Hi, I'm having problems with my start menu and I'm 90%+ sure it's some sort of a virus I got from a cracked program. It keeps appearing and then disappearing and when I try to open Mozilla firefox it instantly close and I get a message that it has crashed ( it has only done this since the start bar has started to eff up)

Here is the logfile from HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:35:52 PM, on 10/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\winmech\NTSERV~1\srunner.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Michael 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Michael 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Michael 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O1 - Hosts: 216.239.37.99 www.fulltiltpoker.com
O1 - Hosts: 216.239.37.99 www.www.fulltiltpoker.com
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 http://www.pokerstars.com/
O1 - Hosts: 216.239.37.99 www.http://www.pokerstars.com/
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.89.com
O1 - Hosts: 216.239.37.99 www.www.89.com
O1 - Hosts: 216.239.37.99 http://www.89.com/
O1 - Hosts: 216.239.37.99 www.http://www.89.com/
O3 - Toolbar: BearShare MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\BearShare MediaBar\MediaBar.dll (file missing)
O3 - Toolbar: Protection Bar - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdiebar.dll (file missing)
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Evidence Eliminator] C:\Program Files\Evidence Eliminator\ee.exe /m
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [TalkTalk] "C:\Program Files\TalkTalk\bin\sprtcmd.exe" /P TalkTalk
O4 - HKLM\..\Run: [LXCICATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCItim e.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcimon.exe] "C:\Program Files\Lexmark 7300 Series\lxcimon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 7300 Series\ezprint.exe"
O4 - HKLM\..\Run: [POEngine] "C:\Program Files\PokerOffice\POEngine.exe" C:\Program Files\PokerOffice
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CrazyTalk Serve] rundll32.exe C:\WINDOWS\system32\CrazyTalk.dll,DllServeMediaFil e
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fssui.exe" -autorun
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [lphcvumj0e3ar] C:\WINDOWS\system32\lphcvumj0e3ar.exe
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Mikogo] "C:\Program Files\Mikogo\Mikogo.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Michael 2\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKLM\..\Policies\Explorer\Run: [issearch.exe] issearch.exe
O4 - HKLM\..\Policies\Explorer\Run: [isamonitor.exe] C:\Program Files\iVideoCodec\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [pmsngr.exe] C:\Program Files\iVideoCodec\pmsngr.exe
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1019\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (User 'postgres')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra button: PokerTime Poker - {7220F1C9-B7E0-47a6-A0BD-D5B3940BCC79} - C:\Microgaming\Poker\PokerTimeMPP\MPPoker.exe (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Golden Riviera Poker - {85BFB6E0-96F9-4424-8819-1D67E9F78D33} - C:\Program Files\goldenrivieraMPP\MPPoker.exe (file missing)
O9 - Extra button: Crazy Poker - {8A8A3162-B5FA-4c54-A862-4E62CBE8A255} - C:\Program Files\crazyvegasMPP\MPPoker.exe (file missing)
O9 - Extra button: Gnuf Casino - {8FE9B27A-BDCD-4d27-A430-4DC0B58D01B0} - C:\Program Files\Gnuf\Casino\casinogame.exe (file missing)
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: PacificPoker - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - C:\PROGRA~1\PACIFI~1\pacificpoker.exe (file missing)
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: Vegas Villa Online Casino - {AB692429-F6D7-4b49-A981-A077A58ED9D0} - C:\Program Files\vegasvilla\casinogame.exe (file missing)
O9 - Extra button: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Program Files\Noble Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Program Files\Noble Poker\casino.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: FreshDownload - {B9BDD838-91D1-4E31-A1D1-062DD5B289C3} - C:\Program Files\FreshDevices\FreshDownload\fd.exe (file missing)
O9 - Extra button: Dream Poker - {D45D9D5F-B491-4c95-8B05-FA6B6C69CA82} - C:\Microgaming\Poker\dreampokerMPP\MPPoker.exe (file missing)
O9 - Extra button: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (file missing)
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Michael 2\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Michael 2\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolb...lerControl.cab
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: {463ED66E-431B-11D2-ADB0-0080C83DA4EB} (AcceptWM Class) - https://w3s.webmoney.ru/WMAcceptor.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (Download Helper Class) - http://activex.microgaming.com/DLhel...7/dlhelper.cab
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/W...gPublisher.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Regi...18/flashax.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{71F536DA-0383-44D5-9C3B-E98F81A1B3B0}: NameServer = 62.24.222.135 62.24.222.134
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O22 - SharedTaskScheduler: farrandly - {8aa7a4d2-73c7-4fca-bef7-7923e38a3b1c} - C:\WINDOWS\system32\tczij.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: lxci_device - - C:\WINDOWS\system32\lxcicoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - c:\windows\svchost.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Security Services Internet (winmech) - Unknown owner - C:\WINDOWS\winmech\NTSERV~1\srunner.exe

--
End of file - 16177 bytes

Thanks in advance

Have you tried starting firefox in safe mode? Start -> Programs -> Mozilla Firefox -> Mozilla Firefox (Safe Mode).

Mozilla also has a good page about possible causes of firefox crashing
http://support.mozilla.com/en-US/kb/Firefox+crashes

Your computer is probably infected with malware.

1. Download Avast, update to the latest definitions and run a boot time scan.

2. Download Ad-Aware. After Avast is finished scanning and Windows loads update Ad-Aware and run a full scan.

Make sure you have a bootable XP CD on hand too, if a vital windows system file is infected you can delete it during the boot-time scan (it gives you the option not to as well) and render your system inoperable. I recommend deleting/moving to chest all infected files, if a vital component is gone do a repair install from the XP CD (you keep all your data, it just rewrites the OS files).

Hi, lets run a quick malware check and check some critical spots on your harddrive with hijackthis and see what may be going on. To start:

1) Download MBAM
Double Click mbam-setup.exe to install the application.
Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

2) Run Hijackthis again.
Don't fix anything yet.
Run a scan and then click save log. Make sure this is a fresh log after you have used MBAM.

Copy&Paste the entire MBAM report in your next reply along with your fresh HijackThis log and we'll get started.

Malwarebytes' Anti-Malware 1.28
Database version: 1253
Windows 5.1.2600 Service Pack 2

10/11/2008 12:41:36 PM
mbam-log-2008-10-11 (12-41-36).txt

Scan type: Quick Scan
Objects scanned: 154960
Time elapsed: 1 hour(s), 17 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 87
Registry Values Infected: 3
Registry Data Items Infected: 4
Folders Infected: 45
Files Infected: 458

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\ljJBtuSj.dll (Trojan.Vundo.H) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{72cf9425-a413-4da8-82d2-a8759d9093b7} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mljji (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{72cf9425-a413-4da8-82d2-a8759d9093b7} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{78896b19-f11b-4bab-8e73-64e1741a1b27} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssqrqrsj (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{78896b19-f11b-4bab-8e73-64e1741a1b27} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{a706dd72-1c7e-49bb-83f4-fc2c20367b02} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\hggdbbb (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a706dd72-1c7e-49bb-83f4-fc2c20367b02} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{c2139010-819c-4a51-a6bd-82863b221c53} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{c2139010-819c-4a51-a6bd-82863b221c53} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\bhonew.bho (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bhonew.bho.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dlp.dlpobj (Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dlp.dlpobj.1 (Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xbtb01621.ietoolbar (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xbtb01621.ietoolbar.1 (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xbtb01621.xbtb01621 (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xbtb01621.xbtb01621.1 (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4937d5d1-2039-409a-bd83-fec9b39b2356} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b1e22eb8-2ae8-4e8e-96ae-74f2a1764533} (Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{caf9d798-c659-4b9b-8e19-ee27c3d04ee7} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{401f4b6b-3c36-4e8d-bc07-f46fc6d67d9a} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1daefcb9-06c8-47c6-8f20-3fb54b244daa} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{be2ed590-ca49-46b5-8cce-244fb2e0d1aa} (Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{15c7d7ad-a87a-4c0d-9d8b-637fcd3488ef} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{bdbebf18-7615-4971-9ac3-bd6ffb7ad6c1} (Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{401f4b6b-3c36-4e8d-bc07-f46fc6d67d9a} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{1daefcb9-06c8-47c6-8f20-3fb54b244daa} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{be2ed590-ca49-46b5-8cce-244fb2e0d1aa} (Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\DLP.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winnqk32 (Dialer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\IE AntiVirus (Rogue.IEAntiVirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoe gg.com/publisher,version=0.2.0 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoe gg.com/updater,version=0.2.0 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Evidence Eliminator Safe Recycle (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Evidence Eliminator Quick Mode (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Evidence Eliminator Safe Restart (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Evidence Eliminator Safe Shutdown (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Eeshellx.ShellExt (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandle rs\Evidence Eliminator (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\R oot\LEGACY_FOPF (Rogue.AVSystemShield) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Windows Safety Alert (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products\AntiVirus (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\W MPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\IExplorer Security Plug-in (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Internet Explorer Secure Bar (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Messenger Service (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CLASSES_ROOT\AppID\ (Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\lphcvumj0e3ar (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\ljjbtusj -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\ljjbtusj -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\UGA6P (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\UGA6P\Quar (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Antiviruspcsuite (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Program Files\Antiviruspcsuite\Dat (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Program Files\VSAdd-in (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\NI.UGA6P_0001_N105M2704 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michael\Application Data\SystemDoctor 2006 Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michael\Application Data\SystemDoctor 2006 Free\Logs (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Start Menu\Programs\Evidence Eliminator (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Antiviruspcsuite (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Antiviruspcsuite\Logs (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\me ssages (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Updater\2663 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Updater\4458 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\me ssages (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Updater\2663 (Adware.VideoEgg) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\system32\mljji.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssqrqrSj.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hggdbbb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ljJBtuSj.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\jSutBJjl.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jSutBJjl.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Program Files\VideoEgg\Loader\2663\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgGxUnlM.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jkkICrRI.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yayaXQki.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michael 2\Local Settings\Temp\.tt11.tmp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michael 2\Local Settings\Temp\Rar$EX00.141\crack.exe (Trojan.Inject) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michael 2\Local Settings\Temp\Rar$EX01.172\crack.exe (Trojan.Inject) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michael 2\Local Settings\Temporary Internet Files\Content.IE5\MMIBHDGR\cntr[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History\search2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images\018B468D.u rr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Antiviruspcsuite\Dat\sr.log (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\VideoEgg\user.dat (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\NI.UGA6P_0001_N105M2704\settings.ini (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\NI.UGA6P_0001_N105M2704\setup.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\NI.UGA6P_0001_N105M2704\setup.len (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Start Menu\Programs\Evidence Eliminator\Evidence Eliminator Help.lnk (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Start Menu\Programs\Evidence Eliminator\Evidence Eliminator License Agreement.lnk (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Start Menu\Programs\Evidence Eliminator\Evidence Eliminator Read Me.lnk (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Start Menu\Programs\Evidence Eliminator\Evidence Eliminator.lnk (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Antiviruspcsuite\avtasks.dat (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Antiviruspcsuite\PGE.dat (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Antiviruspcsuite\Logs\av.log (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Antiviruspcsuite\Logs\ga6Support.log (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Antiviruspcsuite\Logs\update.log (Rogue.Antiviruspcsuite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\bebo_tv_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\bebo_tv_watermark_1.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\camcorder_slide copy.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\mobile_btn_highlighted copy.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\skin.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\skin.zip (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\videoegg-large.ico (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\videoegg-small.ico (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\videoegg.ico (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Data\Resources\gid329\cid1124\bebo03 \images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\im ages\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\me ssages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Updater\2663\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Updater\2663\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Updater\4458\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\VideoEgg\Updater\4458\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\im ages\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Publisher\3461\resources\VideoEgg\me ssages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Updater\2663\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rosari\Application Data\VideoEgg\Updater\2663\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winnqk32.dll (Dialer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blphcvumj0e3ar.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Start Menu\Programs\IE AntiVirus 3.3.lnk (Rogue.IEAntiVirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michael 2\Local Settings\Temp\.ttE.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\.tt53.tmp.vbs (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\.tt81.tmp.vbs (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michael 2\Local Settings\Temp\.ttE.tmp.vbs (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\win44BD.tmp.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\win44C2.tmp.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\win44C5.tmp.exe (Heuristics.Malware) -> Quarantined and deleted successfully.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:48:22 PM, on 10/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\winmech\NTSERV~1\srunner.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\TalkTalk\bin\sprtcmd.exe
C:\Program Files\Lexmark 7300 Series\lxcimon.exe
C:\Program Files\Lexmark 7300 Series\ezprint.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\lxcicoms.exe
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Windows Live\Family Safety\fssui.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Kontiki\KHost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mikogo\Mikogo.exe
C:\Documents and Settings\Michael 2\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O1 - Hosts: 216.239.37.99 www.fulltiltpoker.com
O1 - Hosts: 216.239.37.99 www.www.fulltiltpoker.com
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 http://www.pokerstars.com/
O1 - Hosts: 216.239.37.99 www.http://www.pokerstars.com/
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.89.com
O1 - Hosts: 216.239.37.99 www.www.89.com
O1 - Hosts: 216.239.37.99 http://www.89.com/
O1 - Hosts: 216.239.37.99 www.http://www.89.com/
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {274c0420-ebe0-4f1d-b473-edd1aa9b85dd} - C:\Program Files\iVideoCodec\isaddon.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: XBTP01621 - {9EBBE90B-282E-4c39-8A7E-120749169F0F} - C:\PROGRA~1\BEARSH~2\MediaBar.dll (file missing)
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - C:\WINDOWS\system32\ixt0.dll (file missing)
O2 - BHO: (no name) - {CDE8EAB9-CEF3-4885-B12F-26960A25C800} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
O3 - Toolbar: (no name) - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file)
O3 - Toolbar: Protection Bar - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdiebar.dll (file missing)
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Evidence Eliminator] C:\Program Files\Evidence Eliminator\ee.exe /m
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [TalkTalk] "C:\Program Files\TalkTalk\bin\sprtcmd.exe" /P TalkTalk
O4 - HKLM\..\Run: [LXCICATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCItim e.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcimon.exe] "C:\Program Files\Lexmark 7300 Series\lxcimon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 7300 Series\ezprint.exe"
O4 - HKLM\..\Run: [POEngine] "C:\Program Files\PokerOffice\POEngine.exe" C:\Program Files\PokerOffice
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CrazyTalk Serve] rundll32.exe C:\WINDOWS\system32\CrazyTalk.dll,DllServeMediaFil e
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fssui.exe" -autorun
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Mikogo] "C:\Program Files\Mikogo\Mikogo.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Michael 2\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKLM\..\Policies\Explorer\Run: [issearch.exe] issearch.exe
O4 - HKLM\..\Policies\Explorer\Run: [isamonitor.exe] C:\Program Files\iVideoCodec\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [pmsngr.exe] C:\Program Files\iVideoCodec\pmsngr.exe
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1019\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (User 'postgres')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra button: PokerTime Poker - {7220F1C9-B7E0-47a6-A0BD-D5B3940BCC79} - C:\Microgaming\Poker\PokerTimeMPP\MPPoker.exe (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Golden Riviera Poker - {85BFB6E0-96F9-4424-8819-1D67E9F78D33} - C:\Program Files\goldenrivieraMPP\MPPoker.exe (file missing)
O9 - Extra button: Crazy Poker - {8A8A3162-B5FA-4c54-A862-4E62CBE8A255} - C:\Program Files\crazyvegasMPP\MPPoker.exe (file missing)
O9 - Extra button: Gnuf Casino - {8FE9B27A-BDCD-4d27-A430-4DC0B58D01B0} - C:\Program Files\Gnuf\Casino\casinogame.exe (file missing)
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: PacificPoker - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - C:\PROGRA~1\PACIFI~1\pacificpoker.exe (file missing)
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: Vegas Villa Online Casino - {AB692429-F6D7-4b49-A981-A077A58ED9D0} - C:\Program Files\vegasvilla\casinogame.exe (file missing)
O9 - Extra button: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Program Files\Noble Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Program Files\Noble Poker\casino.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: FreshDownload - {B9BDD838-91D1-4E31-A1D1-062DD5B289C3} - C:\Program Files\FreshDevices\FreshDownload\fd.exe (file missing)
O9 - Extra button: Dream Poker - {D45D9D5F-B491-4c95-8B05-FA6B6C69CA82} - C:\Microgaming\Poker\dreampokerMPP\MPPoker.exe (file missing)
O9 - Extra button: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (file missing)
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Michael 2\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Michael 2\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolb...lerControl.cab
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: {463ED66E-431B-11D2-ADB0-0080C83DA4EB} (AcceptWM Class) - https://w3s.webmoney.ru/WMAcceptor.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (Download Helper Class) - http://activex.microgaming.com/DLhel...7/dlhelper.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Regi...18/flashax.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{71F536DA-0383-44D5-9C3B-E98F81A1B3B0}: NameServer = 62.24.222.135 62.24.222.134
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O22 - SharedTaskScheduler: farrandly - {8aa7a4d2-73c7-4fca-bef7-7923e38a3b1c} - C:\WINDOWS\system32\tczij.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: lxci_device - - C:\WINDOWS\system32\lxcicoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - c:\windows\svchost.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Security Services Internet (winmech) - Unknown owner - C:\WINDOWS\winmech\NTSERV~1\srunner.exe

--
End of file - 18406 bytes

That's one big logfile...

I think the problem may be fixed already because it hasn't happened since but I'l post the logfiles here just in case.

Wow you may have set a record for malware with that one. Although your main problem may be fixed, there is likely still some cleaning to do to make sure you are malware free. Lets make sure we got everything before moving on.

1) Download and run ATF-Cleaner.
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browser
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

2) Update MBAM to the latest definitions using the update tab
Now run a full system scan. Remove everything it finds, reboot if necessary.

3) Please run Kaspersky Online Scanner for a second opinion. Update and run a full system scan. Save the report it generates.

We will fix your hijackthis entries and take further necessary steps later.
For now please reply with:
1) Your full MBAM log
2) The full Kaspersky report
3) A fresh hijackthis log

Good lord. 1337 is doing a good job as always

This is malware, but the MBAM full scan, ATF, or kaspersky should find it. If not, it can be manually removed.

These are bad too.

This is kind of weird too. Any reason you have all of these domains pointing to a google IP address?

Not sure?? Is it a problem?

It can't be good but its hard to understand why they would redirect to google. We'll go through your hjt log and fix those entries and others as soon as we get your pc cleaned up a little bit more. Follow those instructions i posted and we'll continue.

Sounds like someone was trying to deter going to poker sites or adult directories.

This.

I won't interrupt, but that's one heck of an MBAM log! Good luck fixing everything, OP.

Malwarebytes' Anti-Malware 1.28
Database version: 1259
Windows 5.1.2600 Service Pack 2

10/12/2008 1:21:56 AM
mbam-log-2008-10-12 (01-21-56).txt

Scan type: Full Scan (C:\|)
Objects scanned: 283713
Time elapsed: 2 hour(s), 27 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Michael 2\Desktop\New Folder\CDPoker2.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0838AAC6-3840-4DC0-9BF4-DD05217448FE}\RP583\A0280047.dll (Trojan.Vundo) -> Quarantined and deleted successfully.


Sunday, October 12, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, October 12, 2008 09:13:49
Records in database: 1306802
Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes
Scan area My Computer
A:\
C:\
D:\
E:\
G:\
Scan statistics
Files scanned 229085
Threat name 24
Infected objects 27
Suspicious objects 1
Duration of the scan 04:26:34

File name Threat name Threats count
C:\Documents and Settings\Michael\Application Data\Sun\Java\Deployment\cache\6.0\43\65cc22eb-2228427f Infected: Trojan-Downloader.Java.OpenStream.ac 1
C:\Documents and Settings\Michael 2\Local Settings\Temp\Lonely cat games LCG Jukebox 2.12.rar Infected: Trojan-Downloader.Win32.Injecter.asa 1
C:\Documents and Settings\Michael 2\Local Settings\Temp\Lonely cat games LCG Jukebox 2.12.rar Infected: Trojan.Win32.Inject.idx 1
C:\Documents and Settings\Michael 2\My Documents\LimeWire\Saved\cold desert kings of leon 192kb.mp3 Infected: Trojan-Downloader.WMA.GetCodec.f 1
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Sun\Java\Deployment\cache\6.0\45\2bbf6c6d-23539ed3 Infected: Trojan-Downloader.Java.OpenStream.ac 1
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Sun\Java\Deployment\cache\6.0\55\265b8ef7-21890d4a Infected: Exploit.Java.Gimsh.a 1
C:\Documents and Settings\Stephen.ELARA-035110920\Incomplete\T-5745425-g unit - you so tough.mp3 Infected: Trojan-Downloader.WMA.Wimad.n 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:RiskTool.Win32.PsKill.an 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.d 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.SanitarDiska.u 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.a 3
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.2006 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.bp 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.cg 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.ap 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.c 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.am 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temp\~ga6psetup.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.k 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temporary Internet Files\Content.IE5\EKCRBK94\wbk13.tmp Suspicious: Trojan-Spy.HTML.Fraud.gen 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temporary Internet Files\Content.IE5\GS02XGTO\WIN%209,0,115,0i[1].htm Infected: Exploit.SWF.Downloader.c 1
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temporary Internet Files\Content.IE5\MWD17X5Z\WIN%209,0,115,0swf[1].htm Infected: Exploit.SWF.Downloader.c 1
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\436N6L65\iupdatepage[1].htm Infected: not-virus:Hoax.JS.Agent.a 1
C:\Program Files\AdVantage\AdVantage.exe Infected: not-a-virus:AdTool.Win32.WhenU.s 1
C:\Program Files\AdVantage\TR.dll Infected: not-a-virus:AdTool.Win32.WhenU.r 1
C:\Program Files\DAEMON Tools SearchBar\Search.exe Infected: not-a-virus:AdTool.Win32.WhenU.c 1
C:\RECYCLER\S-1-5-21-2052111302-616249376-725345543-1006\Dc107\ActualSpy.exe Infected: not-a-virus:Monitor.Win32.ActualSpy.ar 1
The selected area was scanned.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:33:48 PM, on 10/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\winmech\NTSERV~1\srunner.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\lxcicoms.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\TalkTalk\bin\sprtcmd.exe
C:\Program Files\Lexmark 7300 Series\lxcimon.exe
C:\Program Files\Lexmark 7300 Series\ezprint.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Windows Live\Family Safety\fssui.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Kontiki\KHost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Michael 2\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PokerTracker 3\PokerTracker.exe
C:\Program Files\PokerTracker 3\PokerTracker.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O1 - Hosts: 216.239.37.99 www.fulltiltpoker.com
O1 - Hosts: 216.239.37.99 www.www.fulltiltpoker.com
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 http://www.pokerstars.com/
O1 - Hosts: 216.239.37.99 www.http://www.pokerstars.com/
O1 - Hosts: 216.239.37.99 www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.www.pokerstars.com
O1 - Hosts: 216.239.37.99 www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.www.pokerplex.com
O1 - Hosts: 216.239.37.99 www.89.com
O1 - Hosts: 216.239.37.99 www.www.89.com
O1 - Hosts: 216.239.37.99 http://www.89.com/
O1 - Hosts: 216.239.37.99 www.http://www.89.com/
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {274c0420-ebe0-4f1d-b473-edd1aa9b85dd} - C:\Program Files\iVideoCodec\isaddon.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: XBTP01621 - {9EBBE90B-282E-4c39-8A7E-120749169F0F} - C:\PROGRA~1\BEARSH~2\MediaBar.dll (file missing)
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - C:\WINDOWS\system32\ixt0.dll (file missing)
O2 - BHO: (no name) - {CDE8EAB9-CEF3-4885-B12F-26960A25C800} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
O3 - Toolbar: (no name) - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file)
O3 - Toolbar: Protection Bar - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdiebar.dll (file missing)
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Evidence Eliminator] C:\Program Files\Evidence Eliminator\ee.exe /m
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [TalkTalk] "C:\Program Files\TalkTalk\bin\sprtcmd.exe" /P TalkTalk
O4 - HKLM\..\Run: [LXCICATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCItim e.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcimon.exe] "C:\Program Files\Lexmark 7300 Series\lxcimon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 7300 Series\ezprint.exe"
O4 - HKLM\..\Run: [POEngine] "C:\Program Files\PokerOffice\POEngine.exe" C:\Program Files\PokerOffice
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CrazyTalk Serve] rundll32.exe C:\WINDOWS\system32\CrazyTalk.dll,DllServeMediaFil e
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fssui.exe" -autorun
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Michael 2\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKLM\..\Policies\Explorer\Run: [issearch.exe] issearch.exe
O4 - HKLM\..\Policies\Explorer\Run: [isamonitor.exe] C:\Program Files\iVideoCodec\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [pmsngr.exe] C:\Program Files\iVideoCodec\pmsngr.exe
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [DNA] "C:\Program Files\BitTorrent_DNA\dna.exe" (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [Poker Time Messenger] "C:\Program Files\Poker Time Messenger\Poker Time Messenger.exe" -r (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\5.bin\mwsoemon.exe (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [WeatherDPA] "C:\Program Files\Zango\bin\10.1.181.0\Weather.exe" -auto (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [antispy] C:\Program Files\IEAntiVirus\ANTIVIR.exe (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1013\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'Stephen')
O4 - HKUS\S-1-5-21-2052111302-616249376-725345543-1019\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (User 'postgres')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra button: PokerTime Poker - {7220F1C9-B7E0-47a6-A0BD-D5B3940BCC79} - C:\Microgaming\Poker\PokerTimeMPP\MPPoker.exe (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Golden Riviera Poker - {85BFB6E0-96F9-4424-8819-1D67E9F78D33} - C:\Program Files\goldenrivieraMPP\MPPoker.exe (file missing)
O9 - Extra button: Crazy Poker - {8A8A3162-B5FA-4c54-A862-4E62CBE8A255} - C:\Program Files\crazyvegasMPP\MPPoker.exe (file missing)
O9 - Extra button: Gnuf Casino - {8FE9B27A-BDCD-4d27-A430-4DC0B58D01B0} - C:\Program Files\Gnuf\Casino\casinogame.exe (file missing)
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe (file missing)
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe (file missing)
O9 - Extra button: PacificPoker - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - C:\PROGRA~1\PACIFI~1\pacificpoker.exe (file missing)
O9 - Extra button: Vegas Villa Online Casino - {AB692429-F6D7-4b49-A981-A077A58ED9D0} - C:\Program Files\vegasvilla\casinogame.exe (file missing)
O9 - Extra button: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Program Files\Noble Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Program Files\Noble Poker\casino.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: FreshDownload - {B9BDD838-91D1-4E31-A1D1-062DD5B289C3} - C:\Program Files\FreshDevices\FreshDownload\fd.exe (file missing)
O9 - Extra button: Dream Poker - {D45D9D5F-B491-4c95-8B05-FA6B6C69CA82} - C:\Microgaming\Poker\dreampokerMPP\MPPoker.exe (file missing)
O9 - Extra button: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (file missing)
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Michael 2\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Michael 2\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolb...lerControl.cab
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: {463ED66E-431B-11D2-ADB0-0080C83DA4EB} (AcceptWM Class) - https://w3s.webmoney.ru/WMAcceptor.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (Download Helper Class) - http://activex.microgaming.com/DLhel...7/dlhelper.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Regi...18/flashax.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{71F536DA-0383-44D5-9C3B-E98F81A1B3B0}: NameServer = 62.24.218.50 62.24.218.51
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O22 - SharedTaskScheduler: farrandly - {8aa7a4d2-73c7-4fca-bef7-7923e38a3b1c} - C:\WINDOWS\system32\tczij.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: lxci_device - - C:\WINDOWS\system32\lxcicoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - c:\windows\svchost.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Security Services Internet (winmech) - Unknown owner - C:\WINDOWS\winmech\NTSERV~1\srunner.exe

--
End of file - 20455 bytes


Starting to look a little better I guess..

Did you clear your temp with atf-cleaner like i suggested in my last post? It appears you did not, or did not do in the order i posted as you still have loads of detections in temp folders as well as your recycle bin...Please follow all of these steps carefully and in order if you want this to work...Also Please make sure you are doing all of this under the *ADMINISTRATOR* account. If you are not the admin, please get them to login for you. This is very important.

1) Run ATF-Cleaner.
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browser
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

2) Download CCleaner. Run no other applications while you are running CCLeaner. Put a check next to all items you are comfortable with (ideally the most possible) and click "run cleaner". Run the scanner a few times

3) Using control panel, try and uninstall these programs (if they are still listed):
Next, locate and delete the following files and folders(if they are still there). Please make sure you have show hidden files and folders enabled:
4) Download SuperAntiSpyware. Update it and run a full system scan. Save the log it generates.

5) Open HijackThis, run a scan, and place a Check next to the following item(s)(if they still exist):
Then close all open windows/browsers and Click on Fix Checked. Reboot your PC.

6) Update and enable your avg software. If you are unable to do this or want to switch,(which i think would be a good idea) i suggest completely uninstalling avg through control panel and downloading Avira free. Then update avira and do a full system scan.

7) Run DiskCleanup. This will help clean your temp some more as well as clean your infected system restore points.
Go to start, programs, accessories, system tools and click on Disk Cleanup. When prompted, select files for all users on this computer. Next select your hard drive. Click on the more options tab and select cleanup your system restore points. Next, confirm that you want to delete all previous system restore points. Go back to the disk cleanup tab and select all that you are comfortable with but make sure to include your temporary files, recycle bin, and any temporary internet files. Next click ok, and confirm you want to delete the files

8) FYI, you have a ton of things installed and running at startup that you don't need. This is probably slowing your computer down a ton. You can install and use Windows defender to manage these and i suggest you do. Especially the entries like ares and bittorrent, why do you need those to automatically startup? They are probably slowing your computer down a ton.

9) Run hijackthis once more, save the fresh log.

We will deal with this later after you follow the previous 8 steps:
O23 - Service: Security Services Internet (winmech) - Unknown owner - C:\WINDOWS\winmech\NTSERV~1\srunner.exe


Please follow my instructions very carefully and in order. Then reply with:
1) Your progress
2) Your updated full system scan with SAS
2) Your updated full system scan with Avira free
3) A fresh hijackthis log

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/12/2008 at 10:05 PM

Application Version : 4.21.1004

Core Rules Database Version : 3595
Trace Rules Database Version: 1582

Scan type : Complete Scan
Total Scan Time : 00:52:41

Memory items scanned : 564
Memory threats detected : 0
Registry items scanned : 7331
Registry threats detected : 154
File items scanned : 30642
File threats detected : 38

Malware.Safety Bar
HKLM\Software\Classes\CLSID\{052b12f7-86fa-4921-8482-26c42316b522}
HKCR\CLSID\{052B12F7-86FA-4921-8482-26C42316B522}
HKCR\CLSID\{052B12F7-86FA-4921-8482-26C42316B522}
HKCR\CLSID\{052B12F7-86FA-4921-8482-26C42316B522}\Implemented Categories
HKCR\CLSID\{052B12F7-86FA-4921-8482-26C42316B522}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
HKCR\CLSID\{052B12F7-86FA-4921-8482-26C42316B522}\InprocServer32
HKCR\CLSID\{052B12F7-86FA-4921-8482-26C42316B522}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\SAFETY BAR\SAFETYBAR.DLL
C:\Program Files\Safety Bar\Uninstall.bat
C:\Program Files\Safety Bar

Unclassified.Unknown Origin
HKLM\Software\Classes\CLSID\{11853d5f-f894-4cc7-bbc3-fc7a9dcfd896}
HKCR\CLSID\{11853D5F-F894-4CC7-BBC3-FC7A9DCFD896}
HKCR\CLSID\{11853D5F-F894-4CC7-BBC3-FC7A9DCFD896}\InProcServer32
HKCR\CLSID\{11853D5F-F894-4CC7-BBC3-FC7A9DCFD896}\InProcServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\OKKMTV.DLL
HKCR\CLSID\{11853D5F-F894-4CC7-BBC3-FC7A9DCFD896}

Trojan.Media-Codec
HKLM\Software\Classes\CLSID\{1a29a79a-b9c8-44a9-bedf-7fadde3cf33f}
HKCR\CLSID\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F}
HKCR\CLSID\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F}
HKCR\CLSID\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F}\Implemented Categories
HKCR\CLSID\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
HKCR\CLSID\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F}\InprocServer32
HKCR\CLSID\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\IVIDEOCODEC\IESPLUGIN.DLL
HKLM\Software\Classes\CLSID\{274c0420-ebe0-4f1d-b473-edd1aa9b85dd}
HKCR\CLSID\{274C0420-EBE0-4F1D-B473-EDD1AA9B85DD}
HKCR\CLSID\{274C0420-EBE0-4F1D-B473-EDD1AA9B85DD}
HKCR\CLSID\{274C0420-EBE0-4F1D-B473-EDD1AA9B85DD}\InprocServer32
HKCR\CLSID\{274C0420-EBE0-4F1D-B473-EDD1AA9B85DD}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\IVIDEOCODEC\ISADDON.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{274c0420-ebe0-4f1d-b473-edd1aa9b85dd}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Internet Explorer Security Plugin 2006
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Internet Explorer Security Plugin 2006#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Internet Explorer Security Plugin 2006#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Internet Security Add-On
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\explorer\run#isamonitor.exe [ C:\Program Files\iVideoCodec\isamonitor.exe ]

Trojan.Smitfraud Variant
HKLM\Software\Classes\CLSID\{8aa7a4d2-73c7-4fca-bef7-7923e38a3b1c}
HKCR\CLSID\{8AA7A4D2-73C7-4FCA-BEF7-7923E38A3B1C}
HKCR\CLSID\{8AA7A4D2-73C7-4FCA-BEF7-7923E38A3B1C}\InProcServer32
HKCR\CLSID\{8AA7A4D2-73C7-4FCA-BEF7-7923E38A3B1C}\InProcServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\TCZIJ.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\SharedTaskScheduler#{8aa7a4d2-73c7-4fca-bef7-7923e38a3b1c}

Browser Hijacker.BestSafetyGuide
HKLM\Software\Classes\CLSID\{a43385f0-7113-496d-96d7-b9b550e3fcca}
HKCR\CLSID\{A43385F0-7113-496D-96D7-B9B550E3FCCA}
HKCR\CLSID\{A43385F0-7113-496D-96D7-B9B550E3FCCA}
HKCR\CLSID\{A43385F0-7113-496D-96D7-B9B550E3FCCA}\InprocServer32
HKCR\CLSID\{A43385F0-7113-496D-96D7-B9B550E3FCCA}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\IXT0.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{a43385f0-7113-496d-96d7-b9b550e3fcca}

Trojan.Media-Codec/V3
HKLM\Software\Classes\CLSID\{CDE8EAB9-CEF3-4885-B12F-26960A25C800}
HKCR\CLSID\{CDE8EAB9-CEF3-4885-B12F-26960A25C800}
HKCR\CLSID\{CDE8EAB9-CEF3-4885-B12F-26960A25C800}#xxx
HKCR\CLSID\{CDE8EAB9-CEF3-4885-B12F-26960A25C800}\InprocServer32
HKCR\CLSID\{CDE8EAB9-CEF3-4885-B12F-26960A25C800}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\VIDEO ACTIVEX ACCESS\IESPLG.DLL
HKLM\Software\Classes\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF}
HKCR\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF}
HKCR\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF}
HKCR\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF}\Implemented Categories
HKCR\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
HKCR\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF}\InprocServer32
HKCR\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\VIDEO ACTIVEX ACCESS\IESBPL.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{CDE8EAB9-CEF3-4885-B12F-26960A25C800}
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{DF4E7A0C-E233-4906-B4C1-A404356541FF}

Adware.WhenU
C:\Program Files\Common Files\WhenU\DTAdapter.exe
C:\Program Files\Common Files\WhenU\DTPlugin.dll
C:\Program Files\Common Files\WhenU
C:\RECYCLER\S-1-5-21-2052111302-616249376-725345543-1017\DC5\SEARCH.EXE

Malware.Notifier
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\explorer\run#issearch.exe [ issearch.exe ]

Malware.VirusBurst
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\aTFltdjdrOyI
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\AutoConvertTo
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\dtmimalregpo
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\Insertable
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\mtksaymewr
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\pBeDhcke
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\ProgID
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\TMftgvaHVtahm
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\TreatAs
HKCR\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}\yuqbptcai
HKCR\TypeLib\{ACF3DAB0-D308-4B7A-BFE3-E6C0FAFEB1E7}
HKCR\TypeLib\{ACF3DAB0-D308-4B7A-BFE3-E6C0FAFEB1E7}\1.0
HKCR\TypeLib\{ACF3DAB0-D308-4B7A-BFE3-E6C0FAFEB1E7}\1.0\0
HKCR\TypeLib\{ACF3DAB0-D308-4B7A-BFE3-E6C0FAFEB1E7}\1.0\0\win32
HKCR\TypeLib\{ACF3DAB0-D308-4B7A-BFE3-E6C0FAFEB1E7}\1.0\FLAGS
HKCR\TypeLib\{ACF3DAB0-D308-4B7A-BFE3-E6C0FAFEB1E7}\1.0\HELPDIR
HKCR\Interface\{02313722-BB43-4C84-80A2-7CEDFC3F8560}
HKCR\Interface\{02313722-BB43-4C84-80A2-7CEDFC3F8560}\ProxyStubClsid
HKCR\Interface\{02313722-BB43-4C84-80A2-7CEDFC3F8560}\ProxyStubClsid32
HKCR\Interface\{02313722-BB43-4C84-80A2-7CEDFC3F8560}\TypeLib
HKCR\Interface\{02313722-BB43-4C84-80A2-7CEDFC3F8560}\TypeLib#Version
HKCR\Interface\{0A03153E-AE2A-47FE-BBA3-3333C0EEEB86}
HKCR\Interface\{0A03153E-AE2A-47FE-BBA3-3333C0EEEB86}\ProxyStubClsid
HKCR\Interface\{0A03153E-AE2A-47FE-BBA3-3333C0EEEB86}\ProxyStubClsid32
HKCR\Interface\{0A03153E-AE2A-47FE-BBA3-3333C0EEEB86}\TypeLib
HKCR\Interface\{0A03153E-AE2A-47FE-BBA3-3333C0EEEB86}\TypeLib#Version
HKCR\Interface\{13854DA2-8414-4007-9693-2B6E6002520E}
HKCR\Interface\{13854DA2-8414-4007-9693-2B6E6002520E}\ProxyStubClsid
HKCR\Interface\{13854DA2-8414-4007-9693-2B6E6002520E}\ProxyStubClsid32
HKCR\Interface\{13854DA2-8414-4007-9693-2B6E6002520E}\TypeLib
HKCR\Interface\{13854DA2-8414-4007-9693-2B6E6002520E}\TypeLib#Version
HKCR\Interface\{1DF2A595-BB53-46D4-9EED-1343E066C2B0}
HKCR\Interface\{1DF2A595-BB53-46D4-9EED-1343E066C2B0}\ProxyStubClsid
HKCR\Interface\{1DF2A595-BB53-46D4-9EED-1343E066C2B0}\ProxyStubClsid32
HKCR\Interface\{1DF2A595-BB53-46D4-9EED-1343E066C2B0}\TypeLib
HKCR\Interface\{1DF2A595-BB53-46D4-9EED-1343E066C2B0}\TypeLib#Version
HKCR\Interface\{21EFA4BF-6BAC-43E9-9465-9DDB4AC2967E}
HKCR\Interface\{21EFA4BF-6BAC-43E9-9465-9DDB4AC2967E}\ProxyStubClsid
HKCR\Interface\{21EFA4BF-6BAC-43E9-9465-9DDB4AC2967E}\ProxyStubClsid32
HKCR\Interface\{21EFA4BF-6BAC-43E9-9465-9DDB4AC2967E}\TypeLib
HKCR\Interface\{21EFA4BF-6BAC-43E9-9465-9DDB4AC2967E}\TypeLib#Version
HKCR\Interface\{2CB87422-057A-4FFC-A518-6A728D6F5F65}
HKCR\Interface\{2CB87422-057A-4FFC-A518-6A728D6F5F65}\ProxyStubClsid
HKCR\Interface\{2CB87422-057A-4FFC-A518-6A728D6F5F65}\ProxyStubClsid32
HKCR\Interface\{2CB87422-057A-4FFC-A518-6A728D6F5F65}\TypeLib
HKCR\Interface\{2CB87422-057A-4FFC-A518-6A728D6F5F65}\TypeLib#Version
HKCR\Interface\{52B75F3F-0016-4002-9A3A-B68BC9501ED1}
HKCR\Interface\{52B75F3F-0016-4002-9A3A-B68BC9501ED1}\ProxyStubClsid
HKCR\Interface\{52B75F3F-0016-4002-9A3A-B68BC9501ED1}\ProxyStubClsid32
HKCR\Interface\{52B75F3F-0016-4002-9A3A-B68BC9501ED1}\TypeLib
HKCR\Interface\{52B75F3F-0016-4002-9A3A-B68BC9501ED1}\TypeLib#Version
HKCR\Interface\{6DDA751B-CA62-41C6-B622-EA4B4C2E51F8}
HKCR\Interface\{6DDA751B-CA62-41C6-B622-EA4B4C2E51F8}\ProxyStubClsid
HKCR\Interface\{6DDA751B-CA62-41C6-B622-EA4B4C2E51F8}\ProxyStubClsid32
HKCR\Interface\{6DDA751B-CA62-41C6-B622-EA4B4C2E51F8}\TypeLib
HKCR\Interface\{6DDA751B-CA62-41C6-B622-EA4B4C2E51F8}\TypeLib#Version
HKCR\Interface\{88BDD61D-AC47-4D9E-A3ED-1CAA575593E6}
HKCR\Interface\{88BDD61D-AC47-4D9E-A3ED-1CAA575593E6}\ProxyStubClsid
HKCR\Interface\{88BDD61D-AC47-4D9E-A3ED-1CAA575593E6}\ProxyStubClsid32
HKCR\Interface\{88BDD61D-AC47-4D9E-A3ED-1CAA575593E6}\TypeLib
HKCR\Interface\{88BDD61D-AC47-4D9E-A3ED-1CAA575593E6}\TypeLib#Version
HKCR\Interface\{A09DFAEF-BFA3-47CA-9479-D7EC79342146}
HKCR\Interface\{A09DFAEF-BFA3-47CA-9479-D7EC79342146}\ProxyStubClsid
HKCR\Interface\{A09DFAEF-BFA3-47CA-9479-D7EC79342146}\ProxyStubClsid32
HKCR\Interface\{A09DFAEF-BFA3-47CA-9479-D7EC79342146}\TypeLib
HKCR\Interface\{A09DFAEF-BFA3-47CA-9479-D7EC79342146}\TypeLib#Version
HKCR\Interface\{B70B489C-F0D5-4DD9-A2BA-9B6DBCF5090A}
HKCR\Interface\{B70B489C-F0D5-4DD9-A2BA-9B6DBCF5090A}\ProxyStubClsid
HKCR\Interface\{B70B489C-F0D5-4DD9-A2BA-9B6DBCF5090A}\ProxyStubClsid32
HKCR\Interface\{B70B489C-F0D5-4DD9-A2BA-9B6DBCF5090A}\TypeLib
HKCR\Interface\{B70B489C-F0D5-4DD9-A2BA-9B6DBCF5090A}\TypeLib#Version
HKCR\Interface\{B889DE48-EC10-4278-B3FF-76FEB7449215}
HKCR\Interface\{B889DE48-EC10-4278-B3FF-76FEB7449215}\ProxyStubClsid
HKCR\Interface\{B889DE48-EC10-4278-B3FF-76FEB7449215}\ProxyStubClsid32
HKCR\Interface\{B889DE48-EC10-4278-B3FF-76FEB7449215}\TypeLib
HKCR\Interface\{B889DE48-EC10-4278-B3FF-76FEB7449215}\TypeLib#Version
HKCR\Interface\{C9CA446E-0484-4647-BBF0-3C129C42047C}
HKCR\Interface\{C9CA446E-0484-4647-BBF0-3C129C42047C}\ProxyStubClsid
HKCR\Interface\{C9CA446E-0484-4647-BBF0-3C129C42047C}\ProxyStubClsid32
HKCR\Interface\{C9CA446E-0484-4647-BBF0-3C129C42047C}\TypeLib
HKCR\Interface\{C9CA446E-0484-4647-BBF0-3C129C42047C}\TypeLib#Version
HKCR\Interface\{D7DE2292-04DD-48FC-B250-5E9BFE6BB959}
HKCR\Interface\{D7DE2292-04DD-48FC-B250-5E9BFE6BB959}\ProxyStubClsid
HKCR\Interface\{D7DE2292-04DD-48FC-B250-5E9BFE6BB959}\ProxyStubClsid32
HKCR\Interface\{D7DE2292-04DD-48FC-B250-5E9BFE6BB959}\TypeLib
HKCR\Interface\{D7DE2292-04DD-48FC-B250-5E9BFE6BB959}\TypeLib#Version
HKCR\Interface\{F9B659A0-6F32-4D69-A7D0-29A0B8CDDC16}
HKCR\Interface\{F9B659A0-6F32-4D69-A7D0-29A0B8CDDC16}\ProxyStubClsid
HKCR\Interface\{F9B659A0-6F32-4D69-A7D0-29A0B8CDDC16}\ProxyStubClsid32
HKCR\Interface\{F9B659A0-6F32-4D69-A7D0-29A0B8CDDC16}\TypeLib
HKCR\Interface\{F9B659A0-6F32-4D69-A7D0-29A0B8CDDC16}\TypeLib#Version
HKCR\Interface\{FA13560C-D18C-4BE6-AE80-EBEFC6E5AD3C}
HKCR\Interface\{FA13560C-D18C-4BE6-AE80-EBEFC6E5AD3C}\ProxyStubClsid
HKCR\Interface\{FA13560C-D18C-4BE6-AE80-EBEFC6E5AD3C}\ProxyStubClsid32
HKCR\Interface\{FA13560C-D18C-4BE6-AE80-EBEFC6E5AD3C}\TypeLib
HKCR\Interface\{FA13560C-D18C-4BE6-AE80-EBEFC6E5AD3C}\TypeLib#Version
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\explorer\run#pmsngr.exe [ C:\Program Files\iVideoCodec\pmsngr.exe ]

Adware.Casino Games (Golden Palace Casino)
C:\PROGRAM FILES\TITAN POKER\CASINO.EXE
C:\DOCUMENTS AND SETTINGS\MICHAEL\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\TITAN POKER.LNK
C:\DOCUMENTS AND SETTINGS\MICHAEL 2\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\TITAN POKER.LNK
C:\POKER\MANSIONPOKER\CASINO.EXE
C:\DOCUMENTS AND SETTINGS\MICHAEL 2\DESKTOP\MANSIONPOKER.LNK
C:\DOCUMENTS AND SETTINGS\MICHAEL 2\DESKTOP\NEW FOLDER\CASINO TYCOON\CASINO.EXE
C:\POKER\NOIQ POKER\CASINO.EXE
C:\DOCUMENTS AND SETTINGS\MICHAEL 2\DESKTOP\NOIQ.LNK
C:\DOCUMENTS AND SETTINGS\MICHAEL 2\DESKTOP\POKER\CASINO.EXE
C:\DOCUMENTS AND SETTINGS\MICHAEL 2\DESKTOP\POKER\TITAN POKER.LNK
C:\DOCUMENTS AND SETTINGS\STEPHEN.ELARA-035110920\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\TITAN POKER.LNK
C:\SYSTEM VOLUME INFORMATION\_RESTORE{0838AAC6-3840-4DC0-9BF4-DD05217448FE}\RP584\A0283241.LNK
C:\SYSTEM VOLUME INFORMATION\_RESTORE{0838AAC6-3840-4DC0-9BF4-DD05217448FE}\RP584\A0283242.LNK
C:\SYSTEM VOLUME INFORMATION\_RESTORE{0838AAC6-3840-4DC0-9BF4-DD05217448FE}\RP584\A0283269.LNK
C:\SYSTEM VOLUME INFORMATION\_RESTORE{0838AAC6-3840-4DC0-9BF4-DD05217448FE}\RP586\A0286398.LNK
C:\SYSTEM VOLUME INFORMATION\_RESTORE{0838AAC6-3840-4DC0-9BF4-DD05217448FE}\RP586\A0286426.LNK
C:\SYSTEM VOLUME INFORMATION\_RESTORE{0838AAC6-3840-4DC0-9BF4-DD05217448FE}\RP586\A0286428.LNK
C:\SYSTEM VOLUME INFORMATION\_RESTORE{0838AAC6-3840-4DC0-9BF4-DD05217448FE}\RP586\A0286457.LNK

Browser Hijacker.Favorites
C:\DOCUMENTS AND SETTINGS\USER\FAVORITES\ANTIVIRUS TEST ONLINE.URL

Adware.MyWebSearch-Installer
C:\RECYCLER\S-1-5-21-2052111302-616249376-725345543-1008\DC95.EXE
C:\RECYCLER\S-1-5-21-2052111302-616249376-725345543-1008\DC97.EXE

Adware.Vundo Variant/Rel
C:\WINDOWS\SYSTEM32\IJJLM.BAK1
C:\WINDOWS\SYSTEM32\IJJLM.INI

Trojan.Unknown Origin
C:\WINDOWS\SYSTEM32\OT.ICO

I didn't download Avira Free but if it is necessary I will.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:08:22 PM, on 10/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\winmech\NTSERV~1\srunner.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{71F536DA-0383-44D5-9C3B-E98F81A1B3B0}: NameServer = 62.24.252.135 62.24.252.134
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - c:\windows\svchost.exe (file missing)
O23 - Service: Security Services Internet (winmech) - Unknown owner - C:\WINDOWS\winmech\NTSERV~1\srunner.exe

--
End of file - 3404 bytes

You should instal Avira, but i think you should scan with AVG first. You still have an extensive infection.

Run a full scan with AVG. Fix what it finds.
Uninstall AVG.
Install Avira.
Update Avira.
Run Avira. Fix what it finds and post log.

After that you can uninstall Avira and reinstall AVG if you like it better. Just don't have them both running at the same time.

Then post a new HijackThis log.


Edit: And stop downloading cracked software.

Avira AntiVir Personal
Report file date: Monday, October 13, 2008 20:54

Scanning for 1681179 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: ELARA-035110920

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 8/12/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 6/26/2008 09:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 5/26/2008 08:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 6/12/2008 13:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 5/26/2008 08:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 7/18/2007 11:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 6/24/2008 14:54:15
ANTIVIR2.VDF : 7.0.7.12 4066816 Bytes 10/8/2008 17:05:18
ANTIVIR3.VDF : 7.0.7.35 175104 Bytes 10/13/2008 17:05:21
Engineversion : 8.1.1.35
AEVDF.DLL : 8.1.0.5 102772 Bytes 2/25/2008 10:58:21
AESCRIPT.DLL : 8.1.0.76 319867 Bytes 10/13/2008 17:05:46
AESCN.DLL : 8.1.0.23 119156 Bytes 7/10/2008 13:44:49
AERDL.DLL : 8.1.1.2 438644 Bytes 10/13/2008 17:05:44
AEPACK.DLL : 8.1.2.3 364918 Bytes 10/13/2008 17:05:40
AEOFFICE.DLL : 8.1.0.25 196986 Bytes 10/13/2008 17:05:37
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 10/13/2008 17:05:35
AEHELP.DLL : 8.1.0.15 115063 Bytes 7/10/2008 13:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 10/13/2008 17:05:25
AEEMU.DLL : 8.1.0.7 430452 Bytes 7/31/2008 09:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 10/13/2008 17:05:23
AEBB.DLL : 8.1.0.1 53617 Bytes 7/10/2008 13:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 7/9/2008 09:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 5/16/2008 10:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 10/13/2008 17:05:21
AVREG.DLL : 8.0.0.1 33537 Bytes 5/9/2008 12:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2/12/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 6/12/2008 13:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 1/22/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 6/12/2008 13:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 1/25/2008 13:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 6/12/2008 14:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 6/27/2008 14:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: Monday, October 13, 2008 20:54

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'stdialup.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'cidaemon.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'avgnsx.exe' - '1' Module(s) have been scanned
Scan process 'avgrsx.exe' - '1' Module(s) have been scanned
Scan process 'postgres.exe' - '1' Module(s) have been scanned
Scan process 'postgres.exe' - '1' Module(s) have been scanned
Scan process 'postgres.exe' - '1' Module(s) have been scanned
Scan process 'postgres.exe' - '1' Module(s) have been scanned
Scan process 'postgres.exe' - '1' Module(s) have been scanned
Scan process 'postgres.exe' - '1' Module(s) have been scanned
Scan process 'srunner.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'pg_ctl.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'fsssvc.exe' - '1' Module(s) have been scanned
Scan process 'cisvc.exe' - '1' Module(s) have been scanned
Scan process 'avgwdsvc.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
44 processes with 44 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '48' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Michael 2\Desktop\New Folder\EZ_Screen_Recorder_v3.7.101707.rar
[0] Archive type: RAR
--> EZ Screen Recorder v3.7.101707_by_SAW\ezscreen.exe
[DETECTION] Is the TR/Agent.748085 Trojan
[NOTE] The file was moved to '4952b014.qua'!
C:\Documents and Settings\Michael 2\Desktop\New Folder\CS2\keygen.exe
[DETECTION] Contains recognition pattern of the WORM/Autorun.cxl worm
[NOTE] The file was moved to '496cb089.qua'!
C:\Documents and Settings\Michael 2\Desktop\New Folder\EZ Screen Recorder v3.7.101707_by_SAW\ezscreen.exe
[DETECTION] Is the TR/Agent.748085 Trojan
[NOTE] The file was moved to '4966b0a0.qua'!
C:\Documents and Settings\Michael 2\My Documents\GTA San Andreas User Files\User Tracks\Steven Spielberg gets a hilarious prank phone call.wma
[DETECTION] Is the TR/Wimad.A.Gen Trojan
[NOTE] The file was moved to '4958b1d2.qua'!
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Sun\Java\Deployment\cache\6.0\45\2bbf6c6d-23539ed3
[0] Archive type: ZIP
--> OP.class
[DETECTION] Contains recognition pattern of the EXP/ByteVerify.I exploit
[NOTE] The file was moved to '4955b664.qua'!
C:\Documents and Settings\Stephen.ELARA-035110920\Application Data\Sun\Java\Deployment\cache\6.0\55\265b8ef7-21890d4a
[0] Archive type: ZIP
--> BaaaaBaa.class
[DETECTION] Contains recognition pattern of the EXP/Java.Gimsh.A.14 exploit
[NOTE] The file was moved to '4928b657.qua'!
C:\Documents and Settings\Stephen.ELARA-035110920\Desktop\Games\PC_GTA.-3-.(ripped+dipped)\Grand Theft Auto 3.rar
[0] Archive type: RAR
--> Grand Theft Auto 3\Doesnt_work_tryThis.exe
[DETECTION] Is the TR/Zlob.2527 Trojan
[NOTE] The file was moved to '4954b6f5.qua'!
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temporary Internet Files\Content.IE5\1RA5QEJC\free[1].htm
[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus
[NOTE] The file was moved to '4958b796.qua'!
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temporary Internet Files\Content.IE5\GS02XGTO\WIN%209,0,115,0i[1].htm
[0] Archive type: SWC
--> Object
[DETECTION] Contains recognition pattern of the EXP/Flash.Gen exploit
[NOTE] The file was moved to '4941b80c.qua'!
C:\Documents and Settings\Stephen.ELARA-035110920\Local Settings\Temporary Internet Files\Content.IE5\MWD17X5Z\WIN%209,0,115,0swf[1].htm
[0] Archive type: SWC
--> Object
[DETECTION] Contains recognition pattern of the EXP/Flash.Gen exploit
[NOTE] The file was moved to '4941b832.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\41ED6JK7\404[10].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4927baa8.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\41ED6JK7\404[11].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4927baa9.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\41ED6JK7\404[12].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4821710a.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\41ED6JK7\404[13].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4927baab.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\41ED6JK7\404[14].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4821710c.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\41ED6JK7\404[15].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4927baaa.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\41ED6JK7\404[16].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4821710b.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\41ED6JK7\404[1].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4927baac.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\41ED6JK7\404[2].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4821710d.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\41ED6JK7\404[3].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4927baad.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\41ED6JK7\404[4].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4821710e.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\41ED6JK7\404[5].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4927baaf.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\41ED6JK7\404[6].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4927baae.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\41ED6JK7\404[7].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4821710f.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\41ED6JK7\404[8].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4927bab0.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\41ED6JK7\404[9].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '48217111.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\436N6L65\404[10].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4927bac4.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\436N6L65\404[11].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4927bac5.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\436N6L65\404[12].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '48217166.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\436N6L65\404[13].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4927bac7.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\436N6L65\404[14].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '48217168.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\436N6L65\404[15].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4927bac6.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\436N6L65\404[1].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '48217167.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\436N6L65\404[2].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4927bac8.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\436N6L65\404[3].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4927bac9.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\436N6L65\404[4].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4821716a.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\436N6L65\404[5].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4927bacb.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\436N6L65\404[6].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4821716c.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\436N6L65\404[7].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '48217169.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\436N6L65\404[8].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4927baca.qua'!
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\436N6L65\404[9].htm
[DETECTION] Contains recognition pattern of the EXP/MS05-013 exploit
[NOTE] The file was moved to '4821716b.qua'!
C:\RECYCLER\S-1-5-21-2052111302-616249376-725345543-1006\Dc14\Adobe.Photoshop.CS2.rar
[0] Archive type: RAR
--> CS2\keygen.exe
[DETECTION] Contains recognition pattern of the WORM/Autorun.cxl worm
[DETECTION] Contains recognition pattern of the WORM/Autorun.cxl worm
[NOTE] The file was moved to '4962c621.qua'!
C:\RECYCLER\S-1-5-21-2052111302-616249376-725345543-1006\Dc14\rebuilt.rebuilt.Photoshop_CS2_tryout.zip
[0] Archive type: ZIP
--> Photoshop CS2/Adobe(R) Photoshop(R) CS2/Data1.cab
[1] Archive type: CAB (Microsoft)
--> _41D776C4957642068D4AA50F913C9A4B
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\RECYCLER\S-1-5-21-2052111302-616249376-725345543-1006\Dc14\images\rebuilt.Photoshop_CS2_tryout.zip
[0] Archive type: ZIP
--> Photoshop CS2/Adobe(R) Photoshop(R) CS2/Data1.cab
[1] Archive type: CAB (Microsoft)
--> _41D776C4957642068D4AA50F913C9A4B
[WARNING] No further files can be extracted from this archive. The archive will be closed


End of the scan: Monday, October 13, 2008 23:07
Used time: 2:12:28 Hour(s)

The scan has been canceled!

16349 Scanning directories
442125 Files were scanned
43 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
42 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
442081 Files not concerned
5399 Archives were scanned
3 Warnings
42 Notes

The scan canceled at 99% percent I think, not sure why though.

Did you follow my other steps and run them on the administrator account? For some reason you are still seeing detections in your temp folders...

Yeah, I'm using an administrator account

Did you follow all my instructions though? I instructed you two use three different temp file cleaners:
1) ATF-Cleaner
2) CCleaner
3) Windows's Disk Cleanup

Any of these should have cleaned up your temp files as well as emptied your recycle bin. We ran all three and yet, you are still getting detections in your recycle bin and temp folders. Am i missing something here?

How many users accounts are on the computer? If you have followed my instructions fully, please trying logging into each user account individually and running the above 3 programs.

Yeah, I done all 3 of these. I followed your instructions exactly.

There are 4 users, I'll try logging into each now.

Ok, I've used the 3 different cleaners on every user account.

I'm assuming I should post a Hijack This log?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:08:08 PM, on 10/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\winmech\NTSERV~1\srunner.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\PokerTracker 3\PokerTracker.exe
C:\Program Files\PokerTracker 3\PokerTracker.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O17 - HKLM\System\CCS\Services\Tcpip\..\{71F536DA-0383-44D5-9C3B-E98F81A1B3B0}: NameServer = 62.24.222.135 62.24.222.134
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - c:\windows\svchost.exe (file missing)
O23 - Service: Security Services Internet (winmech) - Unknown owner - C:\WINDOWS\winmech\NTSERV~1\srunner.exe

--
End of file - 4240 bytes

Thanks. Could you do me a favor and update MBAM and run a full system scan and post that log as well? In the meantime i'll be looking through your HJT log.

You still have some active malware running however i'd rather not run you through the hassle of removing the service manually. Could you run this online scanner for me? http://www.pandasecurity.com/homeuse...ns/activescan/ Save the report and paste it here in your next reply along with a fresh hijackthis log. Also, fix everything that panda finds. EDIT: Please register with Panda real fast for their disinfection capabilities instead of just report only. Or alternatively, run trend micro's housecall free scanl.

Do you know what this entry is O17 - HKLM\System\CCS\Services\Tcpip\..\{71F536DA-0383-44D5-9C3B-E98F81A1B3B0}: NameServer = 62.24.222.135 62.24.222.134? Or recognize those IP's in your internet settings?