Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Dlcpr.exe, how i hate you..

Options
  • 09-06-2009 11:55am
    #1
    ExoduS 18.11
    Closed Accounts Posts: 450 ✭✭


    Hello all, i'm currently getting hassled by a programme called dlcpr.exe. I think it may have come from a friends usb device, as at the time i stupidly had my windows firewall down. It pops up like a dos window, and has a little cursor flying around in the box. I dont know how serious it is, and it hasnt happened in a while after i ran some virus scans etc, but to be on the safe side i downloaded combofix as recommended on another thread and ran it. This is the log file it produced and if anyone could tell me whether im safe or not that'd be great. Thanks !
    ComboFix 09-06-08.03 - Patrick 09/06/2009 11:40.1 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.2046.842 [GMT 1:00]
    Running from: c:\documents and settings\Patrick\Desktop\ComboFix.exe
    AV: Norton Internet Security 2006 *On-access scanning enabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
    FW: Norton Internet Security 2006 *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
    FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Autorun.inf
    C:\DSETUP16.DLL
    c:\recycler\S-1-5-21-0243336031-4052116379-881863308-0851
    c:\recycler\S-1-5-21-0243336031-4052116379-881863308-0851\Desktop.ini
    C:\setup.exe
    c:\windows\kb913800.exe
    E:\Autorun.inf
    E:\Desktop.ini

    .
    ((((((((((((((((((((((((( Files Created from 2009-05-09 to 2009-06-09 )))))))))))))))))))))))))))))))
    .

    2009-06-08 23:19 . 2009-06-08 23:19
    d
    w- c:\documents and settings\All Users\Application Data\SITEguard
    2009-06-08 23:16 . 2009-06-08 23:16
    d
    w- c:\program files\STOPzilla!
    2009-06-08 23:16 . 2009-06-08 23:16
    d
    w- c:\program files\Common Files\iS3
    2009-06-08 23:16 . 2009-06-09 10:35
    d
    w- c:\documents and settings\All Users\Application Data\STOPzilla!
    2009-06-08 22:26 . 2009-06-09 09:02
    d
    w- c:\program files\Spybot - Search & Destroy
    2009-06-08 22:26 . 2009-06-08 23:31
    d
    w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2009-06-08 21:28 . 2009-06-08 21:28
    d
    w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
    2009-06-08 21:26 . 2009-06-09 09:02
    d
    w- c:\program files\DAEMON Tools Lite
    2009-06-08 21:20 . 2009-06-08 21:20 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
    2009-06-08 21:20 . 2009-06-08 21:29
    d
    w- c:\documents and settings\Patrick\Application Data\DAEMON Tools Lite
    2009-06-08 15:34 . 2009-06-08 15:34
    d
    w- c:\documents and settings\Patrick\Local Settings\Application Data\PunkBuster
    2009-06-04 23:29 . 2009-06-04 23:29
    d
    w- c:\windows\system32\windows media
    2009-06-04 23:29 . 2009-06-04 23:29
    d--h--w- c:\windows\msdownld.tmp
    2009-06-04 23:29 . 2009-06-04 23:29
    d
    w- c:\program files\Windows Media Components
    2009-06-04 23:25 . 2006-03-15 20:00 57398 ----a-w- c:\windows\system32\dllcache\imjpdadm.exe
    2009-06-03 18:10 . 2004-08-03 22:07 59264 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
    2009-06-01 23:51 . 2009-06-01 23:51 56 ---ha-w- c:\windows\system32\ezsidmv.dat
    2009-06-01 23:51 . 2009-06-09 09:06
    d
    w- c:\documents and settings\Patrick\Application Data\skypePM
    2009-06-01 23:49 . 2009-06-09 10:28
    d
    w- c:\documents and settings\Patrick\Application Data\Skype
    2009-06-01 23:49 . 2009-06-01 23:49
    d
    w- c:\program files\Common Files\Skype
    2009-06-01 23:49 . 2009-06-01 23:49
    d
    r- c:\program files\Skype
    2009-06-01 23:49 . 2009-06-01 23:49
    d
    w- c:\documents and settings\All Users\Application Data\Skype
    2009-05-28 13:16 . 2009-05-28 13:16 17408 ----a-r- c:\windows\system32\SZIO5.dll
    2009-05-28 13:15 . 2009-05-28 13:15 294912 ----a-r- c:\windows\system32\SZBase5.dll
    2009-05-28 13:14 . 2009-05-28 13:14 540672 ----a-r- c:\windows\system32\SZComp5.dll
    2009-05-16 21:19 . 2009-05-16 21:19 53760 ----a-w- c:\documents and settings\Patrick\Application Data\Thinstall\WORD 2007\300000008c00002h\offlb.exe
    2009-05-13 23:47 . 2009-05-13 23:47 53760 ----a-w- c:\documents and settings\Patrick\Application Data\Thinstall\WORD 2007\1000000b00002h\verclsid.exe
    2009-05-12 13:13 . 2009-05-12 13:13 61328 ----a-r- c:\windows\system32\drivers\SZKG.sys

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-06-09 10:46 . 2008-02-18 23:03
    d
    w- c:\documents and settings\Patrick\Application Data\DMCache
    2009-06-09 09:28 . 2006-10-26 10:53
    d
    w- c:\program files\NetWaiting
    2009-06-09 09:28 . 2006-10-26 17:09
    d--h--w- c:\program files\InstallShield Installation Information
    2009-06-09 09:24 . 2006-10-26 10:40
    d
    w- c:\program files\GemMaster
    2009-06-09 09:23 . 2006-12-26 01:44
    d
    w- c:\program files\Creative
    2009-06-09 09:20 . 2009-06-09 09:05 3144 ----a-w- c:\windows\system32\drivers\kgpcpy.cfg
    2009-06-09 09:08 . 2006-10-26 10:24
    d
    w- c:\program files\Common Files\Symantec Shared
    2009-06-08 18:50 . 2007-09-22 12:20 138168 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
    2009-06-08 18:50 . 2007-09-16 16:09 189472 ----a-w- c:\windows\system32\PnkBstrB.exe
    2009-06-08 15:36 . 2007-09-16 16:09 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
    2009-06-08 13:45 . 2007-09-16 19:21
    d
    w- c:\program files\EA GAMES
    2009-06-05 13:14 . 2006-10-26 10:16 70600 -c--a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-06-03 21:45 . 2006-12-26 01:02 410 ----a-w- c:\documents and settings\Patrick\Application Data\wklnhst.dat
    2009-04-25 11:58 . 2009-04-25 11:58 53760 ----a-w- c:\documents and settings\Patrick\Application Data\Thinstall\WORD 2007\4000002900002h\navw32.exe
    2009-04-25 11:58 . 2009-04-25 11:58
    d
    w- c:\documents and settings\Patrick\Application Data\Thinstall
    2009-04-16 14:50 . 2006-10-26 11:05
    d
    w- c:\program files\Common Files\LightScribe
    2009-04-16 13:07 . 2009-04-16 13:07
    d
    w- c:\program files\Bullfrog
    2009-04-16 12:39 . 2009-04-16 12:20
    d
    w- c:\program files\Mafia
    2009-03-27 09:56 . 2009-03-27 09:56 126976 ----a-r- c:\windows\system32\IS3HTUI5.dll
    2009-03-27 09:55 . 2009-03-27 09:55 393216 ----a-r- c:\windows\system32\IS3DBA5.dll
    2009-03-27 09:55 . 2009-03-27 09:55 372736 ----a-r- c:\windows\system32\IS3UI5.dll
    2009-03-27 09:55 . 2009-03-27 09:55 61440 ----a-r- c:\windows\system32\IS3Hks5.dll
    2009-03-27 09:54 . 2009-03-27 09:54 23040 ----a-r- c:\windows\system32\IS3XDat5.dll
    2009-03-27 09:54 . 2009-03-27 09:54 221184 ----a-r- c:\windows\system32\IS3Win325.dll
    2009-03-27 09:54 . 2009-03-27 09:54 94208 ----a-r- c:\windows\system32\IS3Inet5.dll
    2009-03-27 09:53 . 2009-03-27 09:53 90112 ----a-r- c:\windows\system32\IS3Svc5.dll
    2009-03-27 09:50 . 2009-03-27 09:50 716800 ----a-r- c:\windows\system32\IS3Base5.dll
    2006-12-25 19:10 . 2006-12-25 19:10 251 -c--a-w- c:\program files\wt3d.ini
    2005-10-12 15:04 . 2005-10-12 15:04 131072 -c--a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
    2006-06-07 14:40 . 2006-06-07 14:40 132848 -c--a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-04-28 692224]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-22 68856]
    "Steam"="d:\program files\steam.exe" [2009-05-23 1217784]
    "updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2005-08-18 307200]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2006-03-16 15360]
    "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
    "IDMan"="d:\internet download manager\IDMan.exe" [2008-07-15 931248]
    "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-04-16 24264488]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]
    "hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-04 458752]
    "SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-11 36975]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-09-27 7585792]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-09-27 86016]
    "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-02-11 53096]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-17 794713]
    "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-07-19 102400]
    "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-06-19 163840]
    "Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-06-19 40960]
    "RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]
    "Reminder"="c:\windows\CREATOR\Remind_XP.exe" [2006-02-09 643072]
    "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 221184]
    "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-28 81920]
    "PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-08 222208]
    "NSLauncher"="c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2006-11-28 2658304]
    "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 517768]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
    "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-07-07 167936]
    "MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2008-08-19 190024]
    "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
    "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-09-27 1617920]
    "MsmqIntCert"="mqrt.dll" - c:\windows\system32\mqrt.dll [2007-07-06 177152]
    "High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" - c:\windows\system32\CHDAudPropShortcut.exe [2006-06-02 61952]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-16 15360]
    "PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 1634304]

    c:\documents and settings\Patrick\Start Menu\Programs\Startup\
    PowerReg SchedulerV2.exe [2007-11-18 256000]

    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
    Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-5-12 581693]
    Extender Resource Monitor.lnk - c:\windows\ehome\RMSysTry.exe [2005-10-20 18432]
    HP Photosmart Premier Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\system32\MsgPlusLoader.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\WINDOWS\\system32\\mqsvc.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\uTorrent\\uTorrent.exe"=
    "c:\\WINDOWS\\system32\\PnkBstrA.exe"=
    "c:\\WINDOWS\\system32\\PnkBstrB.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "d:\\Program Files\\LimeWire\\LimeWire.exe"=
    "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\MSN Messenger\\livecall.exe"=
    "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
    "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
    "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
    "d:\\Rockstar Games Social Club\\RGSCLauncher.exe"=
    "d:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3776:UDP"= 3776:UDP:Media Center Extender Service
    "3390:TCP"= 3390:TCP:Remote Media Center Experience
    "12966:TCP"= 12966:TCP:BitComet 12966 TCP
    "12966:UDP"= 12966:UDP:BitComet 12966 UDP
    "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

    R0 szkg5;szkg;c:\windows\system32\drivers\SZKG.sys [12/05/2009 14:13 61328]
    R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [01/02/2007 00:57 24652]
    R3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ;c:\windows\system32\drivers\5U870CAP.sys [06/06/2006 21:39 61952]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\eengine\EraserUtilRebootDrv.sys [24/02/2007 00:41 102712]
    S3 DUSBTAWAN;DrayTek USB NDISWAN Driver;c:\windows\system32\DRIVERS\musbwn2k.sys --> c:\windows\system32\DRIVERS\musbwn2k.sys [?]
    S3 FakeWDMmdm;DWDMCOMM;c:\windows\system32\DRIVERS\dusbcomm.sys --> c:\windows\system32\DRIVERS\dusbcomm.sys [?]
    S3 mDTA128;miniVigor USB;c:\windows\system32\DRIVERS\musbta2kc.sys --> c:\windows\system32\DRIVERS\musbta2kc.sys [?]
    S3 MODBDA2;DiBcom MOD3000 TV receiver;c:\windows\system32\drivers\modbda2.sys [13/06/2006 02:53 68736]
    S3 PEEK5;PEEK5 Protocol Driver;\??\c:\docume~1\Patrick\LOCALS~1\Temp\Rar$EX01.344\WINDOW~1\AIRSNO~1.6_W\PEEK5.SYS --> c:\docume~1\Patrick\LOCALS~1\Temp\Rar$EX01.344\WINDOW~1\AIRSNO~1.6_W\PEEK5.SYS [?]

    --- Other Services/Drivers In Memory ---

    *NewlyCreated* - COMHOST

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    QWAVE REG_MULTI_SZ QWAVE
    .
    Contents of the 'Scheduled Tasks' folder

    2009-06-04 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 12:42]

    2009-06-05 c:\windows\Tasks\Norton AntiVirus - Run Full System Scan - Patrick.job
    - c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2005-10-07 11:13]
    .
    - - - - ORPHANS REMOVED - - - -

    HKCU-Run-MsnMsgr - c:\program files\Windows Live\Messenger\MsnMsgr.Exe
    HKCU-Run-LClock - c:\program files\LClock\LClock.exe
    HKCU-Run-Vista Sidebar - c:\program files\Vista Sidebar\sidebar.exe
    HKCU-Run-ViStart - c:\program files\ViStart\ViStart.exe
    HKCU-Run-VisualTooltip - c:\program files\VisualTooltip\VisualToolTip.exe
    SafeBoot-procexp90.Sys


    .
    Supplementary Scan
    .
    uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=pavilion&pf=laptop
    uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=pavilion&pf=laptop
    uInternet Settings,ProxyOverride = *.local
    IE: Download all links with IDM - d:\internet download manager\IEGetAll.htm
    IE: Download FLV video content with IDM - d:\internet download manager\IEGetVL.htm
    IE: Download with IDM - d:\internet download manager\IEExt.htm
    IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    LSP: c:\program files\Common Files\iS3\Anti-Spyware\iS3lsp.dll
    FF - ProfilePath - c:\documents and settings\Patrick\Application Data\Mozilla\Firefox\Profiles\ugl3b77b.default\
    FF - prefs.js: browser.search.selectedEngine - DAEMON Search
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.ie/firefox?client=firefox-a&rls=org.mozilla:en-US:official
    FF - component: c:\documents and settings\Patrick\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
    FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
    FF - plugin: c:\documents and settings\Patrick\Application Data\VideoEgg\Loader\4665\npvideoegg-loader.dll
    FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll
    FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll
    FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll
    FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll
    FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll
    FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll
    FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\NPLV80Win32.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\NPLV82Win32.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
    FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
    FF - plugin: d:\program files\DivX Content Uploader\npUpload.dll
    FF - plugin: d:\program files\DivX Player\npDivxPlayerPlugin.dll
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-06-09 11:45
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ???Hj??????`?

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    LOCKED REGISTRY KEYS

    [HKEY_USERS\S-1-5-21-3013978292-1391118798-986020059-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4B92988C-0347-95CD-C8C3-17D7783AEDE8}*]
    @Allowed: (Read) (RestrictedCode)
    @Allowed: (Read) (RestrictedCode)

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{080f0b92-c235-4f08-91e5-dfcacd70cdfd}]
    @Denied: (Full) (Everyone)
    "Model"=dword:00000043
    "Therad"=dword:00000014

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3555272f-a77b-4254-ad1a-2fc40c93e575}]
    @Denied: (Full) (Everyone)
    "Model"=dword:000000c3
    "Therad"=dword:00000013
    "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,a4,09,8b,91,8a,
    32,51,9b,04,a3,b7,bd,5b,11,77,40,03,29,24,ea,7f,a2,69,f7,bd,7f,97,94,4f,ee,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
    @Denied: (Full) (Everyone)
    "scansk"=hex(0):9b,8a,81,e6,b8,df,12,37,d4,cc,5e,0d,d5,ac,4e,1b,77,52,0f,bc,c2,
    10,51,17,11,0e,18,37,68,cb,e4,93,30,34,19,63,0a,5b,43,11,00,00,00,00,00,00,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
    @Denied: (Full) (Everyone)
    "scansk"=hex(0):a1,c4,2d,e2,a5,3b,78,a3,59,4f,e5,aa,1b,a3,12,f7,c3,66,1b,82,2a,
    d5,9f,e6,a3,6f,e5,4d,2e,49,1c,6b,39,51,31,74,ff,e5,c3,bb,00,00,00,00,00,00,\
    .
    DLLs Loaded Under Running Processes

    - - - - - - - > 'winlogon.exe'(1112)
    c:\windows\system32\MsgPlusLoader.dll

    - - - - - - - > 'lsass.exe'(1168)
    c:\windows\system32\MsgPlusLoader.dll
    c:\program files\Common Files\iS3\Anti-Spyware\iS3lsp.dll
    .
    Completion time: 2009-06-09 11:49
    ComboFix-quarantined-files.txt 2009-06-09 10:49

    Pre-Run: 9,815,506,944 bytes free
    Post-Run: 10,349,985,792 bytes free

    WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

    278 --- E O F --- 2009-06-06 00:02


Comments

  • Options
    #2
    ActorSeeksJob
    Closed Accounts Posts: 1,970 ✭✭✭ActorSeeksJob


    don't put the logs in quotes

    Please download OTM
    • Save it to your desktop.
    • Please double-click OTM to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
    • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
      :Processes
explorer.exe

:Services

:Reg

:Files
c:\windows\system32\drivers\kgpcpy.cfg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
    • Return to OTM, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
    • Click the red Moveit! button.
    • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
    • Close OTM
    Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.



    Download Flash_Disinfector.exe from here and save it to your desktop.
    • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
    • The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
    • Wait until it has finished scanning and then exit the program.
    • Reboot your computer when done.

      Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you run it. Don't delete this folder...it will help protect your drives from future infection.


  • Options
    #3
    ExoduS 18.11
    Closed Accounts Posts: 450 ✭✭ExoduS 18.11


    sorry about that, I dont have the flash drive with me, so should i run that flash programme anyways on my computer? Also, when i click your link to OTM my browser freezes and nothing happens ?

    Edit: I went to geekstogo, but they dont have OTM listed?


  • Options
    #4
    ActorSeeksJob
    Closed Accounts Posts: 1,970 ✭✭✭ActorSeeksJob


    Delete this file yourself then

    c:\windows\system32\drivers\kgpcpy.cfg


    and go run flash drive disinfecter anyway


  • Options
    #5
    ExoduS 18.11
    Closed Accounts Posts: 450 ✭✭ExoduS 18.11


    Thanks for your replies. I deleted that file, although i dont know what that file was? The link provided freezes up my browser so couldnt run it. Should i be ok without it ? have you heard of this file before?


  • Options
    #6
    ActorSeeksJob
    Closed Accounts Posts: 1,970 ✭✭✭ActorSeeksJob


    do this

    Download TFC to your desktop
    • Open the file and close any other windows.
    • It will close all programs itself when run, make sure to let it run uninterrupted.
    • Click the Start button to begin the process. The program should not take long to finish its job
    • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean




    Please download Malwarebytes' Anti-Malware from Here

    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.
    Extra Note:
    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.






    Go to Kaspersky website and perform an online antivirus scan.
    1. Read through the requirements and privacy statement and click on Accept button.
    2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
    3. When the downloads have finished, click on Settings.
    4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
        Spyware, Adware, Dialers, and other potentially dangerous programs
        Archives
        Mail databases
      [*]Click on My Computer under Scan.
      [*]Once the scan is complete, it will display the results. Click on View Scan Report.
      [*]You will see a list of infected items there. Click on Save Report As....
      [*]Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.


    5. Advertisement
    6. Options
      #7
      ExoduS 18.11
      Closed Accounts Posts: 450 ✭✭ExoduS 18.11


      Here is the log from Malwarebytes, this was done before the THC cleanup.
      sorry about the quote !
      Malwarebytes' Anti-Malware 1.37
      Database version: 2252
      Windows 5.1.2600 Service Pack 2

      09/06/2009 13:37:44
      mbam-log-2009-06-09 (13-37-44).txt

      Scan type: Quick Scan
      Objects scanned: 103106
      Time elapsed: 7 minute(s), 33 second(s)

      Memory Processes Infected: 0
      Memory Modules Infected: 0
      Registry Keys Infected: 27
      Registry Values Infected: 0
      Registry Data Items Infected: 1
      Folders Infected: 18
      Files Infected: 274

      Memory Processes Infected:
      (No malicious items detected)

      Memory Modules Infected:
      (No malicious items detected)

      Registry Keys Infected:
      HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videoegg (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.

      Registry Values Infected:
      (No malicious items detected)

      Registry Data Items Infected:
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

      Folders Infected:
      c:\documents and settings\Patrick\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\Resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Loader (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Loader\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Updater\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.

      Files Infected:
      C:\Documents and Settings\Patrick\Application Data\VideoEgg\Loader\4665\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\DataLOCKED (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Uninstall.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\bebo_tv_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\bebo_tv_watermark_1.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\camcorder_slide copy.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\mobile_btn_highlighted copy.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\skin.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\skin.zip (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\videoegg-large.ico (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\videoegg-small.ico (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\videoegg.ico (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Data\resources\gid329\cid1124\bebo03\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Loader\loader.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\publisher\4520\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Updater\VideoEggBroker.exe.old (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Updater\4665\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      c:\documents and settings\Patrick\application data\VideoEgg\Updater\4665\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.


    7. Options
      #8
      ActorSeeksJob
      Closed Accounts Posts: 1,970 ✭✭✭ActorSeeksJob


      ok lets see the kaspersky log as well


    8. Options
      #9
      ExoduS 18.11
      Closed Accounts Posts: 450 ✭✭ExoduS 18.11


      thats taking some time to complete, so i will edit this post when it finishes, i really appreciate this help thank you very much!
      Edit: crashed twice, third attempt and im only 40% done after 2 hours!


    Advertisement