[RESOLVED] Trojan problem

  1. 19-07-2008  #1
    M_aureus
    M_aureus is offline Newbie

    Unhappy [RESOLVED] Trojan problem

    Hi guys, I seem to have a trojan, that according to Windows Defender is a severe trojan. When I go about to run HijackThis it crashes it..

    The trojan appears in Windows Defender as Trojan:Win32/Vundo.gen!C

    Please could someone help!
    Last edited by Digerati; 19-07-2008 at 04:11 PM. Reason: Move to correct forum

  3. 19-07-2008  #2
    M_aureus
    M_aureus is offline Newbie
    Hi guys, wondering if you could help me, I have a trojan that according to Windows Defender is a server trojan!!

    I tried to run Hijackthis, but the scan ran, but the as soon as I went to save a log it keeps on saying that I have to delete HiJackThis for it to work

    I ran both AVG and Avast virus scan and neither one could find anything. And anything they found and removed did not help....

    When I perform a Windows Defender scan the name of the trojan is
    Trojan:Win32/Vundo.gen!E Actually the first time I ran the scan the trojan was Trojan:Win32/Vundo.gen!C

    Please could someone help me!
  4. 20-07-2008  #3
    VopThis
    VopThis is offline Senior Member (Canada)
    * Please download Malwarebytes' Anti-Malware from HERE or HERE

    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, initially select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish, so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked , and click Remove Selected.
    • When disinfection is completed , a log will open in Notepad and you may be prompted to Restart(See Extra Note).
    • A run log is automatically saved by MBAM and can be viewed by clicking the Logs TAB in MBAM.
    • Copy&Paste the entire report in your next reply along with a fresh HijackThis log (see instructions below).


    Tell us how you PC is now doing.


    Extra Note:
    If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.




    ---------------------------------------------------
    Instructions to install HijackThis
    ---------------------------------------------------

    Click here to download HJTInstall.exe (Trend Micro HijackThis v2.0.2).
    • Save HJTsetup.exe to your desktop.
    • Double click on the HJTsetup.exe icon on your desktop.
    • By default it will install to C:\Program Files\HijackThis.
    • Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
    • Put a check by Create a desktop icon then click Next again.
    • Continue to follow the rest of the prompts from there.
    • At the final dialogue box click Finish and it will launch HijackThis.

    • Click on the Do a system scan and save a logfile button.
      • It will scan and the log should open in notepad.
      • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
      • Come back here to this thread and Paste the log in your next reply.
    • DO NOT use the AnalyseThis button, its findings are dangerous if misinterpreted.
    • DO NOT have HijackThis fix anything yet. Most of what it finds will be harmless or even required.
  5. 20-07-2008  #4
    M_aureus
    M_aureus is offline Newbie
    Hi there, thank you for the reply, this is the mbam log file:

    Malwarebytes' Anti-Malware 1.21
    Database version: 971
    Windows 6.0.6000

    20:22:22 20/07/2008
    mbam-log-7-20-2008 (20-22-22).txt

    Scan type: Quick Scan
    Objects scanned: 35833
    Time elapsed: 4 minute(s), 20 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 1
    Registry Keys Infected: 35
    Registry Values Infected: 1
    Registry Data Items Infected: 2
    Folders Infected: 12
    Files Infected: 154

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    C:\WINDOWS\System32\vtuuutuU.dll (Trojan.Vundo) -> Unloaded module successfully.

    Registry Keys Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{abbffa5f-6b66-477b-a56c-99f40558ce56} (Trojan.Vundo) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{abbffa5f-6b66-477b-a56c-99f40558ce56} (Trojan.Vundo) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{313907d9-4a98-43bd-bdd6-020bc0b5fb0c} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall\videoegg (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoe gg.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\MozillaPlugins\@videoeg g.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks\{313907d9-4a98-43bd-bdd6-020bc0b5fb0c} (Trojan.Vundo) -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\vtuuutuu -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\vtuuutuu -> Delete on reboot.

    Folders Infected:
    C:\Users\Mostafa\AppData\Roaming\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Loader (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Loader\4 665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520 (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Updater\ 4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.

    Files Infected:
    C:\WINDOWS\System32\vtuuutuU.dll (Trojan.Vundo) -> Delete on reboot.
    C:\WINDOWS\System32\Uutuuutv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\System32\Uutuuutv.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Loader\4 665\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Uninstal l.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Loader\l oader.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\big_logo_cropped. png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\button_browse_dow n.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\button_browse_ove r.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\button_browse_up. png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\camcorders_title. png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\camcorder_btn_hig hlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\camcorder_slide.p ng (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\corners_bottom_le ft.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\corners_bottom_le ft_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\corners_bottom_ri ght.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\corners_top_right .png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\done_capture_over .png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\dropshadow_bottom _left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\dropshadow_horiz. png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\dropshadow_vertic al.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\dv_fast_forward.p ng (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\email_instruction s.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\email_sent_down.p ng (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\email_sent_over.p ng (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\file_btn_highligh ted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\icon_camcorder.pn g (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\icon_camcorders.p ng (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\icon_camcorder_da rk.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\icon_camcorder_li ght.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\icon_file_dark.pn g (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\icon_file_light.p ng (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\icon_phone_dark.p ng (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\icon_phone_light. png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\icon_webcam_dark. png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\icon_webcam_light .png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\done_capture_down .png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\start_capture_dow n.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\uploading_thumbna il.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\mobile_btn_highli ghted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\mobile_slide_disa bled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\movie_placeholder .png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\player_fast_forwa rd.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\player_fast_forwa rd_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\player_rewind_dis abled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\player_rewind_to_ start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\refresh_list_down .png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\refresh_list_over .png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\refresh_list_up.p ng (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\start_capture_dis abled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\start_capture_ove r.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\start_over_highli ght.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\stop_capture_disa bled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\stop_capture_down .png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\stop_capture_over .png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\tab_slide_deselec ted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\text_camcorder.pn g (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\text_camcorder_hi ghlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\text_file_highlig ht.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\text_phone_highli ght.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\text_webcam_highl ight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\uploading_fill.pn g (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\uploading_high.pn g (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\uploading_medium. png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\waiting_for_email .png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\webcam_btn_highli ghted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Publishe r\4520\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Updater\ updater.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Updater\ updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Updater\ VideoEggBroker.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Updater\ 4665\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Users\Mostafa\AppData\Roaming\VideoEgg\Updater\ 4665\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.


    And this is the HiJackThis log file:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:31:58, on 20/07/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16681)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\WINDOWS\System32\rundll32.exe
    C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\AVG\AVG8\avgtray.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Saitek\Software\ProfilerU.exe
    C:\Program Files\Saitek\Software\SaiMfd.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    C:\Program Files\PowerISO\PWRISOVM.EXE
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Safari\Safari.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\SearchFilterHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK & Ireland
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK & Ireland
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
    O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.ex e" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\ProfilerU.exe
    O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\Saitek\Software\SaiMfd.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [uTorrent Application] utorrentapp.exe
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - AppInit_DLLs: avgrsstx.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 10334 bytes

    EDIT: The startup process is faster, I think its better now!
    Last edited by M_aureus; 20-07-2008 at 08:54 PM.
  6. 20-07-2008  #5
    VopThis
    VopThis is offline Senior Member (Canada)
    Save 20% on AVG Internet Security 2012 Suite!
    You should probably run the 'complete scan' for MBAM.

    Please note that the use of UTORRENT or other P2P application is likely responsible for your issues. If you continue to use such tools you may need to have one and only one-at-a-time stronger real-time (preventative always on) anti-malware tool in place such as MBAM, SuperAntiSpyware, SpySweeper, or Spyware Doctor. Such tools MAY help but will not guarantee the absence of problems.


    Let us know if you are having any additional issues.
    Last edited by VopThis; 20-07-2008 at 09:39 PM. Reason: one tool at a time
+ Reply to Thread
« Anti virus programs | Browser Problems(RESOLVED) »