infected WinBlueSoft please help

"{761C039E-3709-4715-834A-4A17AD1F0578}"= TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{93D90DC2-A6AE-4BDD-A7E2-A91459319384}"= UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{EBE4AFE7-E221-4DFD-A0F7-E03DC129BC87}"= TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{0BFAAF13-D332-44F7-8293-3A5871AEA6CF}"= UDP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{155840C3-BF79-4588-B29E-7B5F6BE622E9}"= TCP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{CA46294F-5472-4873-9F60-FB83CA76016D}"= UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{10FA813D-F8AD-407A-8281-D18A6B4B2613}"= TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"TCP Query User{2FAB5531-5F74-4771-BFD5-66F64C75DB3D}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
"UDP Query User{EE0410C7-1803-46FF-8EE8-50477F0A0135}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
"TCP Query User{F132BBC8-B858-46BC-8A44-B7AF5FB9DB7A}c:\\program files\\bitlord\\bitlord.exe"= UDP:c:\program files\bitlord\bitlord.exe:BitLord
"UDP Query User{BA252A4F-F4CD-479A-863F-A117ACCFAA2E}c:\\program files\\bitlord\\bitlord.exe"= TCP:c:\program files\bitlord\bitlord.exe:BitLord
"TCP Query User{E0D038F8-68D3-40C4-8D26-7348FB7E3AFD}c:\\program files\\steam\\steamapps\\scott_mc\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\scott_mc\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{0E61E00F-E6FD-47B6-BEB6-75E77EA9BA12}c:\\program files\\steam\\steamapps\\scott_mc\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\scott_mc\condition zero\hl.exe:Half-Life Launcher
"{6FBB6E09-464E-4261-9C57-354A6723B0A1}"= UDP:c:\program files\IDA\idag.exe:Interactive Disassembler (32-bit)
"{29194911-63D9-4033-ACE7-9A4FDC7E756B}"= TCP:c:\program files\IDA\idag.exe:Interactive Disassembler (32-bit)
"{21DB8702-17AC-44E1-AFBB-717A9F9B0FFC}"= UDP:c:\program files\IDA\idag64.exe:Interactive Disassembler (64-bit)
"{83FF4F94-FAB9-4ED2-B6BF-1158977F33E1}"= TCP:c:\program files\IDA\idag64.exe:Interactive Disassembler (64-bit)
"TCP Query User{8A4D63AA-F8A3-4F89-9355-F2D887A51F9D}c:\\program files\\skype\\phone\\skype.exe"= Disabled:UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{E7AE56B6-2249-4F7D-9D2B-50F8058312D8}c:\\program files\\skype\\phone\\skype.exe"= Disabled:TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{A857F673-DB63-4421-ABFF-745A1E46C1BF}c:\\program files\\steam\\steamapps\\aston1shed_2010\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\aston1shed_2010\counter-strike source\hl2.exe:hl2
"UDP Query User{A57BB077-43E0-4EEF-85CE-B08893460288}c:\\program files\\steam\\steamapps\\aston1shed_2010\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\aston1shed_2010\counter-strike source\hl2.exe:hl2
"TCP Query User{5EE58F85-44BB-4B3B-B3F3-1AA97C5765BF}c:\\program files\\world of warcraft\\wow-2.3.3.7799-to-2.4.0.8089-engb-downloader.exe"= UDP:c:\program files\world of warcraft\wow-2.3.3.7799-to-2.4.0.8089-engb-downloader.exe:Blizzard Downloader
"UDP Query User{95A13781-1EE4-44DF-8F37-FF2460C8C19E}c:\\program files\\world of warcraft\\wow-2.3.3.7799-to-2.4.0.8089-engb-downloader.exe"= TCP:c:\program files\world of warcraft\wow-2.3.3.7799-to-2.4.0.8089-engb-downloader.exe:Blizzard Downloader
"TCP Query User{7BFF6A19-89EB-4891-8D56-C88F3835E53E}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= UDP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{6273C1DA-AE93-42A6-A01E-29066F7E7A38}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= TCP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{6769E78C-C1D5-4936-B1C9-C348886DB1AD}c:\\program files\\steam\\steamapps\\mcpc0@hotmail.com\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\mcpc0@hotmail.com\counter-strike source\hl2.exe:hl2
"UDP Query User{8D92652B-33E3-441B-8F9E-F6064597F3F1}c:\\program files\\steam\\steamapps\\mcpc0@hotmail.com\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\mcpc0@hotmail.com\counter-strike source\hl2.exe:hl2
"TCP Query User{4C8B887C-6D85-4D0C-9BBD-6C24DB160FC2}c:\\program files\\steam\\steamapps\\mcpc0@hotmail.com\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\mcpc0@hotmail.com\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{38F2F7A1-0253-49B6-ABD8-1FA34F5019F2}c:\\program files\\steam\\steamapps\\mcpc0@hotmail.com\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\mcpc0@hotmail.com\counter-strike\hl.exe:Half-Life Launcher
"{3D71B7BF-19E3-4582-8AD0-954D0C7AC474}"= UDP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{3645D606-55F3-487D-B4E5-8322826077BF}"= TCP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{8F3314DB-ABA0-4197-AE88-C9C7964A1B43}"= UDP:c:\program files\Kontiki\KService.exe:Delivery Manager Service
"{B7D81DDF-80EC-4C5D-AE04-91C536678936}"= TCP:c:\program files\Kontiki\KService.exe:Delivery Manager Service
"TCP Query User{7CC15D18-11F5-4428-B568-8830E161A6CD}c:\\users\\scott\\desktop\\portable.limewire.pro.4.18.8.exe"= UDP:c:\users\scott\desktop\portable.limewire.pro.4.18.8.exe:portable.limewire.pro.4.18.8.exe
"UDP Query User{D8AC4E80-B614-4783-AD3D-E122B9999C5A}c:\\users\\scott\\desktop\\portable.limewire.pro.4.18.8.exe"= TCP:c:\users\scott\desktop\portable.limewire.pro.4.18.8.exe:portable.limewire.pro.4.18.8.exe
"TCP Query User{82734D7C-3062-430F-9D2E-159007884B3B}c:\\ac web ultimate repack\\ascent\\ascent-logonserver.exe"= UDP:c:\ac web ultimate repack\ascent\ascent-logonserver.exe:ascent-logonserver
"UDP Query User{43A8A9C4-CE05-4E42-8CF4-E3587B7E26D3}c:\\ac web ultimate repack\\ascent\\ascent-logonserver.exe"= TCP:c:\ac web ultimate repack\ascent\ascent-logonserver.exe:ascent-logonserver
"TCP Query User{8B462CEB-21BE-486B-8AA5-F0C553FE0304}c:\\ac web ultimate repack\\ascent\\ascent-world.exe"= UDP:c:\ac web ultimate repack\ascent\ascent-world.exe:ascent-world
"UDP Query User{B8DD5858-A32B-4068-81DE-F2347D10D300}c:\\ac web ultimate repack\\ascent\\ascent-world.exe"= TCP:c:\ac web ultimate repack\ascent\ascent-world.exe:ascent-world
"TCP Query User{FF6D3A18-52E4-4D74-9217-ACFA0CF452A8}c:\\ac web ultimate repack\\server\\apache\\bin\\apache.exe"= UDP:c:\ac web ultimate repack\server\apache\bin\apache.exe:Apache HTTP Server
"UDP Query User{A8D1B1A8-DB72-46A1-925F-1F203E3507A7}c:\\ac web ultimate repack\\server\\apache\\bin\\apache.exe"= TCP:c:\ac web ultimate repack\server\apache\bin\apache.exe:Apache HTTP Server
"TCP Query User{E9627F2D-A466-4E8B-8A18-0FB7877D6215}c:\\ac web ultimate repack\\server\\mysql\\bin\\mysqld.exe"= UDP:c:\ac web ultimate repack\server\mysql\bin\mysqld.exe:mysqld
"UDP Query User{776B35C2-F8A2-4AFE-BC46-67F6153EB124}c:\\ac web ultimate repack\\server\\mysql\\bin\\mysqld.exe"= TCP:c:\ac web ultimate repack\server\mysql\bin\mysqld.exe:mysqld
"TCP Query User{C31A3710-28D8-4889-981E-55F210F4CAD7}c:\\ac web ultimate repack\\arcemu\\arcemu-logonserver.exe"= UDP:c:\ac web ultimate repack\arcemu\arcemu-logonserver.exe:arcemu-logonserver
"UDP Query User{913B27BD-9F9C-4093-A659-52330AC937CE}c:\\ac web ultimate repack\\arcemu\\arcemu-logonserver.exe"= TCP:c:\ac web ultimate repack\arcemu\arcemu-logonserver.exe:arcemu-logonserver
"TCP Query User{294A466C-4755-48D6-B55C-4EBABD53325B}c:\\ac web ultimate repack\\arcemu\\arcemu-world.exe"= UDP:c:\ac web ultimate repack\arcemu\arcemu-world.exe:arcemu-world
"UDP Query User{D6D887F5-532A-4A73-989C-E30BC59F4E1A}c:\\ac web ultimate repack\\arcemu\\arcemu-world.exe"= TCP:c:\ac web ultimate repack\arcemu\arcemu-world.exe:arcemu-world
"TCP Query User{D5D7C6C6-8D0C-4799-8115-5A1C715F2D74}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{7FFD8DB4-5F51-4B51-88F2-DF04E90D67EF}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{97935961-DA5A-47BE-83D5-B115C3F5B8A0}c:\\users\\scott\\desktop\\wow-3.0.1.8874-ptr-eu-installer-downloader.exe"= UDP:c:\users\scott\desktop\wow-3.0.1.8874-ptr-eu-installer-downloader.exe:wow-3.0.1.8874-ptr-eu-installer-downloader.exe
"UDP Query User{82C4255D-1DCB-4D33-88E9-7F97EAF67D89}c:\\users\\scott\\desktop\\wow-3.0.1.8874-ptr-eu-installer-downloader.exe"= TCP:c:\users\scott\desktop\wow-3.0.1.8874-ptr-eu-installer-downloader.exe:wow-3.0.1.8874-ptr-eu-installer-downloader.exe
"TCP Query User{A1B5E320-41A9-4E4B-ABEB-89CA02571579}c:\\program files\\world of warcraft - copy\\repair.exe"= UDP:c:\program files\world of warcraft - copy\repair.exe:Blizzard Repair Utility
"UDP Query User{498E04BC-B1BD-48FF-8EA8-14DC00451860}c:\\program files\\world of warcraft - copy\\repair.exe"= TCP:c:\program files\world of warcraft - copy\repair.exe:Blizzard Repair Utility
"TCP Query User{F8FE4969-6E7D-4A77-8496-A079DA09A93B}c:\\program files\\world of warcraft - copy\\wow-2.1.3.6898-to-2.2.0.7272-engb-downloader.exe"= UDP:c:\program files\world of warcraft - copy\wow-2.1.3.6898-to-2.2.0.7272-engb-downloader.exe:Blizzard Downloader
"UDP Query User{AD5DDA51-4308-4945-B2ED-89F0592DC4ED}c:\\program files\\world of warcraft - copy\\wow-2.1.3.6898-to-2.2.0.7272-engb-downloader.exe"= TCP:c:\program files\world of warcraft - copy\wow-2.1.3.6898-to-2.2.0.7272-engb-downloader.exe:Blizzard Downloader
"TCP Query User{ED671AC8-5B18-4984-9CCE-87562CBE22D3}c:\\program files\\world of warcraft - copy\\wow-2.2.0.7272-to-2.2.2.7318-engb-downloader.exe"= UDP:c:\program files\world of warcraft - copy\wow-2.2.0.7272-to-2.2.2.7318-engb-downloader.exe:Blizzard Downloader
"UDP Query User{237044AF-1F00-4544-9D54-572CD9078D9E}c:\\program files\\world of warcraft - copy\\wow-2.2.0.7272-to-2.2.2.7318-engb-downloader.exe"= TCP:c:\program files\world of warcraft - copy\wow-2.2.0.7272-to-2.2.2.7318-engb-downloader.exe:Blizzard Downloader
"{B93CF040-4911-4DAF-91E6-7D307E801254}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{F6D13E30-3193-4E2F-8F82-FCF37FA3177A}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{4B65E87E-8CCA-4F7D-970B-C810914E5D3B}"= UDP:c:\program files\TalkTalk\agent\bin\bcont.exe:bcont.exe

"{44C4DDFA-6D41-43E5-9E08-E3A970B337F9}"= TCP:c:\program files\TalkTalk\agent\bin\bcont.exe:bcont.exe
"{6E532266-F880-4DD6-8EAC-B1EDBA938EA1}"= UDP:c:\program files\Common Files\SupportSoft\bin\tgsrvc.exe:tgsrvc.exe
"{D9BE21A9-5749-420A-8838-B98A37C95CF6}"= TCP:c:\program files\Common Files\SupportSoft\bin\tgsrvc.exe:tgsrvc.exe
"{BBEB5EED-8801-4B46-8508-40AA5D1D7DA3}"= UDP:c:\program files\TalkTalk\agent\bin\bcont_nm.exe:bcont_nm.exe
"{C5E7D008-C917-449F-8D85-50337B02873D}"= TCP:c:\program files\TalkTalk\agent\bin\bcont_nm.exe:bcont_nm.exe
"{DF2DCEFA-274D-41D3-86EE-AB4768D68936}"= UDP:c:\program files\TalkTalk\bin\sprtcmd.exe:sprtcmd.exe
"{2A70023B-CDF5-48D8-97DE-C0D0824A915A}"= TCP:c:\program files\TalkTalk\bin\sprtcmd.exe:sprtcmd.exe
"TCP Query User{C3BD3C09-8BD3-4D77-B521-38F9DCDD9781}c:\\program files\\tortun\\gui.exe"= UDP:c:\program files\tortun\gui.exe:gui
"UDP Query User{B2D76B43-452E-4ED5-B0D2-956075BFC292}c:\\program files\\tortun\\gui.exe"= TCP:c:\program files\tortun\gui.exe:gui
"TCP Query User{0386E685-E607-4206-8A42-09E6EF56C80A}c:\\program files\\steam\\steamapps\\mcpc0@hotmail.com\\day of defeat source\\hl2.exe"= UDP:c:\program files\steam\steamapps\mcpc0@hotmail.com\day of defeat source\hl2.exe:hl2
"UDP Query User{283D618A-4745-4627-AACF-E8ED08F28995}c:\\program files\\steam\\steamapps\\mcpc0@hotmail.com\\day of defeat source\\hl2.exe"= TCP:c:\program files\steam\steamapps\mcpc0@hotmail.com\day of defeat source\hl2.exe:hl2
"TCP Query User{FC851302-9865-47B5-95BD-1FF78B917F21}c:\\users\\scott\\appdata\\local\\temp\\blizzard launcher temporary - 6c6a4758\\launcher.exe"= UDP:c:\users\scott\appdata\local\temp\blizzard launcher temporary - 6c6a4758\launcher.exe:launcher.exe
"UDP Query User{F71A4240-4C90-4B5D-B6D5-13A8F6FF99B8}c:\\users\\scott\\appdata\\local\\temp\\blizzard launcher temporary - 6c6a4758\\launcher.exe"= TCP:c:\users\scott\appdata\local\temp\blizzard launcher temporary - 6c6a4758\launcher.exe:launcher.exe
"TCP Query User{D214C4D6-700C-4175-BB5C-F11AEF0AFC24}c:\\users\\scott\\appdata\\local\\temp\\blizzard launcher temporary - 0f0ffcd0\\launcher.exe"= UDP:c:\users\scott\appdata\local\temp\blizzard launcher temporary - 0f0ffcd0\launcher.exe:launcher.exe
"UDP Query User{9348E2C0-E968-494E-A173-B0C42D3BD649}c:\\users\\scott\\appdata\\local\\temp\\blizzard launcher temporary - 0f0ffcd0\\launcher.exe"= TCP:c:\users\scott\appdata\local\temp\blizzard launcher temporary - 0f0ffcd0\launcher.exe:launcher.exe
"TCP Query User{257BD373-9D1F-4380-B854-464C30B85AFB}c:\\users\\public\\games\\world of warcraft\\backgrounddownloader.exe"= UDP:c:\users\public\games\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"UDP Query User{F2318057-90F2-442E-BBD9-CAD97A836127}c:\\users\\public\\games\\world of warcraft\\backgrounddownloader.exe"= TCP:c:\users\public\games\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"{C4587A73-BA0E-44EE-B238-F0E1048CF282}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{7FB7EDD0-092B-4D0A-829C-4B3C10C01CA1}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{E4787157-F50F-4B65-9349-D55D48687E48}c:\\program files\\snatch_server\\winsnatch.exe"= UDP:c:\program files\snatch_server\winsnatch.exe:Snatch Server for Windows
"UDP Query User{3D06DECC-CD9E-4B58-8D48-B896700E8D77}c:\\program files\\snatch_server\\winsnatch.exe"= TCP:c:\program files\snatch_server\winsnatch.exe:Snatch Server for Windows
"TCP Query User{F178F7AD-413B-472D-AE08-D74D6065EAD5}c:\\users\\public\\games\\world of warcraft\\launcher.exe"= UDP:c:\users\public\games\world of warcraft\launcher.exe:Blizzard Launcher
"UDP Query User{25E261D6-2BDC-4473-BB5D-C2271245243C}c:\\users\\public\\games\\world of warcraft\\launcher.exe"= TCP:c:\users\public\games\world of warcraft\launcher.exe:Blizzard Launcher
"TCP Query User{93930A94-DB5E-4AC9-A59E-761BE56529A0}c:\\program files\\spotify\\spotify.exe"= UDP:c:\program files\spotify\spotify.exe:Spotify
"UDP Query User{2DBA4EE5-BC71-4B55-B671-45A0A0E72921}c:\\program files\\spotify\\spotify.exe"= TCP:c:\program files\spotify\spotify.exe:Spotify
"TCP Query User{C273D41D-D929-456A-A949-D9DB800A34A4}c:\\program files\\america's army deploy client\\aadeployclient.exe"= UDP:c:\program files\america's army deploy client\aadeployclient.exe:AADeployClient
"UDP Query User{72A20655-C501-4788-9C56-A1A5D62C7247}c:\\program files\\america's army deploy client\\aadeployclient.exe"= TCP:c:\program files\america's army deploy client\aadeployclient.exe:AADeployClient
"{27FD320C-9022-4B60-9BC8-1E7C8BC8C884}"= UDP:c:\program files\Curse\CurseClient.exe:Curse Client
"{03058D59-FF08-4E62-964E-2564BCE0AD1A}"= TCP:c:\program files\Curse\CurseClient.exe:Curse Client
"TCP Query User{515DDE03-7182-4150-B0EE-B307B959FAF6}c:\\program files\\java\\jre6\\bin\\javaw.exe"= UDP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{816AE5B4-3E60-4D7A-9DD2-06AF3CB436A8}c:\\program files\\java\\jre6\\bin\\javaw.exe"= TCP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"{63B92931-EDFF-4991-8084-CDDD299AD809}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{BFB04170-1A10-41EA-97EF-628C5015A893}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

R2 sprtsvc_TalkTalk;SupportSoft Sprocket Service (TalkTalk);c:\program files\TalkTalk\bin\sprtsvc.exe [12/10/2007 10:33 202016]
R2 tgsrvc_TalkTalk;SupportSoft Repair Service (TalkTalk);c:\program files\Common Files\SupportSoft\bin\tgsrvc.exe [02/08/2007 15:42 148768]
S2 gupdate1c98fbc2d3a1698;Google Update Service (gupdate1c98fbc2d3a1698);c:\program files\Google\Update\GoogleUpdate.exe [15/02/2009 23:24 133104]
S3 DAdderFltr;DeathAdder Mouse;c:\windows\System32\drivers\dadder.sys [11/10/2007 16:36 10880]
S3 LachesisFltr;Lachesis Mouse Driver;c:\windows\System32\drivers\Lachesis.sys [29/05/2008 12:23 12032]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\System32\drivers\s115bus.sys [23/04/2007 14:54 83208]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [18/06/2009 21:06 356920]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-06-18 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-07-18 23:21]

2009-06-18 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-15 22:24]

2009-06-17 c:\windows\Tasks\Uniblue SpeedUpMyPC Nag.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2008-07-02 08:02]

2008-07-02 c:\windows\Tasks\Uniblue SpeedUpMyPC.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2008-07-02 08:02]

2008-07-02 c:\windows\Tasks\Uniblue SpyEraser.job
- c:\program files\Uniblue\SpyEraser\SpyEraser.exe [2008-07-02 08:03]

2009-06-18 c:\windows\Tasks\User_Feed_Synchronization-{048CF391-1260-4681-BF9F-F2955DFE09B8}.job
- c:\windows\system32\msfeedssync.exe [2009-05-12 11:31]

2009-06-17 c:\windows\Tasks\User_Feed_Synchronization-{FA0F7F40-8933-436D-B4E1-D7479C7FAB80}.job
- c:\windows\system32\msfeedssync.exe [2009-05-12 11:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
uInternet Settings,ProxyOverride = *.local
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\hz08j3tx.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1361345&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - The_Pirate_Bay Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: network.proxy.type - 4
FF - component: c:\users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\hz08j3tx.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\users\Scott\AppData\Roaming\VideoEgg\Loader\4665\npvideoegg-loader.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-18 22:50
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\users\Scott\AppData\Local\Temp\catchme.dll 53248 bytes executable

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3148453353-3273618780-4246070233-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
Completion time: 2009-06-18 22:52
ComboFix-quarantined-files.txt 2009-06-18 21:52
ComboFix2.txt 2009-06-18 21:25

Pre-Run: 268,200,202,240 bytes free
Post-Run: 267,107,250,176 bytes free

2356 --- E O F --- 2009-06-12 15:48

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

Malwarebytes' Anti-Malware 1.38
Database version: 2305
Windows 6.0.6002 Service Pack 2

18/06/2009 23:08:08
mbam-log-2009-06-18 (23-08-08).txt

Scan type: Quick Scan
Objects scanned: 92750
Time elapsed: 3 minute(s), 5 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 34
Registry Values Infected: 0
Registry Data Items Infected: 4
Folders Infected: 14
Files Infected: 152

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\vnbptxlf.baeq (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videoegg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\WinBlueSoft (Rogue.WinBlue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\DVDConv (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDConv (Trojan.DNSChanger) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.203,85.255.112.77 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{30c52b2a-14a3-4606-b240-ab98a4f283e1}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.203,85.255.112.77 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{30c52b2a-14a3-4606-b240-ab98a4f283e1}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.203,85.255.112.77 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{90af33a6-70b8-4cfb-9f38-e878f6a06510}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.203,85.255.112.77 -> Quarantined and deleted successfully.

Folders Infected:
c:\Users\Scott\AppData\Roaming\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\Loader (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\Loader\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520 (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\Updater\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDConv (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Program Files\DVDConv (Trojan.DNSChanger) -> Quarantined and deleted successfully.

Files Infected:
C:\Users\Scott\AppData\Roaming\VideoEgg\Loader\4665\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\Uninstall.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\Loader\loader.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\publisher\4520\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\Updater\4665\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\VideoEgg\Updater\4665\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\Users\Scott\AppData\Roaming\microsoft\Windows\start menu\Programs\DVDConv\Uninstall.lnk (Trojan.DNSChanger) -> Quarantined and deleted successfully.
c:\program files\DVDConv\Uninstall.exe (Trojan.DNSChanger) -> Quarantined and deleted successfully.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?

Hm im having real trouble getting bit defender started, the tick box in settings to make real-time protection and privacy control active are grey'd out and so i cannot restart it.

Try uninstalling it, then re-install it.

Well what can i say... computer is running superb so far!

Thank you so much. Excellent service!