Two Plus Two Publishing LLC Two Plus Two Publishing LLC
 
2+2 Shortcuts
Hand Converter 2+2 Store 2+2 Magazine 2+2 Blogs 2+2 Pokercast
Non–US players
GET FIVE 2+2 books FREE! see our poker bonus
2+2 Forums
Expand   Collapse
Two Plus Two Best of 2+2 2+2 Magazine Forum 2+2 Bonus Program 2+2 Pokercast 2+2 Videos Marketplace Commercial Marketplace Classified Listings About the Forums
General Poker Beginners Questions Poker Goals & Challenges Books and Publications Poker Theory News, Views, and Gossip Poker Headlines Televised Poker Brick and Mortar Mortar and Brick Home Poker Poker Legislation Fight for Poker Rights (PPA) That's What She Said Beats, Brags, and Variance
Videos Poker Video Directory CardRunners.com DragTheBar.com iPokerVIP.com LeggoPoker.com PokerStrategy.com
Coaching/ Training Coaching Advice Cash Games Poker Coaches Tournament / SNG Poker Coaches CardRunners PokerStrategy.com
Sponsored Support RPM Poker Lock Poker Carbon Poker Draft Day High Pulse Poker iPokerVIP
Limit Hold'em High Stakes Limit Medium Stakes Limit Small Stakes Limit Micro Stakes Limit Mid-High Short-handed Small Stakes Shorthanded Limit––>NL Heads Up Limit
No Limit Hold'em High Stakes NL Medium Stakes NL Small Stakes NL Micro Stakes NL Medium-High Full Ring Small Full Ring Micro Full Ring Heads Up NL Live Low-stakes NL
Tournament Poker STT Strategy Heads Up SNG High Stakes MTT Midstakes MTT Small Stakes MTT MTTSNG MTT Community MTTc - Live Tournament Results
Other Poker High Stakes PLO Small Stakes PLO Omaha/8 Stud Draw and Other Poker
General Gambling Backgammon Probability Psychology Sports Betting Other Gambling Games Entertainment Betting
Internet Poker Internet Poker Internet Bonuses Affiliates/RakeBack Software
2+2 Communities Other Other Topics The Lounge EDF Las Vegas Lifestyle BBV4Life Musicians
Sports & Games Sporting Events Wrestling Golf Pool, Snooker, and Billiards Chess Video Games Puzzles and Other Games
Other Topics Politics Business, Finance, and Investing Travel Science, Math, and Philosophy History Religion, God, and Theology Health and Fitness Student Life Laughs or Links! Computer Technical Help Programming
International Deutsch Français Español 2+2.ру
Other Links
Two Plus Two Poker Books Authors Book Translations Abbreviations Feedback Advertising Info Privacy Notice Terms and Conditions
Forum Archives

Go Back   Two Plus Two Poker Forums > Other Topics > Computer Technical Help
Reload this Page Start menu disappearing
Register FAQ Search Today's Posts Mark Forums Read Video Directory TwoPlusTwo.com

Notices

Computer Technical Help Post your questions about computer hardware and software and configuring same here.

Reply
Page 1 of 3 1 23
 
Thread Tools Display Modes
Old 10-10-2008, 06:41 PM   #1
adept
 
Micky08's Avatar
 
Join Date: Apr 2008
Location: $48 HU's Cake
Posts: 1,002
Start menu disappearing
Hi, I'm having problems with my start menu and I'm 90%+ sure it's some sort of a virus I got from a cracked program. It keeps appearing and then disappearing and when I try to open Mozilla firefox it instantly close and I get a message that it has crashed ( it has only done this since the start bar has started to eff up)

Here is the logfile from HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:35:52 PM, on 10/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\winmech\NTSERV~1\srunner.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Michael 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Michael 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Michael 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O1 - Hosts: 216.239.37.99 www.fulltiltpoker.com
O1 - Hosts: 216.239.37.99 www.www.fulltiltpoker.com
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 http://www.pokerstars.com/
O1 - Hosts: 216.239.37.99 www.http://www.pokerstars.com/
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.89.com
O1 - Hosts: 216.239.37.99 www.www.89.com
O1 - Hosts: 216.239.37.99 http://www.89.com/
O1 - Hosts: 216.239.37.99 www.http://www.89.com/
O3 - Toolbar: BearShare MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\BearShare MediaBar\MediaBar.dll (file missing)
O3 - Toolbar: Protection Bar - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdiebar.dll (file missing)
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Evidence Eliminator] C:\Program Files\Evidence Eliminator\ee.exe /m
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [TalkTalk] "C:\Program Files\TalkTalk\bin\sprtcmd.exe" /P TalkTalk
O4 - HKLM\..\Run: [LXCICATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCItim e.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcimon.exe] "C:\Program Files\Lexmark 7300 Series\lxcimon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 7300 Series\ezprint.exe"
O4 - HKLM\..\Run: [POEngine] "C:\Program Files\PokerOffice\POEngine.exe" C:\Program Files\PokerOffice
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CrazyTalk Serve] rundll32.exe C:\WINDOWS\system32\CrazyTalk.dll,DllServeMediaFil e
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fssui.exe" -autorun
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [lphcvumj0e3ar] C:\WINDOWS\system32\lphcvumj0e3ar.exe
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Mikogo] "C:\Program Files\Mikogo\Mikogo.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Michael 2\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKLM\..\Policies\Explorer\Run: [issearch.exe] issearch.exe
O4 - HKLM\..\Policies\Explorer\Run: [isamonitor.exe] C:\Program Files\iVideoCodec\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [pmsngr.exe] C:\Program Files\iVideoCodec\pmsngr.exe
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1019\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (User 'postgres')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra button: PokerTime Poker - {7220F1C9-B7E0-47a6-A0BD-D5B3940BCC79} - C:\Microgaming\Poker\PokerTimeMPP\MPPoker.exe (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Golden Riviera Poker - {85BFB6E0-96F9-4424-8819-1D67E9F78D33} - C:\Program Files\goldenrivieraMPP\MPPoker.exe (file missing)
O9 - Extra button: Crazy Poker - {8A8A3162-B5FA-4c54-A862-4E62CBE8A255} - C:\Program Files\crazyvegasMPP\MPPoker.exe (file missing)
O9 - Extra button: Gnuf Casino - {8FE9B27A-BDCD-4d27-A430-4DC0B58D01B0} - C:\Program Files\Gnuf\Casino\casinogame.exe (file missing)
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: PacificPoker - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - C:\PROGRA~1\PACIFI~1\pacificpoker.exe (file missing)
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: Vegas Villa Online Casino - {AB692429-F6D7-4b49-A981-A077A58ED9D0} - C:\Program Files\vegasvilla\casinogame.exe (file missing)
O9 - Extra button: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Program Files\Noble Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Program Files\Noble Poker\casino.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: FreshDownload - {B9BDD838-91D1-4E31-A1D1-062DD5B289C3} - C:\Program Files\FreshDevices\FreshDownload\fd.exe (file missing)
O9 - Extra button: Dream Poker - {D45D9D5F-B491-4c95-8B05-FA6B6C69CA82} - C:\Microgaming\Poker\dreampokerMPP\MPPoker.exe (file missing)
O9 - Extra button: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (file missing)
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Michael 2\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Michael 2\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolb...lerControl.cab
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: {463ED66E-431B-11D2-ADB0-0080C83DA4EB} (AcceptWM Class) - https://w3s.webmoney.ru/WMAcceptor.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (Download Helper Class) - http://activex.microgaming.com/DLhel...7/dlhelper.cab
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/W...gPublisher.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Regi...18/flashax.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{71F536DA-0383-44D5-9C3B-E98F81A1B3B0}: NameServer = 62.24.222.135 62.24.222.134
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O22 - SharedTaskScheduler: farrandly - {8aa7a4d2-73c7-4fca-bef7-7923e38a3b1c} - C:\WINDOWS\system32\tczij.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: lxci_device - - C:\WINDOWS\system32\lxcicoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - c:\windows\svchost.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Security Services Internet (winmech) - Unknown owner - C:\WINDOWS\winmech\NTSERV~1\srunner.exe

--
End of file - 16177 bytes

Thanks in advance
Micky08 is offline   Reply With Quote
Old 10-11-2008, 01:53 AM   #2
grinder
 
Entropic's Avatar
 
Join Date: Sep 2005
Posts: 407
Re: Start menu disappearing
Have you tried starting firefox in safe mode? Start -> Programs -> Mozilla Firefox -> Mozilla Firefox (Safe Mode).

Mozilla also has a good page about possible causes of firefox crashing
http://support.mozilla.com/en-US/kb/Firefox+crashes

Your computer is probably infected with malware.

1. Download Avast, update to the latest definitions and run a boot time scan.

2. Download Ad-Aware. After Avast is finished scanning and Windows loads update Ad-Aware and run a full scan.

Make sure you have a bootable XP CD on hand too, if a vital windows system file is infected you can delete it during the boot-time scan (it gives you the option not to as well) and render your system inoperable. I recommend deleting/moving to chest all infected files, if a vital component is gone do a repair install from the XP CD (you keep all your data, it just rewrites the OS files).
Entropic is offline   Reply With Quote
Old 10-11-2008, 03:04 AM   #3
grinder
 
Join Date: Jul 2007
Posts: 557
Re: Start menu disappearing
Hi, lets run a quick malware check and check some critical spots on your harddrive with hijackthis and see what may be going on. To start:

1) Download MBAM
Double Click mbam-setup.exe to install the application.
Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

2) Run Hijackthis again.
Don't fix anything yet.
Run a scan and then click save log. Make sure this is a fresh log after you have used MBAM.

Copy&Paste the entire MBAM report in your next reply along with your fresh HijackThis log and we'll get started.
im_not_1337 is offline   Reply With Quote
Old 10-11-2008, 07:51 AM   #4
adept
 
Micky08's Avatar
 
Join Date: Apr 2008
Location: $48 HU's Cake
Posts: 1,002
Re: Start menu disappearing
Malwarebytes' Anti-Malware 1.28
Database version: 1253
Windows 5.1.2600 Service Pack 2

10/11/2008 12:41:36 PM
mbam-log-2008-10-11 (12-41-36).txt

Scan type: Quick Scan
Objects scanned: 154960
Time elapsed: 1 hour(s), 17 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 87
Registry Values Infected: 3
Registry Data Items Infected: 4
Folders Infected: 45
Files Infected: 458

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\ljJBtuSj.dll (Trojan.Vundo.H) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{72cf9425-a413-4da8-82d2-a8759d9093b7} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mljji (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{72cf9425-a413-4da8-82d2-a8759d9093b7} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{78896b19-f11b-4bab-8e73-64e1741a1b27} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssqrqrsj (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{78896b19-f11b-4bab-8e73-64e1741a1b27} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{a706dd72-1c7e-49bb-83f4-fc2c20367b02} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\hggdbbb (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a706dd72-1c7e-49bb-83f4-fc2c20367b02} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{c2139010-819c-4a51-a6bd-82863b221c53} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{c2139010-819c-4a51-a6bd-82863b221c53} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\bhonew.bho (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bhonew.bho.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dlp.dlpobj (Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dlp.dlpobj.1 (Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xbtb01621.ietoolbar (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xbtb01621.ietoolbar.1 (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xbtb01621.xbtb01621 (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xbtb01621.xbtb01621.1 (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4937d5d1-2039-409a-bd83-fec9b39b2356} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b1e22eb8-2ae8-4e8e-96ae-74f2a1764533} (Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{caf9d798-c659-4b9b-8e19-ee27c3d04ee7} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{401f4b6b-3c36-4e8d-bc07-f46fc6d67d9a} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1daefcb9-06c8-47c6-8f20-3fb54b244daa} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{be2ed590-ca49-46b5-8cce-244fb2e0d1aa} (Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{15c7d7ad-a87a-4c0d-9d8b-637fcd3488ef} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{bdbebf18-7615-4971-9ac3-bd6ffb7ad6c1} (Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{401f4b6b-3c36-4e8d-bc07-f46fc6d67d9a} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{1daefcb9-06c8-47c6-8f20-3fb54b244daa} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{be2ed590-ca49-46b5-8cce-244fb2e0d1aa} (Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\DLP.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winnqk32 (Dialer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\IE AntiVirus (Rogue.IEAntiVirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoe gg.com/publisher,version=0.2.0 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoe gg.com/updater,version=0.2.0 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Evidence Eliminator Safe Recycle (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Evidence Eliminator Quick Mode (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Evidence Eliminator Safe Restart (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Evidence Eliminator Safe Shutdown (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Eeshellx.ShellExt (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandle rs\Evidence Eliminator (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\R oot\LEGACY_FOPF (Rogue.AVSystemShield) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Windows Safety Alert (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products\AntiVirus (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\W MPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\IExplorer Security Plug-in (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Internet Explorer Secure Bar (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Messenger Service (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CLASSES_ROOT\AppID\ (Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\lphcvumj0e3ar (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\ljjbtusj -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\ljjbtusj -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\UGA6P (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\UGA6P\Quar (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Antiviruspcsuite (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Program Files\Antiviruspcsuite\Dat (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Program Files\VSAdd-in (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\NI.UGA6P_0001_N105M2704 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michael\Application Data\SystemDoctor 2006 Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michael\Application Data\SystemDoctor 2006 Free\Logs (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Start Menu\Programs\Evidence Eliminator (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Antiviruspcsuite (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Antiviruspcsuite\Logs (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\me ssages (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Updater\2663 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Updater\4458 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\me ssages (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Updater\2663 (Adware.VideoEgg) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\system32\mljji.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssqrqrSj.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hggdbbb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ljJBtuSj.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\jSutBJjl.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jSutBJjl.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Program Files\VideoEgg\Loader\2663\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgGxUnlM.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jkkICrRI.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yayaXQki.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michael 2\Local Settings\Temp\.tt11.tmp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michael 2\Local Settings\Temp\Rar$EX00.141\crack.exe (Trojan.Inject) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michael 2\Local Settings\Temp\Rar$EX01.172\crack.exe (Trojan.Inject) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michael 2\Local Settings\Temporary Internet Files\Content.IE5\MMIBHDGR\cntr[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History\search2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images\018B468D.u rr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Antiviruspcsuite\Dat\sr.log (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\VideoEgg\user.dat (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\NI.UGA6P_0001_N105M2704\settings.ini (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\NI.UGA6P_0001_N105M2704\setup.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\NI.UGA6P_0001_N105M2704\setup.len (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Start Menu\Programs\Evidence Eliminator\Evidence Eliminator Help.lnk (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Start Menu\Programs\Evidence Eliminator\Evidence Eliminator License Agreement.lnk (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Start Menu\Programs\Evidence Eliminator\Evidence Eliminator Read Me.lnk (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Start Menu\Programs\Evidence Eliminator\Evidence Eliminator.lnk (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Antiviruspcsuite\avtasks.dat (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Antiviruspcsuite\PGE.dat (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Antiviruspcsuite\Logs\av.log (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Antiviruspcsuite\Logs\ga6Support.log (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Antiviruspcsuite\Logs\update.log (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\bebo_tv_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\bebo_tv_watermark_1.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\camcorder_slide copy.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\mobile_btn_highlighted copy.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\skin.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\skin.zip (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\videoegg-large.ico (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\videoegg-small.ico (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\videoegg.ico (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
Micky08 is offline   Reply With Quote
Old 10-11-2008, 07:51 AM   #5
adept
 
Micky08's Avatar
 
Join Date: Apr 2008
Location: $48 HU's Cake
Posts: 1,002
Re: Start menu disappearing
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\me ssages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Updater\2663\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Updater\2663\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Updater\4458\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Updater\4458\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\me ssages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Updater\2663\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Updater\2663\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winnqk32.dll (Dialer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blphcvumj0e3ar.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Start Menu\Programs\IE AntiVirus 3.3.lnk (Rogue.IEAntiVirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michael 2\Local Settings\Temp\.ttE.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\.tt53.tmp.vbs (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\.tt81.tmp.vbs (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michael 2\Local Settings\Temp\.ttE.tmp.vbs (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\win44BD.tmp.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\win44C2.tmp.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\win44C5.tmp.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
Micky08 is offline   Reply With Quote
Old 10-11-2008, 07:53 AM   #6
adept
 
Micky08's Avatar
 
Join Date: Apr 2008
Location: $48 HU's Cake
Posts: 1,002
Re: Start menu disappearing
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:48:22 PM, on 10/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\winmech\NTSERV~1\srunner.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\TalkTalk\bin\sprtcmd.exe
C:\Program Files\Lexmark 7300 Series\lxcimon.exe
C:\Program Files\Lexmark 7300 Series\ezprint.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\lxcicoms.exe
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Windows Live\Family Safety\fssui.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Kontiki\KHost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mikogo\Mikogo.exe
C:\Documents and Settings\Michael 2\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O1 - Hosts: 216.239.37.99 www.fulltiltpoker.com
O1 - Hosts: 216.239.37.99 www.www.fulltiltpoker.com
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 http://www.pokerstars.com/
O1 - Hosts: 216.239.37.99 www.http://www.pokerstars.com/
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.89.com
O1 - Hosts: 216.239.37.99 www.www.89.com
O1 - Hosts: 216.239.37.99 http://www.89.com/
O1 - Hosts: 216.239.37.99 www.http://www.89.com/
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {274c0420-ebe0-4f1d-b473-edd1aa9b85dd} - C:\Program Files\iVideoCodec\isaddon.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: XBTP01621 - {9EBBE90B-282E-4c39-8A7E-120749169F0F} - C:\PROGRA~1\BEARSH~2\MediaBar.dll (file missing)
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - C:\WINDOWS\system32\ixt0.dll (file missing)
O2 - BHO: (no name) - {CDE8EAB9-CEF3-4885-B12F-26960A25C800} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
O3 - Toolbar: (no name) - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file)
O3 - Toolbar: Protection Bar - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdiebar.dll (file missing)
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Evidence Eliminator] C:\Program Files\Evidence Eliminator\ee.exe /m
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [TalkTalk] "C:\Program Files\TalkTalk\bin\sprtcmd.exe" /P TalkTalk
O4 - HKLM\..\Run: [LXCICATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCItim e.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcimon.exe] "C:\Program Files\Lexmark 7300 Series\lxcimon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 7300 Series\ezprint.exe"
O4 - HKLM\..\Run: [POEngine] "C:\Program Files\PokerOffice\POEngine.exe" C:\Program Files\PokerOffice
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CrazyTalk Serve] rundll32.exe C:\WINDOWS\system32\CrazyTalk.dll,DllServeMediaFil e
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fssui.exe" -autorun
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Mikogo] "C:\Program Files\Mikogo\Mikogo.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Michael 2\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKLM\..\Policies\Explorer\Run: [issearch.exe] issearch.exe
O4 - HKLM\..\Policies\Explorer\Run: [isamonitor.exe] C:\Program Files\iVideoCodec\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [pmsngr.exe] C:\Program Files\iVideoCodec\pmsngr.exe
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1019\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (User 'postgres')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra button: PokerTime Poker - {7220F1C9-B7E0-47a6-A0BD-D5B3940BCC79} - C:\Microgaming\Poker\PokerTimeMPP\MPPoker.exe (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Golden Riviera Poker - {85BFB6E0-96F9-4424-8819-1D67E9F78D33} - C:\Program Files\goldenrivieraMPP\MPPoker.exe (file missing)
O9 - Extra button: Crazy Poker - {8A8A3162-B5FA-4c54-A862-4E62CBE8A255} - C:\Program Files\crazyvegasMPP\MPPoker.exe (file missing)
O9 - Extra button: Gnuf Casino - {8FE9B27A-BDCD-4d27-A430-4DC0B58D01B0} - C:\Program Files\Gnuf\Casino\casinogame.exe (file missing)
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: PacificPoker - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - C:\PROGRA~1\PACIFI~1\pacificpoker.exe (file missing)
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: Vegas Villa Online Casino - {AB692429-F6D7-4b49-A981-A077A58ED9D0} - C:\Program Files\vegasvilla\casinogame.exe (file missing)
O9 - Extra button: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Program Files\Noble Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Program Files\Noble Poker\casino.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: FreshDownload - {B9BDD838-91D1-4E31-A1D1-062DD5B289C3} - C:\Program Files\FreshDevices\FreshDownload\fd.exe (file missing)
O9 - Extra button: Dream Poker - {D45D9D5F-B491-4c95-8B05-FA6B6C69CA82} - C:\Microgaming\Poker\dreampokerMPP\MPPoker.exe (file missing)
O9 - Extra button: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (file missing)
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Michael 2\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Michael 2\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolb...lerControl.cab
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: {463ED66E-431B-11D2-ADB0-0080C83DA4EB} (AcceptWM Class) - https://w3s.webmoney.ru/WMAcceptor.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (Download Helper Class) - http://activex.microgaming.com/DLhel...7/dlhelper.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Regi...18/flashax.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{71F536DA-0383-44D5-9C3B-E98F81A1B3B0}: NameServer = 62.24.222.135 62.24.222.134
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O22 - SharedTaskScheduler: farrandly - {8aa7a4d2-73c7-4fca-bef7-7923e38a3b1c} - C:\WINDOWS\system32\tczij.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: lxci_device - - C:\WINDOWS\system32\lxcicoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - c:\windows\svchost.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Security Services Internet (winmech) - Unknown owner - C:\WINDOWS\winmech\NTSERV~1\srunner.exe

--
End of file - 18406 bytes

That's one big logfile...

I think the problem may be fixed already because it hasn't happened since but I'l post the logfiles here just in case.
Micky08 is offline   Reply With Quote
Old 10-11-2008, 12:51 PM   #7
grinder
 
Join Date: Jul 2007
Posts: 557
Re: Start menu disappearing
Wow you may have set a record for malware with that one. Although your main problem may be fixed, there is likely still some cleaning to do to make sure you are malware free. Lets make sure we got everything before moving on.

1) Download and run ATF-Cleaner.
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browser
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

2) Update MBAM to the latest definitions using the update tab
Now run a full system scan. Remove everything it finds, reboot if necessary.

3) Please run Kaspersky Online Scanner for a second opinion. Update and run a full system scan. Save the report it generates.

We will fix your hijackthis entries and take further necessary steps later.
For now please reply with:
1) Your full MBAM log
2) The full Kaspersky report
3) A fresh hijackthis log
im_not_1337 is offline   Reply With Quote
Old 10-11-2008, 04:34 PM   #8
Pooh-Bah
 
funkyworms's Avatar
 
Join Date: Jun 2004
Location: computer helpin'
Posts: 4,230
Re: Start menu disappearing
Good lord. 1337 is doing a good job as always

This is malware, but the MBAM full scan, ATF, or kaspersky should find it. If not, it can be manually removed.

Quote:
O23 - Service: Security Services Internet (winmech) - Unknown owner - C:\WINDOWS\winmech\NTSERV~1\srunner.exe
These are bad too.

Quote:
O4 - HKLM\..\Policies\Explorer\Run: [issearch.exe] issearch.exe
O4 - HKLM\..\Policies\Explorer\Run: [isamonitor.exe] C:\Program Files\iVideoCodec\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [pmsngr.exe] C:\Program Files\iVideoCodec\pmsngr.exe
This is kind of weird too. Any reason you have all of these domains pointing to a google IP address?

Quote:
O1 - Hosts: 216.239.37.99 www.fulltiltpoker.com
O1 - Hosts: 216.239.37.99 www.www.fulltiltpoker.com
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 http://www.pokerstars.com/
O1 - Hosts: 216.239.37.99 www.http://www.pokerstars.com/
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.89.com
O1 - Hosts: 216.239.37.99 www.www.89.com
O1 - Hosts: 216.239.37.99 http://www.89.com/
O1 - Hosts: 216.239.37.99 www.http://www.89.com/
funkyworms is offline   Reply With Quote
Old 10-11-2008, 06:16 PM   #9
adept
 
Micky08's Avatar
 
Join Date: Apr 2008
Location: $48 HU's Cake
Posts: 1,002
Re: Start menu disappearing
Quote:
Originally Posted by funkyworms View Post
This is kind of weird too. Any reason you have all of these domains pointing to a google IP address?
Not sure?? Is it a problem?
Micky08 is offline   Reply With Quote
Old 10-11-2008, 07:15 PM   #10
grinder
 
Join Date: Jul 2007
Posts: 557
Re: Start menu disappearing
It can't be good but its hard to understand why they would redirect to google. We'll go through your hjt log and fix those entries and others as soon as we get your pc cleaned up a little bit more. Follow those instructions i posted and we'll continue.
im_not_1337 is offline   Reply With Quote
Old 10-11-2008, 08:40 PM   #11
grinder
 
Entropic's Avatar
 
Join Date: Sep 2005
Posts: 407
Re: Start menu disappearing
Sounds like someone was trying to deter going to poker sites or adult directories.
Entropic is offline   Reply With Quote
Old 10-12-2008, 08:33 AM   #12
old hand
 
thunderbolts's Avatar
 
Join Date: Aug 2008
Posts: 1,635
Re: Start menu disappearing
Quote:
Originally Posted by im_not_1337 View Post
Wow you may have set a record for malware with that one.
This.

I won't interrupt, but that's one heck of an MBAM log! Good luck fixing everything, OP.
thunderbolts is offline   Reply With Quote
Old 10-12-2008, 11:38 AM   #13
adept
 
Micky08's Avatar
 
Join Date: Apr 2008
Location: $48 HU's Cake
Posts: 1,002
Re: Start menu disappearing
Malwarebytes' Anti-Malware 1.28
Database version: 1259
Windows 5.1.2600 Service Pack 2

10/12/2008 1:21:56 AM
mbam-log-2008-10-12 (01-21-56).txt

Scan type: Full Scan (C:\|)
Objects scanned: 283713
Time elapsed: 2 hour(s), 27 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Michael 2\Desktop\New Folder\CDPoker2.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0838AAC6-3840-4DC0-9BF4-DD05217448FE}\RP583\A0280047.dll (Trojan.Vundo) -> Quarantined and deleted successfully.


Sunday, October 12, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, October 12, 2008 09:13:49
Records in database: 1306802
Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes
Scan area My Computer
A:\
C:\
D:\
E:\
G:\
Scan statistics
Files scanned 229085
Threat name 24
Infected objects 27
Suspicious objects 1
Duration of the scan 04:26:34

File name Threat name Threats count
C:\Documents and Settings\Michael\Application Data\Sun\Java\Deployment\cache\6.0\43\65cc22eb-2228427f Infected: Trojan-Downloader.Java.OpenStream.ac 1
C:\Documents and Settings\Michael 2\Local Settings\Temp\Lonely cat games LCG Jukebox 2.12.rar Infected: Trojan-Downloader.Win32.Injecter.asa 1
C:\Documents and Settings\Michael 2\Local Settings\Temp\Lonely cat games LCG Jukebox 2.12.rar Infected: Trojan.Win32.Inject.idx 1
C:\Documents and Settings\Michael 2\My Documents\LimeWire\Saved\cold desert kings of leon 192kb.mp3 Infected: Trojan-Downloader.WMA.GetCodec.f 1
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Sun\Java\Deployment\cache\6.0\45\2bbf6c6d-23539ed3 Infected: Trojan-Downloader.Java.OpenStream.ac 1
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Sun\Java\Deployment\cache\6.0\55\265b8ef7-21890d4a Infected: Exploit.Java.Gimsh.a 1
C:\Documents and Settings\Stephen.ELARA-035110920\Incomplete\T-5745425-g unit - you so tough.mp3 Infected: Trojan-Downloader.WMA.Wimad.n 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:RiskTool.Win32.PsKill.an 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.d 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.SanitarDiska.u 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.a 3
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.2006 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.bp 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.cg 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.ap 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.c 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.am 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.k 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temporary Internet Files\Content.IE5\EKCRBK94\wbk13.tmp Suspicious: Trojan-Spy.HTML.Fraud.gen 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temporary Internet Files\Content.IE5\GS02XGTO\WIN%209,0,115,0i[1].htm Infected: Exploit.SWF.Downloader.c 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temporary Internet Files\Content.IE5\MWD17X5Z\WIN%209,0,115,0swf[1].htm Infected: Exploit.SWF.Downloader.c 1
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\436N6L65\iupdatepage[1].htm Infected: not-virus:Hoax.JS.Agent.a 1
C:\Program Files\AdVantage\AdVantage.exe Infected: not-a-virus:AdTool.Win32.WhenU.s 1
C:\Program Files\AdVantage\TR.dll Infected: not-a-virus:AdTool.Win32.WhenU.r 1
C:\Program Files\DAEMON Tools SearchBar\Search.exe Infected: not-a-virus:AdTool.Win32.WhenU.c 1
C:\RECYCLER\S-1-5-21-2052111302-616249376-725345543-1006\Dc107\ActualSpy.exe Infected: not-a-virus:Monitor.Win32.ActualSpy.ar 1
The selected area was scanned.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:33:48 PM, on 10/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\winmech\NTSERV~1\srunner.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\lxcicoms.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\TalkTalk\bin\sprtcmd.exe
C:\Program Files\Lexmark 7300 Series\lxcimon.exe
C:\Program Files\Lexmark 7300 Series\ezprint.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Windows Live\Family Safety\fssui.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Kontiki\KHost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Michael 2\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PokerTracker 3\PokerTracker.exe
C:\Program Files\PokerTracker 3\PokerTracker.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O1 - Hosts: 216.239.37.99 www.fulltiltpoker.com
O1 - Hosts: 216.239.37.99 www.www.fulltiltpoker.com
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 http://www.pokerstars.com/
O1 - Hosts: 216.239.37.99 www.http://www.pokerstars.com/
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.89.com
O1 - Hosts: 216.239.37.99 www.www.89.com
O1 - Hosts: 216.239.37.99 http://www.89.com/
O1 - Hosts: 216.239.37.99 www.http://www.89.com/
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {274c0420-ebe0-4f1d-b473-edd1aa9b85dd} - C:\Program Files\iVideoCodec\isaddon.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: XBTP01621 - {9EBBE90B-282E-4c39-8A7E-120749169F0F} - C:\PROGRA~1\BEARSH~2\MediaBar.dll (file missing)
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - C:\WINDOWS\system32\ixt0.dll (file missing)
O2 - BHO: (no name) - {CDE8EAB9-CEF3-4885-B12F-26960A25C800} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
O3 - Toolbar: (no name) - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file)
O3 - Toolbar: Protection Bar - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdiebar.dll (file missing)
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Evidence Eliminator] C:\Program Files\Evidence Eliminator\ee.exe /m
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [TalkTalk] "C:\Program Files\TalkTalk\bin\sprtcmd.exe" /P TalkTalk
O4 - HKLM\..\Run: [LXCICATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCItim e.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcimon.exe] "C:\Program Files\Lexmark 7300 Series\lxcimon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 7300 Series\ezprint.exe"
O4 - HKLM\..\Run: [POEngine] "C:\Program Files\PokerOffice\POEngine.exe" C:\Program Files\PokerOffice
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CrazyTalk Serve] rundll32.exe C:\WINDOWS\system32\CrazyTalk.dll,DllServeMediaFil e
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fssui.exe" -autorun
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Michael 2\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKLM\..\Policies\Explorer\Run: [issearch.exe] issearch.exe
O4 - HKLM\..\Policies\Explorer\Run: [isamonitor.exe] C:\Program Files\iVideoCodec\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [pmsngr.exe] C:\Program Files\iVideoCodec\pmsngr.exe
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [DNA] "C:\Program Files\BitTorrent_DNA\dna.exe" (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [Poker Time Messenger] "C:\Program Files\Poker Time Messenger\Poker Time Messenger.exe" -r (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\5.bin\mwsoemon.exe (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [WeatherDPA] "C:\Program Files\Zango\bin\10.1.181.0\Weather.exe" -auto (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [antispy] C:\Program Files\IEAntiVirus\ANTIVIR.exe (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1019\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (User 'postgres')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra button: PokerTime Poker - {7220F1C9-B7E0-47a6-A0BD-D5B3940BCC79} - C:\Microgaming\Poker\PokerTimeMPP\MPPoker.exe (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Golden Riviera Poker - {85BFB6E0-96F9-4424-8819-1D67E9F78D33} - C:\Program Files\goldenrivieraMPP\MPPoker.exe (file missing)
O9 - Extra button: Crazy Poker - {8A8A3162-B5FA-4c54-A862-4E62CBE8A255} - C:\Program Files\crazyvegasMPP\MPPoker.exe (file missing)
O9 - Extra button: Gnuf Casino - {8FE9B27A-BDCD-4d27-A430-4DC0B58D01B0} - C:\Program Files\Gnuf\Casino\casinogame.exe (file missing)
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe (file missing)
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe (file missing)
O9 - Extra button: PacificPoker - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - C:\PROGRA~1\PACIFI~1\pacificpoker.exe (file missing)
O9 - Extra button: Vegas Villa Online Casino - {AB692429-F6D7-4b49-A981-A077A58ED9D0} - C:\Program Files\vegasvilla\casinogame.exe (file missing)
O9 - Extra button: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Program Files\Noble Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Program Files\Noble Poker\casino.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: FreshDownload - {B9BDD838-91D1-4E31-A1D1-062DD5B289C3} - C:\Program Files\FreshDevices\FreshDownload\fd.exe (file missing)
O9 - Extra button: Dream Poker - {D45D9D5F-B491-4c95-8B05-FA6B6C69CA82} - C:\Microgaming\Poker\dreampokerMPP\MPPoker.exe (file missing)
O9 - Extra button: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (file missing)
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Michael 2\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Michael 2\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolb...lerControl.cab
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: {463ED66E-431B-11D2-ADB0-0080C83DA4EB} (AcceptWM Class) - https://w3s.webmoney.ru/WMAcceptor.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (Download Helper Class) - http://activex.microgaming.com/DLhel...7/dlhelper.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Regi...18/flashax.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{71F536DA-0383-44D5-9C3B-E98F81A1B3B0}: NameServer = 62.24.218.50 62.24.218.51
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O22 - SharedTaskScheduler: farrandly - {8aa7a4d2-73c7-4fca-bef7-7923e38a3b1c} - C:\WINDOWS\system32\tczij.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: lxci_device - - C:\WINDOWS\system32\lxcicoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - c:\windows\svchost.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Security Services Internet (winmech) - Unknown owner - C:\WINDOWS\winmech\NTSERV~1\srunner.exe

--
End of file - 20455 bytes


Starting to look a little better I guess..
Micky08 is offline   Reply With Quote
Old 10-12-2008, 02:51 PM   #14
grinder
 
Join Date: Jul 2007
Posts: 557
Re: Start menu disappearing
Did you clear your temp with atf-cleaner like i suggested in my last post? It appears you did not, or did not do in the order i posted as you still have loads of detections in temp folders as well as your recycle bin...Please follow all of these steps carefully and in order if you want this to work...Also Please make sure you are doing all of this under the *ADMINISTRATOR* account. If you are not the admin, please get them to login for you. This is very important.

1) Run ATF-Cleaner.
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browser
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

2) Download CCleaner. Run no other applications while you are running CCLeaner. Put a check next to all items you are comfortable with (ideally the most possible) and click "run cleaner". Run the scanner a few times

3) Using control panel, try and uninstall these programs (if they are still listed):
Quote:
IEAntiVirus
AdVantage
Daemon Tools SearchBar
Next, locate and delete the following files and folders(if they are still there). Please make sure you have show hidden files and folders enabled:
Quote:
C:\Program Files\IEAntiVirus
C:\Documents and Settings\Michael 2\My Documents\LimeWire\Saved\cold desert kings of leon 192kb.mp3
C:\Documents and Settings\Stephen.ELARA-035110920\Incomplete\T-5745425-g unit - you so tough.mp3
C:\Program Files\AdVantage
C:\Program Files\DAEMON Tools SearchBar
4) Download SuperAntiSpyware. Update it and run a full system scan. Save the log it generates.

5) Open HijackThis, run a scan, and place a Check next to the following item(s)(if they still exist):
Quote:
O1 - Hosts: 216.239.37.99 www.fulltiltpoker.com
O1 - Hosts: 216.239.37.99 www.www.fulltiltpoker.com
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 http://www.pokerstars.com/
O1 - Hosts: 216.239.37.99 www.http://www.pokerstars.com/
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.89.com
O1 - Hosts: 216.239.37.99 www.www.89.com
O1 - Hosts: 216.239.37.99 http://www.89.com/
O1 - Hosts: 216.239.37.99 www.http://www.89.com/
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {274c0420-ebe0-4f1d-b473-edd1aa9b85dd} - C:\Program Files\iVideoCodec\isaddon.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: XBTP01621 - {9EBBE90B-282E-4c39-8A7E-120749169F0F} - C:\PROGRA~1\BEARSH~2\MediaBar.dll (file missing)
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - C:\WINDOWS\system32\ixt0.dll (file missing)
O2 - BHO: (no name) - {CDE8EAB9-CEF3-4885-B12F-26960A25C800} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
O3 - Toolbar: (no name) - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file)
O3 - Toolbar: Protection Bar - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdiebar.dll (file missing)
O4 - HKLM\..\Policies\Explorer\Run: [issearch.exe] issearch.exe
O4 - HKLM\..\Policies\Explorer\Run: [isamonitor.exe] C:\Program Files\iVideoCodec\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [pmsngr.exe] C:\Program Files\iVideoCodec\pmsngr.exe
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [antispy] C:\Program Files\IEAntiVirus\ANTIVIR.exe (User 'Stephen')
O9 - Extra button: PokerTime Poker - {7220F1C9-B7E0-47a6-A0BD-D5B3940BCC79} - C:\Microgaming\Poker\PokerTimeMPP\MPPoker.exe (file missing)
O9 - Extra button: Golden Riviera Poker - {85BFB6E0-96F9-4424-8819-1D67E9F78D33} - C:\Program Files\goldenrivieraMPP\MPPoker.exe (file missing)
O9 - Extra button: Crazy Poker - {8A8A3162-B5FA-4c54-A862-4E62CBE8A255} - C:\Program Files\crazyvegasMPP\MPPoker.exe (file missing)
O9 - Extra button: Gnuf Casino - {8FE9B27A-BDCD-4d27-A430-4DC0B58D01B0} - C:\Program Files\Gnuf\Casino\casinogame.exe (file missing)
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe (file missing)
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe (file missing)
O9 - Extra button: PacificPoker - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - C:\PROGRA~1\PACIFI~1\pacificpoker.exe (file missing)
O9 - Extra button: Vegas Villa Online Casino - {AB692429-F6D7-4b49-A981-A077A58ED9D0} - C:\Program Files\vegasvilla\casinogame.exe (file missing)
O9 - Extra button: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Program Files\Noble Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Program Files\Noble Poker\casino.exe (file missing)
O9 - Extra button: FreshDownload - {B9BDD838-91D1-4E31-A1D1-062DD5B289C3} - C:\Program Files\FreshDevices\FreshDownload\fd.exe (file missing)
O9 - Extra button: Dream Poker - {D45D9D5F-B491-4c95-8B05-FA6B6C69CA82} - C:\Microgaming\Poker\dreampokerMPP\MPPoker.exe (file missing)
O9 - Extra button: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe (file missing)
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (file missing)
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Michael 2\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Michael 2\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Regi...18/flashax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{71F536DA-0383-44D5-9C3B-E98F81A1B3B0}: NameServer = 62.24.218.50 62.24.218.51
O22 - SharedTaskScheduler: farrandly - {8aa7a4d2-73c7-4fca-bef7-7923e38a3b1c} - C:\WINDOWS\system32\tczij.dll (file missing)
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - c:\windows\svchost.exe (file missing)
O23 - Service: Security Services Internet (winmech) - Unknown owner - C:\WINDOWS\winmech\NTSERV~1\srunner.exe
Then close all open windows/browsers and Click on Fix Checked. Reboot your PC.

6) Update and enable your avg software. If you are unable to do this or want to switch,(which i think would be a good idea) i suggest completely uninstalling avg through control panel and downloading Avira free. Then update avira and do a full system scan.

7) Run DiskCleanup. This will help clean your temp some more as well as clean your infected system restore points.
Go to start, programs, accessories, system tools and click on Disk Cleanup. When prompted, select files for all users on this computer. Next select your hard drive. Click on the more options tab and select cleanup your system restore points. Next, confirm that you want to delete all previous system restore points. Go back to the disk cleanup tab and select all that you are comfortable with but make sure to include your temporary files, recycle bin, and any temporary internet files. Next click ok, and confirm you want to delete the files

8) FYI, you have a ton of things installed and running at startup that you don't need. This is probably slowing your computer down a ton. You can install and use Windows defender to manage these and i suggest you do. Especially the entries like ares and bittorrent, why do you need those to automatically startup? They are probably slowing your computer down a ton.

9) Run hijackthis once more, save the fresh log.

We will deal with this later after you follow the previous 8 steps:
O23 - Service: Security Services Internet (winmech) - Unknown owner - C:\WINDOWS\winmech\NTSERV~1\srunner.exe


Please follow my instructions very carefully and in order. Then reply with:
1) Your progress
2) Your updated full system scan with SAS
2) Your updated full system scan with Avira free
3) A fresh hijackthis log
im_not_1337 is offline   Reply With Quote
Old 10-12-2008, 06:07 PM   #15
adept
 
Micky08's Avatar
 
Join Date: Apr 2008
Location: $48 HU's Cake
Posts: 1,002
Re: Start menu disappearing
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/12/2008 at 10:05 PM

Application Version : 4.21.1004

Core Rules Database Version : 3595
Trace Rules Database Version: 1582

Scan type : Complete Scan
Total Scan Time : 00:52:41

Memory items scanned : 564
Memory threats detected : 0
Registry items scanned : 7331
Registry threats detected : 154
File items scanned : 30642
File threats detected : 38

Malware.Safety Bar
HKLM\Software\Classes\CLSID\{052b12f7-86fa-4921-8482-26c42316b522}
HKCR\CLSID\{052B12F7-86FA-4921-8482-26C42316B522}
HKCR\CLSID\{052B12F7-86FA-4921-8482-26C42316B522}
HKCR\CLSID\{052B12F7-86FA-4921-8482-26C42316B522}\Implemented Categories
HKCR\CLSID\{052B12F7-86FA-4921-8482-26C42316B522}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
HKCR\CLSID\{052B12F7-86FA-4921-8482-26C42316B522}\InprocServer32
HKCR\CLSID\{052B12F7-86FA-4921-8482-26C42316B522}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\SAFETY BAR\SAFETYBAR.DLL
C:\Program Files\Safety Bar\Uninstall.bat
C:\Program Files\Safety Bar

Unclassified.Unknown Origin
HKLM\Software\Classes\CLSID\{11853d5f-f894-4cc7-bbc3-fc7a9dcfd896}
HKCR\CLSID\{11853D5F-F894-4CC7-BBC3-FC7A9DCFD896}
HKCR\CLSID\{11853D5F-F894-4CC7-BBC3-FC7A9DCFD896}\InProcServer32
HKCR\CLSID\{11853D5F-F894-4CC7-BBC3-FC7A9DCFD896}\InProcServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\OKKMTV.DLL
HKCR\CLSID\{11853D5F-F894-4CC7-BBC3-FC7A9DCFD896}

Trojan.Media-Codec
HKLM\Software\Classes\CLSID\{1a29a79a-b9c8-44a9-bedf-7fadde3cf33f}
HKCR\CLSID\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F}
HKCR\CLSID\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F}
HKCR\CLSID\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F}\Implemented Categories
HKCR\CLSID\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
HKCR\CLSID\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F}\InprocServer32
HKCR\CLSID\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\IVIDEOCODEC\IESPLUGIN.DLL
HKLM\Software\Classes\CLSID\{274c0420-ebe0-4f1d-b473-edd1aa9b85dd}
HKCR\CLSID\{274C0420-EBE0-4F1D-B473-EDD1AA9B85DD}
HKCR\CLSID\{274C0420-EBE0-4F1D-B473-EDD1AA9B85DD}
HKCR\CLSID\{274C0420-EBE0-4F1D-B473-EDD1AA9B85DD}\InprocServer32
HKCR\CLSID\{274C0420-EBE0-4F1D-B473-EDD1AA9B85DD}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\IVIDEOCODEC\ISADDON.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{274c0420-ebe0-4f1d-b473-edd1aa9b85dd}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Internet Explorer Security Plugin 2006
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Internet Explorer Security Plugin 2006#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Internet Explorer Security Plugin 2006#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Internet Security Add-On
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\explorer\run#isamonitor.exe [ C:\Program Files\iVideoCodec\isamonitor.exe ]

Trojan.Smitfraud Variant
HKLM\Software\Classes\CLSID\{8aa7a4d2-73c7-4fca-bef7-7923e38a3b1c}
HKCR\CLSID\{8AA7A4D2-73C7-4FCA-BEF7-7923E38A3B1C}
HKCR\CLSID\{8AA7A4D2-73C7-4FCA-BEF7-7923E38A3B1C}\InProcServer32
HKCR\CLSID\{8AA7A4D2-73C7-4FCA-BEF7-7923E38A3B1C}\InProcServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\TCZIJ.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\SharedTaskScheduler#{8aa7a4d2-73c7-4fca-bef7-7923e38a3b1c}

Browser Hijacker.BestSafetyGuide
HKLM\Software\Classes\CLSID\{a43385f0-7113-496d-96d7-b9b550e3fcca}
HKCR\CLSID\{A43385F0-7113-496D-96D7-B9B550E3FCCA}
HKCR\CLSID\{A43385F0-7113-496D-96D7-B9B550E3FCCA}
HKCR\CLSID\{A43385F0-7113-496D-96D7-B9B550E3FCCA}\InprocServer32
HKCR\CLSID\{A43385F0-7113-496D-96D7-B9B550E3FCCA}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\IXT0.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{a43385f0-7113-496d-96d7-b9b550e3fcca}

Trojan.Media-Codec/V3
HKLM\Software\Classes\CLSID\{CDE8EAB9-CEF3-4885-B12F-26960A25C800}
HKCR\CLSID\{CDE8EAB9-CEF3-4885-B12F-26960A25C800}
HKCR\CLSID\{CDE8EAB9-CEF3-4885-B12F-26960A25C800}#xxx
HKCR\CLSID\{CDE8EAB9-CEF3-4885-B12F-26960A25C800}\InprocServer32
HKCR\CLSID\{CDE8EAB9-CEF3-4885-B12F-26960A25C800}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\VIDEO ACTIVEX ACCESS\IESPLG.DLL
HKLM\Software\Classes\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF}
HKCR\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF}
HKCR\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF}
HKCR\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF}\Implemented Categories
HKCR\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
HKCR\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF}\InprocServer32
HKCR\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\VIDEO ACTIVEX ACCESS\IESBPL.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{CDE8EAB9-CEF3-4885-B12F-26960A25C800}
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{DF4E7A0C-E233-4906-B4C1-A404356541FF}

Adware.WhenU
C:\Program Files\Common Files\WhenU\DTAdapter.exe
C:\Program Files\Common Files\WhenU\DTPlugin.dll
C:\Program Files\Common Files\WhenU
C:\RECYCLER\S-1-5-21-2052111302-616249376-725345543-1017\DC5\SEARCH.EXE

Malware.Notifier
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\explorer\run#issearch.exe [ issearch.exe ]

Malware.VirusBurst
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\aTFltdjdrOyI
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\AutoConvertTo
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\dtmimalregpo
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\Insertable
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\mtksaymewr
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\pBeDhcke
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\ProgID
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\TMftgvaHVtahm
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\TreatAs
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\yuqbptcai
HKCR\TypeLib\{ACF3DAB0-D308-4B7A-BFE3-E6C0FAFEB1E7}
HKCR\TypeLib\{ACF3DAB0-D308-4B7A-BFE3-E6C0FAFEB1E7}\1.0
HKCR\TypeLib\{ACF3DAB0-D308-4B7A-BFE3-E6C0FAFEB1E7}\1.0\0
HKCR\TypeLib\{ACF3DAB0-D308-4B7A-BFE3-E6C0FAFEB1E7}\1.0\0\win32
HKCR\TypeLib\{ACF3DAB0-D308-4B7A-BFE3-E6C0FAFEB1E7}\1.0\FLAGS
HKCR\TypeLib\{ACF3DAB0-D308-4B7A-BFE3-E6C0FAFEB1E7}\1.0\HELPDIR
HKCR\Interface\{02313722-BB43-4C84-80A2-7CEDFC3F8560}
HKCR\Interface\{02313722-BB43-4C84-80A2-7CEDFC3F8560}\ProxyStubClsid
HKCR\Interface\{02313722-BB43-4C84-80A2-7CEDFC3F8560}\ProxyStubClsid32
HKCR\Interface\{02313722-BB43-4C84-80A2-7CEDFC3F8560}\TypeLib
HKCR\Interface\{02313722-BB43-4C84-80A2-7CEDFC3F8560}\TypeLib#Version
HKCR\Interface\{0A03153E-AE2A-47FE-BBA3-3333C0EEEB86}
HKCR\Interface\{0A03153E-AE2A-47FE-BBA3-3333C0EEEB86}\ProxyStubClsid
HKCR\Interface\{0A03153E-AE2A-47FE-BBA3-3333C0EEEB86}\ProxyStubClsid32
HKCR\Interface\{0A03153E-AE2A-47FE-BBA3-3333C0EEEB86}\TypeLib
HKCR\Interface\{0A03153E-AE2A-47FE-BBA3-3333C0EEEB86}\TypeLib#Version
HKCR\Interface\{13854DA2-8414-4007-9693-2B6E6002520E}
HKCR\Interface\{13854DA2-8414-4007-9693-2B6E6002520E}\ProxyStubClsid
HKCR\Interface\{13854DA2-8414-4007-9693-2B6E6002520E}\ProxyStubClsid32
HKCR\Interface\{13854DA2-8414-4007-9693-2B6E6002520E}\TypeLib
HKCR\Interface\{13854DA2-8414-4007-9693-2B6E6002520E}\TypeLib#Version
HKCR\Interface\{1DF2A595-BB53-46D4-9EED-1343E066C2B0}
HKCR\Interface\{1DF2A595-BB53-46D4-9EED-1343E066C2B0}\ProxyStubClsid
HKCR\Interface\{1DF2A595-BB53-46D4-9EED-1343E066C2B0}\ProxyStubClsid32
HKCR\Interface\{1DF2A595-BB53-46D4-9EED-1343E066C2B0}\TypeLib
HKCR\Interface\{1DF2A595-BB53-46D4-9EED-1343E066C2B0}\TypeLib#Version
HKCR\Interface\{21EFA4BF-6BAC-43E9-9465-9DDB4AC2967E}
HKCR\Interface\{21EFA4BF-6BAC-43E9-9465-9DDB4AC2967E}\ProxyStubClsid
HKCR\Interface\{21EFA4BF-6BAC-43E9-9465-9DDB4AC2967E}\ProxyStubClsid32
HKCR\Interface\{21EFA4BF-6BAC-43E9-9465-9DDB4AC2967E}\TypeLib
HKCR\Interface\{21EFA4BF-6BAC-43E9-9465-9DDB4AC2967E}\TypeLib#Version
HKCR\Interface\{2CB87422-057A-4FFC-A518-6A728D6F5F65}
HKCR\Interface\{2CB87422-057A-4FFC-A518-6A728D6F5F65}\ProxyStubClsid
HKCR\Interface\{2CB87422-057A-4FFC-A518-6A728D6F5F65}\ProxyStubClsid32
HKCR\Interface\{2CB87422-057A-4FFC-A518-6A728D6F5F65}\TypeLib
HKCR\Interface\{2CB87422-057A-4FFC-A518-6A728D6F5F65}\TypeLib#Version
HKCR\Interface\{52B75F3F-0016-4002-9A3A-B68BC9501ED1}
HKCR\Interface\{52B75F3F-0016-4002-9A3A-B68BC9501ED1}\ProxyStubClsid
HKCR\Interface\{52B75F3F-0016-4002-9A3A-B68BC9501ED1}\ProxyStubClsid32
HKCR\Interface\{52B75F3F-0016-4002-9A3A-B68BC9501ED1}\TypeLib
HKCR\Interface\{52B75F3F-0016-4002-9A3A-B68BC9501ED1}\TypeLib#Version
HKCR\Interface\{6DDA751B-CA62-41C6-B622-EA4B4C2E51F8}
HKCR\Interface\{6DDA751B-CA62-41C6-B622-EA4B4C2E51F8}\ProxyStubClsid
HKCR\Interface\{6DDA751B-CA62-41C6-B622-EA4B4C2E51F8}\ProxyStubClsid32
HKCR\Interface\{6DDA751B-CA62-41C6-B622-EA4B4C2E51F8}\TypeLib
HKCR\Interface\{6DDA751B-CA62-41C6-B622-EA4B4C2E51F8}\TypeLib#Version
HKCR\Interface\{88BDD61D-AC47-4D9E-A3ED-1CAA575593E6}
HKCR\Interface\{88BDD61D-AC47-4D9E-A3ED-1CAA575593E6}\ProxyStubClsid
HKCR\Interface\{88BDD61D-AC47-4D9E-A3ED-1CAA575593E6}\ProxyStubClsid32
HKCR\Interface\{88BDD61D-AC47-4D9E-A3ED-1CAA575593E6}\TypeLib
HKCR\Interface\{88BDD61D-AC47-4D9E-A3ED-1CAA575593E6}\TypeLib#Version
HKCR\Interface\{A09DFAEF-BFA3-47CA-9479-D7EC79342146}
HKCR\Interface\{A09DFAEF-BFA3-47CA-9479-D7EC79342146}\ProxyStubClsid
HKCR\Interface\{A09DFAEF-BFA3-47CA-9479-D7EC79342146}\ProxyStubClsid32
HKCR\Interface\{A09DFAEF-BFA3-47CA-9479-D7EC79342146}\TypeLib
HKCR\Interface\{A09DFAEF-BFA3-47CA-9479-D7EC79342146}\TypeLib#Version
HKCR\Interface\{B70B489C-F0D5-4DD9-A2BA-9B6DBCF5090A}
HKCR\Interface\{B70B489C-F0D5-4DD9-A2BA-9B6DBCF5090A}\ProxyStubClsid
HKCR\Interface\{B70B489C-F0D5-4DD9-A2BA-9B6DBCF5090A}\ProxyStubClsid32
HKCR\Interface\{B70B489C-F0D5-4DD9-A2BA-9B6DBCF5090A}\TypeLib
HKCR\Interface\{B70B489C-F0D5-4DD9-A2BA-9B6DBCF5090A}\TypeLib#Version
HKCR\Interface\{B889DE48-EC10-4278-B3FF-76FEB7449215}
HKCR\Interface\{B889DE48-EC10-4278-B3FF-76FEB7449215}\ProxyStubClsid
HKCR\Interface\{B889DE48-EC10-4278-B3FF-76FEB7449215}\ProxyStubClsid32
HKCR\Interface\{B889DE48-EC10-4278-B3FF-76FEB7449215}\TypeLib
HKCR\Interface\{B889DE48-EC10-4278-B3FF-76FEB7449215}\TypeLib#Version
HKCR\Interface\{C9CA446E-0484-4647-BBF0-3C129C42047C}
HKCR\Interface\{C9CA446E-0484-4647-BBF0-3C129C42047C}\ProxyStubClsid
HKCR\Interface\{C9CA446E-0484-4647-BBF0-3C129C42047C}\ProxyStubClsid32
HKCR\Interface\{C9CA446E-0484-4647-BBF0-3C129C42047C}\TypeLib
HKCR\Interface\{C9CA446E-0484-4647-BBF0-3C129C42047C}\TypeLib#Version
HKCR\Interface\{D7DE2292-04DD-48FC-B250-5E9BFE6BB959}
HKCR\Interface\{D7DE2292-04DD-48FC-B250-5E9BFE6BB959}\ProxyStubClsid
HKCR\Interface\{D7DE2292-04DD-48FC-B250-5E9BFE6BB959}\ProxyStubClsid32
HKCR\Interface\{D7DE2292-04DD-48FC-B250-5E9BFE6BB959}\TypeLib
HKCR\Interface\{D7DE2292-04DD-48FC-B250-5E9BFE6BB959}\TypeLib#Version
HKCR\Interface\{F9B659A0-6F32-4D69-A7D0-29A0B8CDDC16}
HKCR\Interface\{F9B659A0-6F32-4D69-A7D0-29A0B8CDDC16}\ProxyStubClsid
HKCR\Interface\{F9B659A0-6F32-4D69-A7D0-29A0B8CDDC16}\ProxyStubClsid32
HKCR\Interface\{F9B659A0-6F32-4D69-A7D0-29A0B8CDDC16}\TypeLib
HKCR\Interface\{F9B659A0-6F32-4D69-A7D0-29A0B8CDDC16}\TypeLib#Version
HKCR\Interface\{FA13560C-D18C-4BE6-AE80-EBEFC6E5AD3C}
HKCR\Interface\{FA13560C-D18C-4BE6-AE80-EBEFC6E5AD3C}\ProxyStubClsid
HKCR\Interface\{FA13560C-D18C-4BE6-AE80-EBEFC6E5AD3C}\ProxyStubClsid32
HKCR\Interface\{FA13560C-D18C-4BE6-AE80-EBEFC6E5AD3C}\TypeLib
HKCR\Interface\{FA13560C-D18C-4BE6-AE80-EBEFC6E5AD3C}\TypeLib#Version
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\explorer\run#pmsngr.exe [ C:\Program Files\iVideoCodec\pmsngr.exe ]

Adware.Casino Games (Golden Palace Casino)
C:\PROGRAM FILES\TITAN POKER\CASINO.EXE
C:\DOCUMENTS AND SETTINGS\MICHAEL\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\TITAN POKER.LNK
C:\DOCUMENTS AND SETTINGS\MICHAEL 2\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\TITAN POKER.LNK
C:\POKER\MANSIONPOKER\CASINO.EXE
C:\DOCUMENTS AND SETTINGS\MICHAEL 2\DESKTOP\MANSIONPOKER.LNK
C:\DOCUMENTS AND SETTINGS\MICHAEL 2\DESKTOP\NEW FOLDER\CASINO TYCOON\CASINO.EXE
C:\POKER\NOIQ POKER\CASINO.EXE
C:\DOCUMENTS AND SETTINGS\MICHAEL 2\DESKTOP\NOIQ.LNK
C:\DOCUMENTS AND SETTINGS\MICHAEL 2\DESKTOP\POKER\CASINO.EXE
C:\DOCUMENTS AND SETTINGS\MICHAEL 2\DESKTOP\POKER\TITAN POKER.LNK
C:\DOCUMENTS AND SETTINGS\STEPHEN.ELARA-035110920\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\TITAN POKER.LNK
C:\SYSTEM VOLUME INFORMATION\_RESTORE{0838AAC6-3840-4DC0-9BF4-DD05217448FE}\RP584\A0283241.LNK
C:\SYSTEM VOLUME INFORMATION\_RESTORE{0838AAC6-3840-4DC0-9BF4-DD05217448FE}\RP584\A0283242.LNK
C:\SYSTEM VOLUME INFORMATION\_RESTORE{0838AAC6-3840-4DC0-9BF4-DD05217448FE}\RP584\A0283269.LNK
C:\SYSTEM VOLUME INFORMATION\_RESTORE{0838AAC6-3840-4DC0-9BF4-DD05217448FE}\RP586\A0286398.LNK
C:\SYSTEM VOLUME INFORMATION\_RESTORE{0838AAC6-3840-4DC0-9BF4-DD05217448FE}\RP586\A0286426.LNK
C:\SYSTEM VOLUME INFORMATION\_RESTORE{0838AAC6-3840-4DC0-9BF4-DD05217448FE}\RP586\A0286428.LNK
C:\SYSTEM VOLUME INFORMATION\_RESTORE{0838AAC6-3840-4DC0-9BF4-DD05217448FE}\RP586\A0286457.LNK

Browser Hijacker.Favorites
C:\DOCUMENTS AND SETTINGS\USER\FAVORITES\ANTIVIRUS TEST ONLINE.URL

Adware.MyWebSearch-Installer
C:\RECYCLER\S-1-5-21-2052111302-616249376-725345543-1008\DC95.EXE
C:\RECYCLER\S-1-5-21-2052111302-616249376-725345543-1008\DC97.EXE

Adware.Vundo Variant/Rel
C:\WINDOWS\SYSTEM32\IJJLM.BAK1
C:\WINDOWS\SYSTEM32\IJJLM.INI

Trojan.Unknown Origin
C:\WINDOWS\SYSTEM32\OT.ICO
Micky08 is offline   Reply With Quote

Reply
Page 1 of 3 1 23
      

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


All times are GMT -4. The time now is 03:45 PM.
Contact Us - Two Plus Two Publishing LLC - Privacy Statement - Top

Powered by vBulletin®
Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.6.0 ©2011, Crawlability, Inc.
Copyright © 2008-2010, Two Plus Two Interactive