp2std.exe
H:\WINDOWS\vsnp2std.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe
H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
H:\Program Files\iPod\bin\iPodService.exe
H:\Program Files\Windows Live\installer\WLSetupSvc.exe
H:\Program Files\Windows Live\Messenger\usnsvc.exe
H:\Program Files\iTunes\iTunes.exe
H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
H:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
H:\WINDOWS\system32\msiexec.exe
H:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
H:\PROGRA~1\AVG\AVG8\avgam.exe
H:\PROGRA~1\AVG\AVG8\avgrsx.exe
H:\PROGRA~1\AVG\AVG8\avgemc.exe
H:\PROGRA~1\AVG\AVG8\avgfws8.exe
H:\Program Files\AVG\AVG8\avgtray.exe
H:\PROGRA~1\Mozilla Firefox\firefox.exe
H:\Program Files\AVG\AVG8\avgui.exe
H:\PROGRA~1\AVG\AVG8\avgnsx.exe
H:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» H:\


»»»»»»»»»»»»»»»»»»»»»»»» H:\WINDOWS

H:\WINDOWS\sites.ini FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» H:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» H:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» H:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» H:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» H:\Documents and Settings\KAT!


»»»»»»»»»»»»»»»»»»»»»»»» H:\Documents and Settings\KAT!\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» H:\DOCUME~1\KAT!\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» H:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, following keys are not inevitably infected!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, following keys are not inevitably infected!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, following keys are not inevitably infected!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="avgrsstx.dll"
"LoadAppInit_DLLs"=dword:00000001


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="H:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller - Packet Scheduler Miniport
DNS Server Search Order: 10.0.0.2

HKLM\SYSTEM\CCS\Services\Tcpip\..\{732865C3-5A25-4608-A408-3E589A280CC7}: DhcpNameServer=10.0.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\..\{732865C3-5A25-4608-A408-3E589A280CC7}: DhcpNameServer=10.0.0.2
HKLM\SYSTEM\CS2\Services\Tcpip\..\{732865C3-5A25-4608-A408-3E589A280CC7}: DhcpNameServer=10.0.0.2
HKLM\SYSTEM\CS3\Services\Tcpip\..\{732865C3-5A25-4608-A408-3E589A280CC7}: DhcpNameServer=10.0.0.2
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.2
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.2
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.2


»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End
  • 0

Advertisements


#2
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hello KittyKaat

Welcome to G2Go. :)
=====================
* Click here to download HJTsetup.exe
  • Save HJTsetup.exe to your desktop.
  • Doubleclick on the HJTsetup.exe icon on your desktop.
  • By default it will install to C:\Program Files\Trend Micro\Hijack This.
  • Click on I agree
  • Then Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.

  • 0

#3
KittyKaat

KittyKaat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:52:54 PM, on 4/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
H:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
H:\PROGRA~1\AVG\AVG8\avgfws8.exe
H:\WINDOWS\System32\svchost.exe
H:\PROGRA~1\AVG\AVG8\avgam.exe
H:\PROGRA~1\AVG\AVG8\avgrsx.exe
H:\PROGRA~1\AVG\AVG8\avgnsx.exe
H:\PROGRA~1\AVG\AVG8\avgemc.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\ctfmon.exe
H:\WINDOWS\system32\WgaTray.exe
H:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe
H:\WINDOWS\tsnp2std.exe
H:\WINDOWS\vsnp2std.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\PROGRA~1\AVG\AVG8\avgtray.exe
H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
H:\Program Files\iPod\bin\iPodService.exe
H:\Program Files\Windows Live\Messenger\usnsvc.exe
H:\PROGRA~1\Mozilla Firefox\firefox.exe
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe

F2 - REG:system.ini: Shell=Explorer.exe, msmsgs.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - H:\Program Files\BitComet\tools\BitCometBHO_1.1.12.26.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - H:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {81A35F39-4850-474E-92C9-B4CF283207E0} - C:\WINDOWS\system32\mstask64.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - H:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: System Process - {C2EEB4FA-B6D6-41b9-9CFA-ABA87F862BCB} - H:\WINDOWS\system32\navshext1.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - H:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [tsnp2std] H:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] H:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] H:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [QuickTime Task] "H:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKLM\..\Policies\Explorer\Run: [notepad.exe] msmsgs.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://H:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://H:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://H:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://H:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://H:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?17875dabced1454d94488d9d566c4d9a
O8 - Extra context menu item: Open in new foreground tab - res://H:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?17875dabced1454d94488d9d566c4d9a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://H:\Program Files\BitComet\tools\BitCometBHO_1.1.12.26.dll/206 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: H:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewi...oOnlineScan.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by117fd.bay11...es/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zon...wn.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zon...1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zon...er.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - H:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - H:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - H:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - H:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: iPod Service - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe

--
End of file - 7278 bytes


Theres the logfile.. Thank you so much for explaining it easily cause ive tried before but its all mumbo-jumbo! haha.
  • 0

#4
KittyKaat

KittyKaat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
i notice one other thing.. i dont know if this is anything to do with anything.. but my ipod wont connect up with my computer either. it charges but it doesnt sync..
  • 0

#5
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Let's get you clean and we will try to fix that issue afterwards. :)
=================================================
Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, the Advanced Options Menu should appear;
  • Select the first option, to run Windows in Safe Mode, then press Enter.
  • Choose your usual account.
  • Open the extracted SDFix folder and double click RunThis.bat to start the script.
  • Type Y to begin the cleanup process.
  • It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
  • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
    (Report.txt will also be copied to Clipboard ready for posting back on the forum).
  • Finally paste the contents of the Report.txt back on the forum with a new HijackThis log

  • 0

#6
KittyKaat

KittyKaat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
SDFix: Version 1.176
Run by KAT! on Mon 04/28/2008 at 07:45 PM

Microsoft Windows XP [Version 5.1.2600]
Running From: H:\SDFix

Checking Services :


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting


Checking Files :

No Trojan Files Found






Removing Temp Files

ADS Check :






is the right? did i do it okay?
  • 0

#7
KittyKaat

KittyKaat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:35:32 PM, on 4/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
H:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
H:\PROGRA~1\AVG\AVG8\avgfws8.exe
H:\WINDOWS\System32\svchost.exe
H:\PROGRA~1\AVG\AVG8\avgam.exe
H:\PROGRA~1\AVG\AVG8\avgrsx.exe
H:\PROGRA~1\AVG\AVG8\avgnsx.exe
H:\WINDOWS\system32\ctfmon.exe
H:\PROGRA~1\AVG\AVG8\avgemc.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\WgaTray.exe
H:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe
H:\WINDOWS\tsnp2std.exe
H:\WINDOWS\vsnp2std.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\PROGRA~1\AVG\AVG8\avgtray.exe
H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
H:\Program Files\iPod\bin\iPodService.exe
H:\PROGRA~1\Mozilla Firefox\firefox.exe
H:\Program Files\Windows Live\Messenger\usnsvc.exe
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - H:\Program Files\BitComet\tools\BitCometBHO_1.1.12.26.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - H:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {81A35F39-4850-474E-92C9-B4CF283207E0} - C:\WINDOWS\system32\mstask64.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - H:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: System Process - {C2EEB4FA-B6D6-41b9-9CFA-ABA87F862BCB} - H:\WINDOWS\system32\navshext1.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - H:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [tsnp2std] H:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] H:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] H:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [QuickTime Task] "H:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O8 - Extra context menu item: &D&ownload &with BitComet - res://H:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://H:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://H:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://H:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://H:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?17875dabced1454d94488d9d566c4d9a
O8 - Extra context menu item: Open in new foreground tab - res://H:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?17875dabced1454d94488d9d566c4d9a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://H:\Program Files\BitComet\tools\BitCometBHO_1.1.12.26.dll/206 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: H:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewi...oOnlineScan.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by117fd.bay11...es/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zon...wn.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zon...1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zon...er.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - H:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - H:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - H:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - H:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: iPod Service - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe

--
End of file - 7196 bytes

did u want a hijack this thingy aswell?
there it isss! :)
  • 0

#8
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Please re-open Hijackthis and click on "Do a system scan only"
Then place a check mark next to these entries below:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {81A35F39-4850-474E-92C9-B4CF283207E0} - C:\WINDOWS\system32\mstask64.dll (file missing)
O2 - BHO: System Process - {C2EEB4FA-B6D6-41b9-9CFA-ABA87F862BCB} - H:\WINDOWS\system32\navshext1.dll (file missing)



Now click on Fix Checked and then close Hijackthis.
===================================
Please download ATF Cleaner by Atribune.
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.
====================================
Please go HERE to run Panda's TotalScan
  • Select the bubble for Full scan
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • Then the scan will begin
  • When the scan completes, click the Save button on the right of Scan details
  • Save it to a convenient location. Post the contents of the TotalScan report

  • 0

#9
KittyKaat

KittyKaat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2008-04-30 20:58:19
PROTECTIONS: 0
MALWARE: 62
SUSPECTS: 1
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00020900 spyware/apropos Spyware No 1 Yes No HKEY_CLASSES_ROOT\TypeLib\{33579379-FF5A-4103-B634-63E8A78F4260}
00027660 adware/savenow Adware No 0 Yes No hkey_local_machine\software\classes\wusn.1
00027660 adware/savenow Adware No 0 Yes No hkey_classes_root\wusn.1
00040735 adware/whenusearch Adware No 0 Yes No h:\program files\common files\whenu
00046186 W32/Alcan.A.worm Virus/Worm No 0 Yes No L:\My Music\liam new\My Music\New Folder (2)\A Perfect Circle - Emotive.zip[Setup.exe]
00047309 adware/navhelper Adware No 0 Yes No h:\program files\navexcel
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.doubleclick.net/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.atdmt.com/]
00139535 Application/Processor HackTools No 0 Yes No H:\SDFix\apps\Process.exe
00139535 Application/Processor HackTools No 0 Yes No H:\WINDOWS\system32\Process.exe
00139535 Application/Processor HackTools No 0 Yes No H:\RECYCLER\S-1-5-21-1644491937-1078081533-839522115-1007\Dh3\Process.exe
00139535 Application/Processor HackTools No 0 Yes No H:\Documents and Settings\KAT!\SmitfraudFix\Process.exe
00139535 Application/Processor HackTools No 0 No No H:\RECYCLER\S-1-5-21-1644491937-1078081533-839522115-1007\Dh32.exe[SDFix\apps\Process.exe]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.tradedoubler.com/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.fastclick.net/]
00145881 Cookie/NewMedia TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.anm.co.uk/]
00152401 Cookie/Belnk TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
00158557 Adware/NavHelper Adware No 0 Yes No H:\System Volume Information\_restore{D0723529-1C65-471C-8302-93FFD94D18AE}\RP828\A0404472.dll
00162730 Cookie/Belnk TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Cookies\kat!@com[1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.xiti.com/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
00167749 Cookie/Toplist TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Cookies\kat!@toplist[2].txt
00167783 Cookie/Sextracker TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[ad.yieldmanager.com/]
00168058 Cookie/Sextracker TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.apmebf.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Cookies\kat!@serving-sys[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.bs.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Cookies\kat!@bs.serving-sys[1].txt
00168095 Cookie/888 TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][3].txt
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[www.burstbeacon.com/]
00168101 Cookie/Falkag TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.adtech.de/]
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.advertising.com/]
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][3].txt
00170087 Cookie/Hbmediapro TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Cookies\kat!@ads.pointroll[2].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.ads.pointroll.com/]
00172483 Cookie/888 TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
00172484 Cookie/Cassava TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.bluestreak.com/]
00173905 Cookie/Xmts TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.adrevolver.com/]
00186469 Cookie/Reliablestats TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
00187950 Cookie/bravenetA TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.bravenet.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
00200583 adware/block-checker Adware No 1 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2EEB4FA-B6D6-41b9-9CFA-ABA87F862BCB}
00200583 adware/block-checker Adware No 1 Yes No h:\windows\system32\ustart.exe
00216065 Cookie/Screensavers TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
00234869 Cookie/FastClick TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
00243250 Adware/IST.ISTBar Adware No 1 Yes No L:\My Music\liam new\My Music\New Folder (2)\a perfect circle\a perfect circle emotive.zip[setup.exe]
00251542 Cookie/Sextracker TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.atwola.com/]
00262024 Cookie/ErrorSafe TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
00262025 Cookie/ErrorSafe TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Cookies\kat!@ads.addynamix[1].txt
00296582 Cookie/DriveCleaner TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
00296583 Cookie/DriveCleaner TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
00296584 Cookie/DriveCleaner TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
00329272 Cookie/Systemdoctor TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
00351416 Cookie/Systemdoctor TrackingCookie No 0 Yes No H:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
00364849 Adware/SaveNow Adware No 0 Yes No H:\System Volume Information\_restore{D0723529-1C65-471C-8302-93FFD94D18AE}\RP828\A0404471.exe
00510393 Adware/Eztracks Adware No 0 Yes No H:\System Volume Information\_restore{D0723529-1C65-471C-8302-93FFD94D18AE}\RP828\A0404470.dll
00674771 Trj/Downloader.MDW Virus/Trojan No 1 Yes No H:\WINDOWS\system32\mstask64.dll
01017039 Generic Trojan Virus/Trojan No 0 Yes No H:\Program Files\EA GAMES\Command & Conquer Generals Zero Hour\ccgzh_103_shaikh.exe
01286417 Generic Backdoor Virus/Trojan No 0 Yes No H:\Documents and Settings\Administrator\Desktop\unl-nfsctrn.exe
01606636 Cookie/Adserver TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Cookies\kat!@adserver.easyad[2].txt
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No H:\RECYCLER\S-1-5-21-1644491937-1078081533-839522115-1007\Dh3\Reboot.exe
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No H:\Documents and Settings\KAT!\SmitfraudFix\Reboot.exe
02887528 Cookie/AdvancedCleaner TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[advancedcleaner.com/]
02887528 Cookie/AdvancedCleaner TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.advancedcleaner.com/]
02887528 Cookie/AdvancedCleaner TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.advancedcleaner.com/]
02887528 Cookie/AdvancedCleaner TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.advancedcleaner.com/]
02887528 Cookie/AdvancedCleaner TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.advancedcleaner.com/]
02887528 Cookie/AdvancedCleaner TrackingCookie No 0 Yes No H:\Documents and Settings\KAT!\Application Data\Mozilla\Firefox\Profiles\pg1ubjo0.default\cookies.txt[.advancedcleaner.com/]
;===============================================================================
=================================================================================
===================
SUSPECTS
Location
;===============================================================================
=================================================================================
===================
H:\PROGRAM FILES\LOGMEIN\RAMAINT.EXE
;===============================================================================
=================================================================================
===================
  • 0

#10
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Please download the OTMoveIt2 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    HKEY_CLASSES_ROOT\TypeLib\{33579379-FF5A-4103-B634-63E8A78F4260}
    hkey_local_machine\software\classes\wusn.1
    hkey_classes_root\wusn.1
    h:\program files\common files\whenu
    L:\My Music\liam new\My Music\New Folder (2)\A Perfect Circle - Emotive.zip
    h:\program files\navexcel
    H:\RECYCLER\S-1-5-21-1644491937-1078081533-839522115-1007\Dh3\Process.exe
    H:\Documents and Settings\KAT!\SmitfraudFix
    H:\RECYCLER\S-1-5-21-1644491937-1078081533-839522115-1007\Dh32.exe
    h:\windows\system32\ustart.exe
    H:\WINDOWS\system32\mstask64.dll
    H:\Program Files\EA GAMES\Command & Conquer Generals Zero Hour\ccgzh_103_shaikh.exe
    H:\Documents and Settings\Administrator\Desktop\unl-nfsctrn.exe
  • Return to OTMoveIt2, right click in the "Paste List of Files/Folders to be Moved" window (under the light Yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • OTMoveit2 will create a log of moved files in the C:\_OTMoveIt\MovedFiles folder. The log's name will appear as the date and time it was created, with the format mmddyyyy_hhmmss.log. Open this log in Notepad and post its contents in your next reply.
  • Close OTMoveIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
=======================
Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley.
  • 0

Advertisements


#11
KittyKaat

KittyKaat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
File/Folder ODE not found.
< HKEY_CLASSES_ROOT\TypeLib\{33579379-FF5A-4103-B634-63E8A78F4260} >
Registry key HKEY_CLASSES_ROOT\TypeLib\{33579379-FF5A-4103-B634-63E8A78F4260}\\ deleted successfully.
< hkey_local_machine\software\classes\wusn.1 >
Registry key hkey_local_machine\software\classes\wusn.1\\ deleted successfully.
< hkey_classes_root\wusn.1 >
Registry key hkey_classes_root\wusn.1\\ not found.
h:\program files\common files\whenu moved successfully.
L:\My Music\liam new\My Music\New Folder (2)\A Perfect Circle - Emotive.zip moved successfully.
h:\program files\navexcel\NavHelper\v2.0.4d moved successfully.
h:\program files\navexcel\NavHelper moved successfully.
h:\program files\navexcel moved successfully.
H:\RECYCLER\S-1-5-21-1644491937-1078081533-839522115-1007\Dh3\Process.exe moved successfully.
H:\Documents and Settings\KAT!\SmitfraudFix moved successfully.
H:\RECYCLER\S-1-5-21-1644491937-1078081533-839522115-1007\Dh32.exe moved successfully.
h:\windows\system32\ustart.exe moved successfully.
H:\WINDOWS\system32\mstask64.dll unregistered successfully.
H:\WINDOWS\system32\mstask64.dll moved successfully.
H:\Program Files\EA GAMES\Command & Conquer Generals Zero Hour\ccgzh_103_shaikh.exe moved successfully.
H:\Documents and Settings\Administrator\Desktop\unl-nfsctrn.exe moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 05012008_094359
  • 0

#12
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Ok can you please install Mbam from the previous instructions and run it .
  • 0

#13
KittyKaat

KittyKaat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
sorry i didnt see that!
thanks for helping btw.. appreciate it!
  • 0

#14
KittyKaat

KittyKaat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Malwarebytes' Anti-Malware 1.11
Database version: 704

Scan type: Quick Scan
Objects scanned: 60612
Time elapsed: 24 minute(s), 53 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 26
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 31
Files Infected: 566

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/Publisher,version=0.2.0 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/Updater,version=0.2.0 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
H:\Documents and Settings\Administrator\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461 (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329 (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124 (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02 (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Updater\2364 (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Updater\2663 (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\All Users\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\KAT!\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\KAT!\Application Data\VideoEgg\Data (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\KAT!\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\KAT!\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\KAT!\Application Data\VideoEgg\Data\Resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\KAT!\Application Data\VideoEgg\Data\Resources\gid329 (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\KAT!\Application Data\VideoEgg\Data\Resources\gid329\cid1124 (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\KAT!\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\KAT!\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\KAT!\Application Data\VideoEgg\Publisher\4520 (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\KAT!\Application Data\VideoEgg\Publisher\4520\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\KAT!\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\KAT!\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\KAT!\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\KAT!\Application Data\VideoEgg\Updater\2364 (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\KAT!\Application Data\VideoEgg\Updater\4458 (Adware.VideoEgg) -> Quarantined and deleted successfully.

Files Infected:
H:\Program Files\VideoEgg\Loader\2364\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\dataCollection.tmp (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\bebo_tv_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\bebo_tv_watermark1.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\button_browse_upcopy.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\camcorder_slide copy.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\mobile_btn_highlighted copy.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\refresh_list_over copy.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\skin.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\skin.ver~ (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\skin.zip (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\start_capture copy.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\stop_capture copy.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\TESTrestart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\TESTrestart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\uploading_fill copy.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and Settings\Administrator\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
H:\Documents and S
  • 0

#15
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
How are things running?

Also please post a new Hijackthis log.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP