HELP! pc crash after boot with dll error possble virus??

no worries thanks for the help i thought i was going to have to tell him where to go. you guys rock!

 

Thanks Locoeng.

Hey Muage.

Yes, service pack 3 can be installed, but not until we've finished our cleanup. And the java update I mentioned was java 1.6.0.6.

Best Regards

 

hey Cdavfrew I did the superantispyware scan in safe mode and it took a while but at the end it asked to reboot, so i said ok. when the computer rebooted the RUNDLL error did not come up (rebooted normal mode ok?) now when i did another hijackthis scan that regisrty is still there strange does this sound ok?

 

Hey Muage. Post the Superantispyware scan log here, unless it did not detect anything.

Also, fix the registy entry in hijackthis. We'll have to see whether or not it is strange.

Best Regards

 

oh it found stuff alright!


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/19/2008 at 04:01 PM

Application Version : 4.15.1000

Core Rules Database Version : 3485
Trace Rules Database Version: 1476

Scan type : Complete Scan
Total Scan Time : 01:14:26

Memory items scanned : 161
Memory threats detected : 0
Registry items scanned : 6510
Registry threats detected : 3
File items scanned : 25969
File threats detected : 126

Adware.Tracking Cookie
C:\Documents and Settings\Neil Brown\Cookies\neil_brown@serving-sys[2].txt
C:\Documents and Settings\Neil Brown\Cookies\neil_brown@adinterax[2].txt
C:\Documents and Settings\Neil Brown\Cookies\neil_brown@bs.serving-sys[2].txt
.www.clash-media.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.www.clash-media.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.www.clash-media.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.www.clash-media.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.112.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.112.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.112.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.112.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.112.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.122.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.adinterax.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.adinterax.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.adtech.de [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.adultadworld.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.adultadworld.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.adultadworld.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.adultfriendfinder.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.adultfriendfinder.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.adulttraffsale.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.amazonms.122.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.aoluk.122.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.banners.adultfriendfinder.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.banners.adultfriendfinder.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.clickcompare.co.uk [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.clickcompare.co.uk [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.cracker.com.au [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.cracker.com.au [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.cz11.clickzs.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.cz11.clickzs.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.dealtime.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.e-2dj6wckoaic5wcp.stats.esomniture.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.e-2dj6wcl4shd5adp.stats.esomniture.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.e-2dj6whlikpdzodp.stats.esomniture.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.e-2dj6wjloogcpebp.stats.esomniture.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.edge.ru4.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.hotelopia.112.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.indextools.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.kinxxx.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.kinxxx.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.opodo.122.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.overture.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.overture.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.overture.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.pornbase.org [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.pornbase.org [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.pornhub.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.pornhub.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.porno-shack.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.porno-shack.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.qksrv.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.qksrv.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.roiservice.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.roiservice.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.sexintheuk.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.sexintheuk.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.sexintheuk.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.sexintheuk.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.sexintheuk.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.sexintheuk.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.sexintheuk.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.superstats.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.teenslikeitbig.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.teenslikeitbig.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.teens-photos.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.teens-photos.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.teletext.112.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.tjx.112.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.tracking.summitmedia.co.uk [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.trinitymirror.112.2o7.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.ufindus.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.ufindus.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.videoegg.adbureau.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.view.atdmt.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
.weborama.fr [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
ads.kinxxx.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
adserver.rawkus.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
adserving.autotrader.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
adverts.propertynews.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
adverts.propertynews.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
adverts2.propertynews.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
audit.median.hu [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
cracker.com.au [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
ffxcam.cracker.com.au [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
pornpro.org [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
server.iad.liveperson.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
server.iad.liveperson.net [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
uk.sitestat.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
uk.sitestat.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
uk.sitestat.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
uk.sitestat.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
uk.sitestat.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
uk.sitestat.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
www.clickcompare.co.uk [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
www.clickcompare.co.uk [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
www.etracker.de [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
www.googleadservices.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]
www.googleadservices.com [ C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt ]

Unclassified.SpywareBot (Not A Threat)
HKU\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\SpywareBot
C:\Program Files\SpywareBot\DataBaseNew.ref
C:\Program Files\SpywareBot\Log\log_2006_07_24_21_13_56.log
C:\Program Files\SpywareBot\Log\log_2006_07_25_10_22_28.log
C:\Program Files\SpywareBot\Log\log_2006_07_25_10_48_09.log
C:\Program Files\SpywareBot\Log\log_2006_07_25_10_50_35.log
C:\Program Files\SpywareBot\Log
C:\Program Files\SpywareBot\Settings\CustomScan.stg
C:\Program Files\SpywareBot\Settings\IgnoreList.stg
C:\Program Files\SpywareBot\Settings\ScanInfo.stg
C:\Program Files\SpywareBot\Settings\ScanResults.stg
C:\Program Files\SpywareBot\Settings\SelectedFolders.stg
C:\Program Files\SpywareBot\Settings\Settings.stg
C:\Program Files\SpywareBot\Settings
C:\Program Files\SpywareBot\SpywareBot.exe
C:\Program Files\SpywareBot

Adware.Zango Toolbar/Hb
HKCR\CLSID\{8109FD3D-D891-4F80-8339-50A4913ACE6F}
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoOI\dynamic
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoOI\static
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoOI
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoOL\dynamic
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoOL\static
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoOL
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\dynamic\890068.sdf
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\dynamic\ASPL1.dat
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\dynamic\hstat\34f1.dat
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\dynamic\hstat
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\dynamic\TooltipXML\99795
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\dynamic\TooltipXML
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\dynamic\ustat\34f1.dat
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\dynamic\ustat
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\dynamic
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\btntrans1.dat
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\buttondir.txt
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\components.cdf
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\default.cdf
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_511745-514279.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_bidzC_ZT_IE-ca.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_bidzC_ZT_IE-us.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_categorize.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_comparison.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_explorer-Mails.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_explorer-people.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_favorites.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_Games.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_Hide.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_hotbarcom.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_Hotmail.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_hsskin.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_jemster.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_jemsterie.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_jemsteruk.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_jobsearch.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_Mails.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_MobileSidewalk.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_MobileSW-US.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_new.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_premium.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_reun.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_ringtones.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_SearchBoxTrapper.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_searchfor.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_searchgo.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_weather.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Default_yellowpages.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\d_icons_buttons_1000.res
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\d_icons_buttons_2000.res
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\d_icons_buttons_3000.res
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\d_icons_buttons_bar.res
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\d_icons_buttons_bbar1.res
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\d_icons_buttons_logos.res
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\d_icons_buttons_other.res
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\email-def-511724-548964.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\email-def-511724-9595.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\email-t1-bg.res
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\icons2.res
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\keywords.idx
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\keywords1.dat
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\layout.cdf
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\linkpathlegal.txt
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\progress.res
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\sales_buttons.res
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\s_icons_buttons.res
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\t2_bg.res
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\theweb.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\top7.cdf
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\Top7_theweb.mnu
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\tsd_bg.res
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1\zango.res
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\1
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\BtnTrans.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\BtnTrans1.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\buttondir.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\default.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\d_icons_buttons_1000.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\d_icons_buttons_2000.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\d_icons_buttons_3000.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\d_icons_buttons_bar.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\d_icons_buttons_bbar1.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\d_icons_buttons_logos.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\d_icons_buttons_other.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\email-t1-bg.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\icons2.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\keywords.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\keywords1.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\layout.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\linkpathlegal.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\progress.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\sales_buttons.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\samplegroups2reg.txt
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\samplegroups2reg.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\s_icons_buttons.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\t2_bg.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\top7.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\tsd_bg.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad\zango.xip
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static\DownLoad
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar\static
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0\ZangoToolbar
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\v3.0
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar\zbar.log
C:\Documents and Settings\Neil Brown\Application Data\ZangoToolbar

Adware.Vundo Variant/Rel
HKLM\Software\Microsoft\Windows\CurrentVersion\Run#54a58e5f [ rundll32.exe "C:\WINDOWS\system32\itwtxkgv.dll",b ]
C:\SYSTEM VOLUME INFORMATION\_RESTORE{7F5EF55A-E29B-4901-A606-25FE10A89912}\RP254\A0089551.DLL.XXX
C:\WINDOWS\SYSTEM32\EOAYNWSG.DLL.XXX

Rogue.WinAntiVirusPro/SecurityCenter-Fake
C:\SYSTEM VOLUME INFORMATION\_RESTORE{7F5EF55A-E29B-4901-A606-25FE10A89912}\RP254\A0105561.CPL.XXX

 

Hey Muage.

Great! Looks like you're clean! Superantispyware removed all the malware (including more rogue antiviruses) installed by XP Antivirus, and once you've quarantined all these entries in safe mode, and then do another scan (also in safe mode) after a reboot, you'll be officially clean. Also, do a search in Windows for all files with the extension .xxx, and move them to an isolated folder, while taking note of the locations. We do this just in case of an windows error caused by the lack of one of these files.

As for the explaination to why the rundll error is gone despite the existing registry entry, it is because Superantispyware disabled the entry, so all you have to do is remove it in HijackThis.

There are two paths that you can take now. You can either choose to do either one, or do both as well.

One is to clean out all traces of the malware. Traces are settings, files, and registry entries left by malware, and are generally harmless. To do this, download both A-squared Free and Advanced Windowscare. Update both programs. Scan with A-squared, and post a scan log here without removing anything. Scan with Advanced Windowscare (with all items checked), and fix all.

Two is to clean out your parent's computer and to make it as good as new. First, you can update both windows service pack and java. Please note that you can uninstall earlier versions of java once the newest version has been installed. This will free up disk space. Secondly, download CCleaner and ATF Cleaner. Clean out the junk files on your computer with these two tools. Last, defragment the computer either with Windows Defragmenter (which might be pretty slow) or you can use a third party software defragmenter. Free examples of this include Iobit Smart Defrag, Auslogics Disk Defrag, and Defraggler.

The last thing you have to do, no matter which path you choose, is to secure your parent's computer against such infections.

For a good antivirus program, AVG 7 (which is the current one on your parent's computer) is definitely not on my top list. If your parents are willing to pay, Antivir Premium, Nod32, or Kaspersky all make good choices. However, a good free alternative is Antivir Free, which has superb detection compared to any other product. See Av-comparatives.org.

For spyware protection, I believe that you have already been introduced to Superantispyware. Even though the free version does not have real-time protection, it makes a great on-demand scanner. Spybot works great as well, both for immunization and on-demand scanning.

To secure your browser, SpywareBlaster, Advanced Windowscare, and Spybot all have great immunization abilities. However, you can also make your hosts file even better with HP Hosts file and MVPS. Also, Spybot's SDHelper does pretty well.

Firewalls are important too, and Comodo, Zonealarm, and Online Armor all make great free choices. For a less resource hogging program, Filseclab Firewall combined with Windows Firewall is a great setup as well.

Hope you found my advice useful, and congratulations on getting the computer clean. To learn more about such things, you can always join online programs such as Malware Removal and GeeksToGo, both of which have great malware training programs.

Best Regards

 

Dear Loco,

You aint. gonna get rid of me that easily. But since you have banned me. then begone I go. I'm 3 steps ahead when my edmund085 account is banned.
But It doesent mean I will subscribe to this account, Im unscribing it. Just liitle help cannot even offer. But I will have to say goodbye and wait until my other account is unbanned. But thanks, I knew my limitations. BUT YOU CAN"T GET RID OF ME HAT EASILY!. hehehehehe

Best Regards
Edmund085

 

Dear Creaky,

Hmmmm. Not good enough. More Practice. But Even Thou you banned this account(Im sure you gonna banned it.) So I will have to create a new account but Differnt I will change First Name, Last name. So that you Wont know me anymore. I'll just hide. And be someone else. So it means you can't get rid of me that easily. Hahahaha. After this I would not subscribe to this thread becuase you will think that is me. So go and find my new account. Hasta la vista people. hahahhah Not good enough creaky. hehehehhehe. And also why don't you start banning this account. I reccomend it also to delete it or whatever evil thing you can think of!!!!!!!!!!!!! Hahahahahhahahahahhahahahahahhahahahahahhahahahhaha!
YOU WILL NEVER CATCH ME!!!!!!!!!!
YOU CAN NEVER GET RID OF ME!!!!!!!!!!!!!
I AM EVERYWHERE!!!!!!!!!!!!
OR SOMEBODY!!!!!!!!!!!!!!!!


Best Regards,
Edmund085

 

This guy is smoking something! Cdavfrew I am doing the asquared scan at the minute and will post it up very soon, without removal of course.

 

Cdavfrew here is the asquared scan results.

a-squared Free - Version 3.5
Last update: 6/20/2008 3:13:18 PM

Scan settings:

Objects: Memory, Traces, Cookies, C:\, D:\
Scan archives: On
Heuristics: On
ADS Scan: On

Scan start: 6/20/2008 3:14:22 PM

c:\windows\downloaded program files\f3initialsetup1.0.0.15.inf detected: Trace.File.MyWebSearch Toolbar
Key: HKEY_CLASSES_ROOT\interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} detected: Trace.Registry.FunWebProducts
Key: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\software\kazaa detected: Trace.Registry.KaZaA
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} --> Installer detected: Trace.Registry.MyWebSearch Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} --> SystemComponent detected: Trace.Registry.MyWebSearch Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} --> DisplayName detected: Trace.Registry.MyWebSearch Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} --> URL detected: Trace.Registry.MyWebSearch Toolbar
Key: HKEY_CLASSES_ROOT\interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} detected: Trace.Registry.MyWebSearchToobar
Key: HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin detected: Trace.Registry.MyWebSearchToobar
Key: HKEY_CLASSES_ROOT\interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} detected: Trace.Registry.MyWebSearchToolbar
Key: HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin detected: Trace.Registry.MyWebSearchToolbar
c:\documents and settings\neil brown\application data\shareaza detected: Trace.Directory.Shareaza Lite
c:\documents and settings\neil brown\application data\shareaza\collections detected: Trace.Directory.Shareaza Lite
c:\documents and settings\neil brown\application data\shareaza\data detected: Trace.Directory.Shareaza Lite
c:\documents and settings\neil brown\application data\shareaza\torrents detected: Trace.Directory.Shareaza Lite
c:\documents and settings\neil brown\application data\shareaza\data\library1.dat detected: Trace.File.Shareaza Lite
c:\documents and settings\neil brown\application data\shareaza\data\tigertree.dat detected: Trace.File.Shareaza Lite
c:\documents and settings\neil brown\application data\shareaza\data\uploadqueues.dat detected: Trace.File.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{2EE9D739-7726-41cf-8F18-4B1B8763BC63}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{394011F0-6D5C-42a3-96C6-24B9AD6B010C}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{3DC28AA6-A597-4E03-96DF-ADA19155B0BE}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{4956C5F5-D9A8-4CBB-8994-F53CF55CFDF5}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{591A5CFF-3172-4020-A067-238542DDE9C2}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{5E6309F2-9971-4683-9445-F548E81BEC07}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{A4F1E383-B493-4580-8DB6-5CC89CBAAC53}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{BF00DBCC-90A2-4f46-8171-7D4F929D035F}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{C3B7B25C-6B8B-481A-BC48-59F9A6F7B69A}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{D07E630D-A850-4f11-AD29-3D3848B67EFE}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{D427C22F-23FB-4E51-A8B8-70F2036ED3BA}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Downloads --> CollectionPath detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Downloads --> CompletePath detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Downloads --> IncompletePath detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Downloads --> TorrentPath detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Plugins --> {2EE9D739-7726-41cf-8F18-4B1B8763BC63} detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Plugins --> {9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646} detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Settings --> FirstRun detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Settings --> GUIMode detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Settings --> Language detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Settings --> RatesInBytes detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Settings --> Running detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Settings --> VerboseMode detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Skins --> ShareazaOS\ShareazaOS.xml detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\VersionCheck --> NextCheck detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Windows --> CMainWnd.ShowCmd detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Windows --> CRemoteWnd.ShowCmd detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza --> Path detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza --> UserPath detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EE9D739-7726-41cf-8F18-4B1B8763BC63}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{394011F0-6D5C-42a3-96C6-24B9AD6B010C}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3DC28AA6-A597-4E03-96DF-ADA19155B0BE}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4956C5F5-D9A8-4CBB-8994-F53CF55CFDF5}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{591A5CFF-3172-4020-A067-238542DDE9C2}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5E6309F2-9971-4683-9445-F548E81BEC07}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4F1E383-B493-4580-8DB6-5CC89CBAAC53}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF00DBCC-90A2-4f46-8171-7D4F929D035F}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3B7B25C-6B8B-481A-BC48-59F9A6F7B69A}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D07E630D-A850-4f11-AD29-3D3848B67EFE}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D427C22F-23FB-4E51-A8B8-70F2036ED3BA}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\AudioVis --> Mike`s Simple Scopes detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\AudioVis --> Sonique Wrapper detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\AudioVis --> WMP Wrapper detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .avi detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .div detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .mp3 detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .mpeg detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .mpg detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\General --> Shareaza Image Viewer detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .avi detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .jpeg detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .jpg detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .mpeg detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .mpg detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .png detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\LibraryBuilder --> .sks detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\MediaPlayer --> Default detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{6434AFDA-BD68-492F-9A46-58E0160BDE6B}\InprocServer32 --> ThreadingModel detected: Trace.Registry.SpywareBot 3.6
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6434AFDA-BD68-492F-9A46-58E0160BDE6B}\InprocServer32 --> ThreadingModel detected: Trace.Registry.SpywareBot 3.6
C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt:18 detected: Trace.TrackingCookie
C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt:19 detected: Trace.TrackingCookie
C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt:462 detected: Trace.TrackingCookie
C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt:463 detected: Trace.TrackingCookie
C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt:464 detected: Trace.TrackingCookie
C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt:477 detected: Trace.TrackingCookie
C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt:494 detected: Trace.TrackingCookie
C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt:504 detected: Trace.TrackingCookie
C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt:505 detected: Trace.TrackingCookie
C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt:511 detected: Trace.TrackingCookie
C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt:577 detected: Trace.TrackingCookie
C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\cookies.txt:581 detected: Trace.TrackingCookie

Scanned

Files: 258158
Traces: 409204
Cookies: 641
Processes: 64

Found

Files: 0
Traces: 79
Cookies: 12
Processes: 0
Registry keys: 0

Scan end: 6/20/2008 4:52:51 PM
Scan time: 1:38:29

 

Hey Muage.

If you use Shareaza, which is a p2p client, and also a hotbed for malware, ignore these entries. If you don't, quarantine them.

c:\documents and settings\neil brown\application data\shareaza detected: Trace.Directory.Shareaza Lite
c:\documents and settings\neil brown\application data\shareaza\collections detected: Trace.Directory.Shareaza Lite
c:\documents and settings\neil brown\application data\shareaza\data detected: Trace.Directory.Shareaza Lite
c:\documents and settings\neil brown\application data\shareaza\torrents detected: Trace.Directory.Shareaza Lite
c:\documents and settings\neil brown\application data\shareaza\data\library1.dat detected: Trace.File.Shareaza Lite
c:\documents and settings\neil brown\application data\shareaza\data\tigertree.dat detected: Trace.File.Shareaza Lite
c:\documents and settings\neil brown\application data\shareaza\data\uploadqueues.dat detected: Trace.File.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{2EE9D739-7726-41cf-8F18-4B1B8763BC63}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{394011F0-6D5C-42a3-96C6-24B9AD6B010C}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{3DC28AA6-A597-4E03-96DF-ADA19155B0BE}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{4956C5F5-D9A8-4CBB-8994-F53CF55CFDF5}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{591A5CFF-3172-4020-A067-238542DDE9C2}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{5E6309F2-9971-4683-9445-F548E81BEC07}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{A4F1E383-B493-4580-8DB6-5CC89CBAAC53}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{BF00DBCC-90A2-4f46-8171-7D4F929D035F}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{C3B7B25C-6B8B-481A-BC48-59F9A6F7B69A}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{D07E630D-A850-4f11-AD29-3D3848B67EFE}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{D427C22F-23FB-4E51-A8B8-70F2036ED3BA}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Downloads --> CollectionPath detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Downloads --> CompletePath detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Downloads --> IncompletePath detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Downloads --> TorrentPath detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Plugins --> {2EE9D739-7726-41cf-8F18-4B1B8763BC63} detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Plugins --> {9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646} detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Settings --> FirstRun detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Settings --> GUIMode detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Settings --> Language detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Settings --> RatesInBytes detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Settings --> Running detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Settings --> VerboseMode detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Skins --> ShareazaOS\ShareazaOS.xml detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\VersionCheck --> NextCheck detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Windows --> CMainWnd.ShowCmd detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza\Windows --> CRemoteWnd.ShowCmd detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza --> Path detected: Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-2856535632-2678433624-3151318732-1006\Software\Shareaza\Shareaza --> UserPath detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EE9D739-7726-41cf-8F18-4B1B8763BC63}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{394011F0-6D5C-42a3-96C6-24B9AD6B010C}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3DC28AA6-A597-4E03-96DF-ADA19155B0BE}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4956C5F5-D9A8-4CBB-8994-F53CF55CFDF5}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{591A5CFF-3172-4020-A067-238542DDE9C2}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5E6309F2-9971-4683-9445-F548E81BEC07}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4F1E383-B493-4580-8DB6-5CC89CBAAC53}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF00DBCC-90A2-4f46-8171-7D4F929D035F}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3B7B25C-6B8B-481A-BC48-59F9A6F7B69A}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D07E630D-A850-4f11-AD29-3D3848B67EFE}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D427C22F-23FB-4E51-A8B8-70F2036ED3BA}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\AudioVis --> Mike`s Simple Scopes detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\AudioVis --> Sonique Wrapper detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\AudioVis --> WMP Wrapper detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .avi detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .div detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .mp3 detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .mpeg detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .mpg detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\General --> Shareaza Image Viewer detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .avi detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .jpeg detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .jpg detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .mpeg detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .mpg detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .png detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\LibraryBuilder --> .sks detected: Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\MediaPlayer --> Default detected: Trace.Registry.Shareaza Lite

Except for these entries, all the rest have to be quarantined, no exception.

How about the rest of the scans I told you to do?

Best Regards

 

Here is the cc scan. advanced windowscare found stuff but i fied them all and did not give report that was all the other scans you asked for right? ran ATF also and it cleaned stuff out but what i dont know. i'll get rid of that shareaza my brother uses it so i'll tell him not to do that anymore.


CLEANING COMPLETE - (11.695 secs)
------------------------------------------------------------------------------------------
100.4MB removed.
------------------------------------------------------------------------------------------

Details of files deleted
------------------------------------------------------------------------------------------
IE Temporary Internet Files (23 files) 0.21MB
C:\Documents and Settings\Neil Brown\Cookies\neil_brown@www.superantispyware[2].txt 120 bytes
C:\Documents and Settings\Neil Brown\Cookies\neil_brown@connextra[1].txt 102 bytes
C:\Documents and Settings\Neil Brown\Cookies\neil_brown@yahoo[2].txt 164 bytes
C:\Documents and Settings\Neil Brown\Cookies\neil_brown@forums.afterdawn[1].txt 306 bytes
C:\Documents and Settings\Neil Brown\Cookies\neil_brown@connextra[2].txt 308 bytes
C:\Documents and Settings\Neil Brown\Cookies\neil_brown@adz.afterdawn[1].txt 110 bytes
C:\Documents and Settings\Neil Brown\Cookies\neil_brown@quantserve[2].txt 201 bytes
C:\Documents and Settings\Neil Brown\Cookies\neil_brown@search.yahoo[1].txt 110 bytes
C:\Documents and Settings\Neil Brown\Cookies\neil_brown@update.microsoft[2].txt 146 bytes
C:\Documents and Settings\Neil Brown\Cookies\neil_brown@afterdawn[1].txt 754 bytes
C:\Documents and Settings\Neil Brown\Cookies\neil_brown@microsoft[2].txt 236 bytes
C:\Documents and Settings\Neil Brown\Cookies\neil_brown@google[1].txt 131 bytes
C:\Documents and Settings\Neil Brown\Local Settings\History\History.IE5\MSHist012008062020080621\index.dat 32.00KB
Marked for deletion: C:\Documents and Settings\Neil Brown\Local Settings\Temporary Internet Files\Content.IE5\index.dat
Marked for deletion: C:\Documents and Settings\Neil Brown\Cookies\index.dat
Marked for deletion: C:\Documents and Settings\Neil Brown\Local Settings\History\History.IE5\desktop.ini
Marked for deletion: C:\Documents and Settings\Neil Brown\Local Settings\History\History.IE5\index.dat
C:\WINDOWS\MiniDump\Mini031606-01.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-01.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-02.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-03.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-04.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-05.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-06.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-07.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-08.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-09.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-10.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-11.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-12.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-13.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-14.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-15.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-16.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-17.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-18.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-19.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-20.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-21.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-22.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-23.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-24.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-25.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-26.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-27.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-28.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-29.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-30.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-31.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-32.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-33.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-34.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-35.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-36.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-37.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-38.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-39.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-40.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-41.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-42.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-43.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-44.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-45.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-46.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-47.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-48.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060208-49.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060708-01.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060708-02.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060708-03.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini060708-04.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini061208-01.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini061208-02.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini061508-01.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini061508-02.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini061508-03.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini061708-01.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini061708-02.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini061708-03.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini061708-04.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini061708-05.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini061708-06.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini061708-07.dmp 88.00KB
C:\WINDOWS\MiniDump\Mini061708-08.dmp 88.00KB
C:\WINDOWS\system32\wbem\Logs\FrameWork.log 31.55KB
C:\WINDOWS\system32\wbem\Logs\mofcomp.log 11.56KB
C:\WINDOWS\system32\wbem\Logs\replog.log 550 bytes
C:\WINDOWS\system32\wbem\Logs\setup.log 5.18KB
C:\WINDOWS\system32\wbem\Logs\wbemcore.log 14.18KB
C:\WINDOWS\system32\wbem\Logs\wbemess.log 21.10KB
C:\WINDOWS\system32\wbem\Logs\wbemprox.log 36.95KB
C:\WINDOWS\system32\wbem\Logs\WinMgmt.log 385 bytes
C:\WINDOWS\system32\wbem\Logs\wmiadap.log 2.76KB
C:\WINDOWS\system32\wbem\Logs\wmiprov.log 55.21KB
C:\WINDOWS\system32\wbem\Logs\wbemess.lo_ 64.06KB
C:\WINDOWS\0.log 0 bytes
C:\WINDOWS\chipset.log 632 bytes
C:\WINDOWS\cmsetacl.log 373 bytes
C:\WINDOWS\comsetup.log 0.37MB
C:\WINDOWS\DirectX.log 994 bytes
C:\WINDOWS\DPINST.LOG 1.34MB
C:\WINDOWS\DtcInstall.log 867 bytes
C:\WINDOWS\EventSystem.log 1.18KB
C:\WINDOWS\FaxSetup.log 1.11MB
C:\WINDOWS\IDNMitigationAPIs.log 8.56KB
C:\WINDOWS\ie7.log 44.05KB
C:\WINDOWS\ie7_main.log 22.92KB
C:\WINDOWS\iis6.log 0.18MB
C:\WINDOWS\imsins.log 1.34KB
C:\WINDOWS\KB307154.log 3.81KB
C:\WINDOWS\KB835221.log 4.54KB
C:\WINDOWS\KB873333.log 7.09KB
C:\WINDOWS\KB873339.log 4.55KB
C:\WINDOWS\KB883939.log 10.53KB
C:\WINDOWS\KB884018.log 2.92KB
C:\WINDOWS\KB884575.log 3.80KB
C:\WINDOWS\KB885250.log 4.68KB
C:\WINDOWS\KB885835.log 5.54KB
C:\WINDOWS\KB885836.log 4.43KB
C:\WINDOWS\KB886185.log 5.49KB
C:\WINDOWS\KB887472.log 5.05KB
C:\WINDOWS\KB887742.log 4.65KB
C:\WINDOWS\KB888113.log 4.51KB
C:\WINDOWS\KB888239.log 3.76KB
C:\WINDOWS\KB888302.log 5.01KB
C:\WINDOWS\KB890046.log 6.22KB
C:\WINDOWS\KB890859.log 9.00KB
C:\WINDOWS\KB891781.log 4.52KB
C:\WINDOWS\KB892130.log 8.19KB
C:\WINDOWS\KB893056.log 4.39KB
C:\WINDOWS\KB893066.log 5.76KB
C:\WINDOWS\KB893086.log 6.19KB
C:\WINDOWS\KB893756.log 42.23KB
C:\WINDOWS\KB893803v2.log 5.64KB
C:\WINDOWS\KB894391.log 8.12KB
C:\WINDOWS\KB896358.log 5.95KB
C:\WINDOWS\KB896422.log 5.75KB
C:\WINDOWS\KB896423.log 41.52KB
C:\WINDOWS\KB896424.log 52.17KB
C:\WINDOWS\KB896428.log 5.38KB
C:\WINDOWS\KB898458.log 3.73KB
C:\WINDOWS\KB898461.log 15.81KB
C:\WINDOWS\KB899587.log 43.71KB
C:\WINDOWS\KB899588.log 6.63KB
C:\WINDOWS\KB899591.log 42.30KB
C:\WINDOWS\KB900485.log 15.14KB
C:\WINDOWS\KB900725.log 38.96KB
C:\WINDOWS\KB901017.log 47.93KB
C:\WINDOWS\KB901214.log 29.48KB
C:\WINDOWS\KB902400.log 46.08KB
C:\WINDOWS\KB904706.log 36.99KB
C:\WINDOWS\KB904942.log 11.53KB
C:\WINDOWS\KB905414.log 37.12KB
C:\WINDOWS\KB905749.log 33.55KB
C:\WINDOWS\KB905915.log 59.81KB
C:\WINDOWS\KB908519.log 39.88KB
C:\WINDOWS\KB908531.log 15.81KB
C:\WINDOWS\KB910437.log 41.19KB
C:\WINDOWS\KB911280.log 16.30KB
C:\WINDOWS\KB911562.log 15.08KB
C:\WINDOWS\KB911564.log 47.71KB
C:\WINDOWS\KB911565.log 46.49KB
C:\WINDOWS\KB911567.log 10.43KB
C:\WINDOWS\KB911927.log 58.05KB
C:\WINDOWS\KB912812.log 16.80KB
C:\WINDOWS\KB912919.log 42.38KB
C:\WINDOWS\KB913446.log 32.68KB
C:\WINDOWS\KB913580.log 11.75KB
C:\WINDOWS\KB914388.log 15.72KB
C:\WINDOWS\KB914389.log 11.62KB
C:\WINDOWS\KB914440.log 4.65KB
C:\WINDOWS\KB915865.log 6.25KB
C:\WINDOWS\KB916281.log 23.92KB
C:\WINDOWS\KB916595.log 14.03KB
C:\WINDOWS\KB917159.log 15.81KB
C:\WINDOWS\KB917344.log 14.62KB
C:\WINDOWS\KB917422.log 12.29KB
C:\WINDOWS\KB917734.log 12.11KB
C:\WINDOWS\KB917953.log 14.39KB
C:\WINDOWS\KB918118.log 13.38KB
C:\WINDOWS\KB918439.log 14.25KB
C:\WINDOWS\KB918899.log 32.78KB
C:\WINDOWS\KB919007.log 15.48KB
C:\WINDOWS\KB920213.log 16.71KB
C:\WINDOWS\KB920214.log 16.21KB
C:\WINDOWS\KB920670.log 12.13KB
C:\WINDOWS\KB920683.log 12.52KB
C:\WINDOWS\KB920685.log 17.13KB
C:\WINDOWS\KB920872.log 17.12KB
C:\WINDOWS\KB921398.log 16.15KB
C:\WINDOWS\KB921503.log 17.38KB
C:\WINDOWS\KB921883.log 16.02KB
C:\WINDOWS\KB922582.log 10.22KB
C:\WINDOWS\KB922616.log 15.77KB
C:\WINDOWS\KB922819.log 18.07KB
C:\WINDOWS\KB923191.log 12.79KB
C:\WINDOWS\KB923414.log 17.27KB
C:\WINDOWS\KB923689.log 14.48KB
C:\WINDOWS\KB923694.log 12.98KB
C:\WINDOWS\KB923723.log 12.95KB
C:\WINDOWS\KB923980.log 17.48KB
C:\WINDOWS\KB924191.log 18.26KB
C:\WINDOWS\KB924270.log 17.49KB
C:\WINDOWS\KB924496.log 18.98KB
C:\WINDOWS\KB924667.log 18.50KB
C:\WINDOWS\KB925398.log 14.96KB
C:\WINDOWS\KB925454.log 39.75KB
C:\WINDOWS\KB925486.log 13.61KB
C:\WINDOWS\KB925902.log 18.38KB
C:\WINDOWS\KB926255.log 13.82KB
C:\WINDOWS\KB926436.log 19.74KB
C:\WINDOWS\KB927779.log 24.89KB
C:\WINDOWS\KB927802.log 22.05KB
C:\WINDOWS\KB927891.log 7.92KB
C:\WINDOWS\KB928090-IE7.log 14.10KB
C:\WINDOWS\KB928255.log 21.71KB
C:\WINDOWS\KB928843.log 12.38KB
C:\WINDOWS\KB929123.log 19.53KB
C:\WINDOWS\KB929338.log 13.34KB
C:\WINDOWS\KB929969.log 6.88KB
C:\WINDOWS\KB930178.log 13.49KB
C:\WINDOWS\KB930916.log 11.58KB
C:\WINDOWS\KB931261.log 13.92KB
C:\WINDOWS\KB931768-IE7.log 18.07KB
C:\WINDOWS\KB931784.log 15.56KB
C:\WINDOWS\KB931836.log 30.02KB
C:\WINDOWS\KB932168.log 16.26KB
C:\WINDOWS\KB932823-v3.log 12.49KB
C:\WINDOWS\KB933360.log 22.32KB
C:\WINDOWS\KB933566-IE7.log 23.02KB
C:\WINDOWS\KB933729.log 12.52KB
C:\WINDOWS\KB935448.log 9.15KB
C:\WINDOWS\KB935839.log 17.72KB
C:\WINDOWS\KB935840.log 18.06KB
C:\WINDOWS\KB936021.log 18.02KB
C:\WINDOWS\KB936357.log 12.58KB
C:\WINDOWS\KB936782.log 7.82KB
C:\WINDOWS\KB937143-IE7.log 22.10KB
C:\WINDOWS\KB938127-IE7.log 12.35KB
C:\WINDOWS\KB938828.log 17.23KB
C:\WINDOWS\KB938829.log 17.18KB
C:\WINDOWS\KB939653-IE7.log 22.65KB
C:\WINDOWS\KB941202.log 11.11KB
C:\WINDOWS\KB941568.log 12.29KB
C:\WINDOWS\KB941569.log 16.22KB
C:\WINDOWS\KB941644.log 11.95KB
C:\WINDOWS\KB941693.log 18.98KB
C:\WINDOWS\KB942615-IE7.log 23.84KB
C:\WINDOWS\KB942763.log 30.32KB
C:\WINDOWS\KB943055.log 12.28KB
C:\WINDOWS\KB943460.log 7.95KB
C:\WINDOWS\KB943485.log 12.19KB
C:\WINDOWS\KB944533-IE7.log 23.49KB
C:\WINDOWS\KB944653.log 12.07KB
C:\WINDOWS\KB945553.log 13.19KB
C:\WINDOWS\KB946026.log 17.70KB
C:\WINDOWS\KB947864-IE7.log 19.37KB
C:\WINDOWS\KB948590.log 13.16KB
C:\WINDOWS\KB948881.log 13.95KB
C:\WINDOWS\KB950749.log 17.56KB
C:\WINDOWS\KB950759-IE7.log 17.71KB
C:\WINDOWS\KB950760.log 6.77KB
C:\WINDOWS\KB950762.log 0.20MB
C:\WINDOWS\KB951376-v2.log 9.35KB
C:\WINDOWS\KB951376.log 0.20MB
C:\WINDOWS\KB951698.log 0.21MB
C:\WINDOWS\msgsocm.log 57.38KB
C:\WINDOWS\msxml4-KB936181-enu.LOG 0.27MB
C:\WINDOWS\NLSDownlevelMapping.log 8.25KB
C:\WINDOWS\nsw.log 347 bytes
C:\WINDOWS\ntdtcsetup.log 0.22MB
C:\WINDOWS\ocgen.log 0.54MB
C:\WINDOWS\ocmsn.log 62.00KB
C:\WINDOWS\regopt.log 3.28KB
C:\WINDOWS\sessmgr.setup.log 3.51KB
C:\WINDOWS\setupact.log 0.20MB
C:\WINDOWS\setupapi.log 0.20MB
C:\WINDOWS\setuperr.log 0 bytes
C:\WINDOWS\SetupWLD.log 0.15MB
C:\WINDOWS\spupdsvc.log 42.63KB
C:\WINDOWS\spupdsvc.log.1.log 187 bytes
C:\WINDOWS\svcpack.log 0.48MB
C:\WINDOWS\tsoc.log 0.43MB
C:\WINDOWS\updspapi.log 0.21MB
C:\WINDOWS\WGA.log 14.27KB
C:\WINDOWS\WgaNotify.log 28.70KB
C:\WINDOWS\wmsetup.log 78.36KB
C:\WINDOWS\wmsetup10.log 1.66KB
C:\WINDOWS\xpsp1hfm.log 1,016 bytes
C:\WINDOWS\Active Setup Log.BAK 4.13KB
C:\WINDOWS\imsins.BAK 2.61KB
C:\WINDOWS\Active Setup Log.txt 6.34KB
C:\WINDOWS\ntbtlog.txt 1.25MB
C:\WINDOWS\OEWABLog.txt 1.82KB
C:\WINDOWS\setuplog.txt 0.86MB
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\drwtsn32.log 0.85MB
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp 4.25KB
C:\WINDOWS\Debug\blastcln.log 573 bytes
C:\WINDOWS\Debug\mrt.log 26.29KB
C:\WINDOWS\Debug\mrteng.log 7.93KB
C:\WINDOWS\Debug\NetSetup.LOG 6.86KB
C:\WINDOWS\security\logs\backup.log 2.86KB
C:\WINDOWS\security\logs\SceRoot.log 564 bytes
C:\WINDOWS\security\logs\scesetup.log 0.12MB
C:\WINDOWS\security\logs\update.log 7.29KB
C:\WINDOWS\security\logs\scecomp.old 1.84KB
Removed Cookie: co.uk
Removed Cookie: afterdawn.com
Removed Cookie: google.co.uk
Removed Cookie: google.com
Removed Cookie: pagead2.googlesyndication.com
Removed Cookie: adz.afterdawn.net
Removed Cookie: intellitxt.com
Removed Cookie: quantserve.com
Removed Cookie: forums.afterdawn.com
Removed Cookie: yahoo.com
Removed Cookie: aus2.mozilla.org
Removed Cookie: addons.mozilla.org
Removed Cookie: login.afterdawn.com
Removed Cookie: yimg.com
Removed Cookie: mozilla.com
Removed Cookie: toolbar.google.com
Removed Cookie: www.bleepingcomputer.com
Removed Cookie: ads.bleepingcomputer.com
Removed Cookie: hijackthis.de
Removed Cookie: tools.google.com
Removed Cookie: microsoft.com
Removed Cookie: www.ukprizedraw.co.uk
Removed Cookie: 82.98.235.216
Removed Cookie: adtrgt.com
Removed Cookie: 4ni.co.uk
Removed Cookie: a.shop.com
Removed Cookie: acptr.autotrader.co.uk
Removed Cookie: acptr.teletextholidays.co.uk
Removed Cookie: ad.uk.tangozebra.com
Removed Cookie: ads.aol.co.uk
Removed Cookie: aetools.co.uk
Removed Cookie: allapprovedcars.com
Removed Cookie: amazon.co.uk
Removed Cookie: amazon.com
Removed Cookie: andalucia.com
Removed Cookie: andaluciandreamhomes.com
Removed Cookie: anm.co.uk
Removed Cookie: answers.yahoo.com
Removed Cookie: aol.co.uk
Removed Cookie: argos.co.uk
Removed Cookie: argos.standalonebook.com
Removed Cookie: ask.com
Removed Cookie: atlasinternational.com
Removed Cookie: australia.com
Removed Cookie: autotrader.co.uk
Removed Cookie: autotrader.com
Removed Cookie: bbc.co.uk
Removed Cookie: bebo.com
Removed Cookie: booking.com
Removed Cookie: brazzersnetwork.com
Removed Cookie: buzzfeed.com
Removed Cookie: calabriaproperties.co.uk
Removed Cookie: cams.com
Removed Cookie: carphonewarehouse.com
Removed Cookie: checkout.google.com
Removed Cookie: com.com
Removed Cookie: connextra.com
Removed Cookie: contactmusic.com
Removed Cookie: corrieblog.tv
Removed Cookie: covonia.co.uk
Removed Cookie: cromwell.co.uk
Removed Cookie: crwdcntrl.net
Removed Cookie: ctshirts.co.uk
Removed Cookie: directline-holidays.co.uk
Removed Cookie: dirtylittlewhore.com
Removed Cookie: diydata.com
Removed Cookie: drugs.com
Removed Cookie: easyjet.touchclarity.com
Removed Cookie: ebay.co.uk
Removed Cookie: ebay.com
Removed Cookie: ebayobjects.com
Removed Cookie: ebayrtm.com
Removed Cookie: educationbase.co.uk
Removed Cookie: ehg.buyerzone.com
Removed Cookie: esearchvision.com
Removed Cookie: etology.com
Removed Cookie: expedia.co.uk
Removed Cookie: expedia.com
Removed Cookie: extradump.com
Removed Cookie: fling.com
Removed Cookie: fotolog.com
Removed Cookie: foxtons.co.uk
Removed Cookie: freeads.net
Removed Cookie: friendsreunited.co.uk
Removed Cookie: gamespot.com
Removed Cookie: genesreunited.co.uk
Removed Cookie: go2spain.co.uk
Removed Cookie: greatneighbours.com
Removed Cookie: gumbet.org.uk
Removed Cookie: hiq.fotolog.com
Removed Cookie: holidaycitysuperstore.com
Removed Cookie: holidayholiday.co.uk
Removed Cookie: holidayholidayholiday.co.uk
Removed Cookie: holidayhypermarket.co.uk
Removed Cookie: holidaytruths.co.uk
Removed Cookie: holidaywatchdog.com
Removed Cookie: hotels.hu
Removed Cookie: humoron.com
Removed Cookie: info.realestate.com.au
Removed Cookie: intelli-direct.com
Removed Cookie: italianventure.co.uk
Removed Cookie: italymag.co.uk
Removed Cookie: itv.com
Removed Cookie: jet2.com
Removed Cookie: justanswer.com
Removed Cookie: kelkoo.co.uk
Removed Cookie: lighthouse-spain.com
Removed Cookie: linkconnector.com
Removed Cookie: live.com
Removed Cookie: london.adzooks.co.uk
Removed Cookie: lowcostbeds.com
Removed Cookie: made-in-china.com
Removed Cookie: maplin.co.uk
Removed Cookie: matalan.co.uk
Removed Cookie: medical.justanswer.com
Removed Cookie: microdirect.co.uk
Removed Cookie: migrationabroad.com
Removed Cookie: migrationexpert.com
Removed Cookie: mirror.co.uk
Removed Cookie: morpheusinvestments.com
Removed Cookie: msn.com
Removed Cookie: multimap.com
Removed Cookie: my.rawkus.com
Removed Cookie: nationet.com
Removed Cookie: ngd.thesun.co.uk
Removed Cookie: nintendo-at-tesco.co.uk
Removed Cookie: o.webmd.com
Removed Cookie: olaholidays.com
Removed Cookie: omegaworldwide.com
Removed Cookie: orange.co.uk
Removed Cookie: otbeach.com
Removed Cookie: ownerdirect.com
Removed Cookie: pichunter.com
Removed Cookie: planetpvc.co.uk
Removed Cookie: platinumpropertiesspain.com
Removed Cookie: propertynews.com
Removed Cookie: psoriasisheadlines.com
Removed Cookie: ratemyteachers.co.uk
Removed Cookie: rawkus.com
Removed Cookie: realestate.com.au
Removed Cookie: realestateview.com.au
Removed Cookie: realitykings.com
Removed Cookie: recaptcha.net
Removed Cookie: reddit.com
Removed Cookie: rightmove.co.uk
Removed Cookie: s2d6.com
Removed Cookie: sam.itv.com
Removed Cookie: search123.uk.com
Removed Cookie: secure.thorite.co.uk
Removed Cookie: setanta.com
Removed Cookie: setantasports.com
Removed Cookie: shaggit.org
Removed Cookie: shop-com.co.uk
Removed Cookie: shopping.com
Removed Cookie: shopping.yahoo.co.uk
Removed Cookie: slide.com
Removed Cookie: smilelocal.com
Removed Cookie: southaustralia.com
Removed Cookie: spanishalgarveproperties.com
Removed Cookie: spanishfarmhouses.info
Removed Cookie: startaid.com
Removed Cookie: talktalk.co.uk
Removed Cookie: taylorwoodrow.es
Removed Cookie: telegraph.sophus3.com
Removed Cookie: teracent.net
Removed Cookie: tesco.com
Removed Cookie: thomascook.com
Removed Cookie: thomson.co.uk
Removed Cookie: ticketmaster.co.uk
Removed Cookie: tkmaxx.com
Removed Cookie: totallymoney.com
Removed Cookie: tour.brazzers.com
Removed Cookie: travelbag.co.uk
Removed Cookie: travel-library.com
Removed Cookie: travelrepublic.co.uk
Removed Cookie: travelsearch.yahoo.co.uk
Removed Cookie: trinity.sophus3.com
Removed Cookie: tripadvisor.co.uk
Removed Cookie: tripadvisor.com
Removed Cookie: tsw0.com
Removed Cookie: uk.ebayrtm.com
Removed Cookie: uk.eurosport.yahoo.com
Removed Cookie: uk.f230.mail.yahoo.com
Removed Cookie: uk.f270.mail.yahoo.com
Removed Cookie: uk.f271.mail.yahoo.com
Removed Cookie: uk.freeads.net
Removed Cookie: uk.gamespot.com
Removed Cookie: uk.match.yahoo.net
Removed Cookie: uk.mc271.mail.yahoo.com
Removed Cookie: uk.yahoo.com
Removed Cookie: uktools.com
Removed Cookie: videodome.com
Removed Cookie: villaparade.co.uk
Removed Cookie: virginholidayscruises.com
Removed Cookie: virtualworlddirect.com
Removed Cookie: webmd.com
Removed Cookie: windowquotes.org
Removed Cookie: windowsmarketplace.com
Removed Cookie: worldcasinodirectory.com
Removed Cookie: wunderloop.net
Removed Cookie: www.bebo.com
Removed Cookie: www.contactmusic.com
Removed Cookie: www.itv.com
Removed Cookie: www.marksandspencer.com
Removed Cookie: www.microdirect.co.uk
Removed Cookie: www.microsoft.com
Removed Cookie: www.mirror.co.uk
Removed Cookie: www.realestate.com.au
Removed Cookie: www.shop-com.co.uk
Removed Cookie: yahoo.co.uk
Removed Cookie: yobt.com
Removed Cookie: yourkeytospain.co.uk
Removed Cookie: youtube.com
Removed Cookie: ad2.doublepimp.com
Removed Cookie: ads.adengage.com
Removed Cookie: ads.contactmusic.com
Removed Cookie: ads.expedia.com
Removed Cookie: ads.telegraph.co.uk
Removed Cookie: as.webmd.com
Removed Cookie: bcm.itv.com
Removed Cookie: beta.adyea.com
Removed Cookie: covonia.affinoworld.com
Removed Cookie: ct9.ctshirts.co.uk
Removed Cookie: download.mozilla.org
Removed Cookie: ecustomeropinions.com
Removed Cookie: extras.expedia.com
Removed Cookie: holiday-exchange.com
Removed Cookie: m.webtrends.com
Removed Cookie: mail.easyjet.com
Removed Cookie: mailing.tesco.com
Removed Cookie: metrixlab61.customers.luna.net
Removed Cookie: metrixlablw.customers.luna.net
Removed Cookie: olb2.nationet.com
Removed Cookie: promo.moviemonster.com
Removed Cookie: property.cambridge-news.co.uk
Removed Cookie: report.legalandgeneral.com
Removed Cookie: reporting.kwik-fitinsurance.com
Removed Cookie: reservations.jet2.com
Removed Cookie: sd.play.com
Removed Cookie: sdc.windowsmarketplace.com
Removed Cookie: search.autotrader.co.uk
Removed Cookie: search.next.co.uk
Removed Cookie: search.nhsdirect.nhs.uk
Removed Cookie: secure.friendsreunited.co.uk
Removed Cookie: server1.screwfix.com
Removed Cookie: sptc.information.com
Removed Cookie: static.zangocash.com
Removed Cookie: travel.ciao.co.uk
Removed Cookie: unisonsdc.commtech.ie
Removed Cookie: w23.littlewoodsdirect.com
Removed Cookie: webtrends.telegraph.co.uk
Removed Cookie: whip.adlash.com
Removed Cookie: www.andaluciandreamhomes.com
Removed Cookie: www.anglianhome.co.uk
Removed Cookie: www.atlasinternational.com
Removed Cookie: www.autotrader.co.uk
Removed Cookie: www.bebobox.com
Removed Cookie: www.carphonewarehouse.com
Removed Cookie: www.covonia.co.uk
Removed Cookie: www.currys.co.uk
Removed Cookie: www.directline-holidays.co.uk
Removed Cookie: www.easyjethotels.net
Removed Cookie: www.expedia.co.uk
Removed Cookie: www.firstchoice.co.uk
Removed Cookie: www.friendsreunited.co.uk
Removed Cookie: www.gardahomes.co.uk
Removed Cookie: www.genesreunited.co.uk
Removed Cookie: www.holidayhypermarket.co.uk
Removed Cookie: www.homebase.co.uk
Removed Cookie: www.homesandproperty.co.uk
Removed Cookie: www.italymag.co.uk
Removed Cookie: www.itv-football.co.uk
Removed Cookie: www.jet2.com
Removed Cookie: www.kellysquotes.co.uk
Removed Cookie: www.ladderstore.com
Removed Cookie: www.littlewoodsdirect.com
Removed Cookie: www.manutd.com
Removed Cookie: www.maturesinvids.com
Removed Cookie: www.medicinenet.com
Removed Cookie: www.medterms.com
Removed Cookie: www.morpheusinvestments.com
Removed Cookie: www.ncdstudio.co.uk
Removed Cookie: www.nhsdirect.nhs.uk
Removed Cookie: www.ownerdirect.com
Removed Cookie: www.play.com
Removed Cookie: www.propertynews.com
Removed Cookie: www.realestateview.com.au
Removed Cookie: www.revresda.com
Removed Cookie: www.screwfix.com
Removed Cookie: www.streamate.com
Removed Cookie: www.telegraph.co.uk
Removed Cookie: www.thesun.co.uk
Removed Cookie: www.thomson.co.uk
Removed Cookie: www.toolbarn.com
Removed Cookie: www.trailerwmv.com
Removed Cookie: www.travelbag.co.uk
Removed Cookie: www.travelrepublic.co.uk
Removed Cookie: www.tripadvisor.co.uk
Removed Cookie: www.tripadvisor.com
Removed Cookie: www.usfreeads.com
Removed Cookie: www.villaparade.co.uk
Removed Cookie: www.virtualworlddirect.com
Removed Cookie: www.windowsmarketplace.com
Removed Cookie: www.worldcasinodirectory.com
Removed Cookie: www.yardstore.com
Removed Cookie: www.yellowmoon.org.uk
Removed Cookie: www.yourkeytospain.co.uk
Removed Cookie: www1.member-hsbc-group.com
Removed Cookie: www7.marksandspencer.com
C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\downloads.rdf 9.07KB
Firefox/Mozilla Temporary Internet Cache (63 files) 65.4MB
C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\history.dat 0.13MB
C:\Documents and Settings\Neil Brown\Application Data\Microsoft\Office\Recent\Desktop.LNK 315 bytes
C:\Documents and Settings\Neil Brown\Application Data\Microsoft\Office\Recent\index.dat 65 bytes
C:\Documents and Settings\Neil Brown\Application Data\Microsoft\Office\Recent\scrabo Road.LNK 445 bytes
C:\Documents and Settings\Neil Brown\Application Data\Microsoft\Office\Recent\virus.LNK 411 bytes
C:\Documents and Settings\Neil Brown\Application Data\Mozilla\Firefox\Profiles\jc8j9bli.default\GoogleToolbarData\searchhistory.xml 1.91KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\100yrs.JPG-3b7837d7-479165be.idx 292 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\100yrs.JPG-3b7837d7-479165be.JPG 7.05KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\192night-1.JPG-3881dc60-7c7a31c4.idx 296 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\192night-1.JPG-3881dc60-7c7a31c4.JPG 7.21KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\ATAhandsetEbay.jpg-79cab5dc-6f437b91.idx 269 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\ATAhandsetEbay.jpg-79cab5dc-6f437b91.jpg 5.49KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\capsanblas.jpg-1142f0d8-2abe233d.idx 296 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\capsanblas.jpg-1142f0d8-2abe233d.jpg 4.71KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\CInfo.class-718bba08-19ef74f0.class 4.25KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\CInfo.class-718bba08-19ef74f0.idx 265 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\dining.JPG-3bff25a7-6fa9d4f7.idx 292 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\dining.JPG-3bff25a7-6fa9d4f7.JPG 6.74KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\dis-1.JPG-52c3862-211ee2cb.idx 291 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\dis-1.JPG-52c3862-211ee2cb.JPG 8.23KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\dis-10.JPG-7250782c-488ac96f.idx 293 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\dis-10.JPG-7250782c-488ac96f.JPG 10.18KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\dis-12.JPG-726ca72e-519dcdc7.idx 292 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\dis-12.JPG-726ca72e-519dcdc7.JPG 9.10KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\dis-2.JPG-53a4fe3-66005926.idx 291 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\dis-2.JPG-53a4fe3-66005926.JPG 9.58KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\fphover.class-1d11c5a9-3860522f.class 9.11KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\fphover.class-1d11c5a9-3860522f.idx 265 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\fphoverx.class-221df5bb-7a76dc80.class 1.44KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\fphoverx.class-221df5bb-7a76dc80.idx 266 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\h2258154a.jpg-e7d1967-70682608.idx 262 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\h2258154a.jpg-e7d1967-70682608.jpg 102.28KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\InspectorApplet.class-dfc2dfb-597b376b.class 3.00KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\InspectorApplet.class-dfc2dfb-597b376b.idx 277 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\living_room.jpg-1d26189f-4974a454.idx 314 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\living_room.jpg-1d26189f-4974a454.jpg 54.58KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\nightpool-2.JPG-20571e49-62a2f07b.idx 297 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\nightpool-2.JPG-20571e49-62a2f07b.JPG 5.43KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\pool.JPG-70f4094a-673aae5a.idx 290 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\pool.JPG-70f4094a-673aae5a.JPG 7.89KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\pool.jpg-7c4968cc-4239a0f1.idx 307 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\pool.jpg-7c4968cc-4239a0f1.jpg 51.20KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\pool3.JPG-7fad0ac7-4f82ca9a.idx 291 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\pool3.JPG-7fad0ac7-4f82ca9a.JPG 7.64KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\RegKeyException.class-4f108955-4a7fd166.class 284 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\RegKeyException.class-4f108955-4a7fd166.idx 286 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\reiwa.gif-34643ac1-4f4cbfb2.gif 2.66KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\reiwa.gif-34643ac1-4f4cbfb2.idx 262 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\securalift_garage2.jpg-73173d6c-557f953a.idx 273 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\securalift_garage2.jpg-73173d6c-557f953a.jpg 4.20KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\AnFade.jar-47bdd1b1-64dbd28f.idx 256 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\AnFade.jar-47bdd1b1-64dbd28f.zip 19.76KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\holomatix.jar-783c0ab8-6e77ec8f.idx 113 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\holomatix.jar-783c0ab8-6e77ec8f.zip 0.30MB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\OP.jar-4b9c0e39-1431a119.idx 5.86KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\OP.jar-4b9c0e39-1431a119.zip 15.03KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\panoapplet.jar-274c3476-6665f608.idx 1.57KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\panoapplet.jar-274c3476-6665f608.zip 88.45KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ptviewer.jar-d2c6acb-7befebd0.idx 162 bytes
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ptviewer.jar-d2c6acb-7befebd0.zip 87.69KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\vivid_jni_sun.jpeg-6b2410d3-1bd687ca.idx 5.78KB
C:\Documents and Settings\Neil Brown\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\vivid_jni_sun.jpeg-6b2410d3-1bd687ca.zip 57.81KB
C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref.old 1.30MB
C:\Documents and Settings\Neil Brown\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-04-22 16-09-56.txt 0.11MB
C:\Documents and Settings\Neil Brown\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-05-18 15-45-09.txt 44.94KB
C:\Documents and Settings\Neil Brown\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-05-18 15-50-36.txt 42.71KB
C:\Documents and Settings\Neil Brown\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-05-25 13-44-07.txt 35.23KB
C:\Documents and Settings\Neil Brown\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-06-05 09-05-03.txt 42.72KB
C:\Documents and Settings\Neil Brown\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-06-07 21-15-35.txt 34.66KB
C:\Documents and Settings\Neil Brown\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-06-10 17-58-53.txt 41.50KB
C:\Documents and Settings\Neil Brown\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-06-22 20-50-19.txt 44.55KB
C:\Documents and Settings\Neil Brown\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-01 11-23-00.txt 33.38KB
C:\Documents and Settings\Neil Brown\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-23 18-44-43.txt 36.70KB
C:\Documents and Settings\Neil Brown\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2008-05-31 17-42-34.txt 38.37KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\Avg7.log 0.27MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log1.log 0.49MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log2.log 0.49MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log3.log 0.49MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log4.log 0.49MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\history.log 90.01KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\avg7info.id 74 bytes
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\avginfo.ctf 4.58KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\download.nfo 1.88KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7avi1297u1293jk.bin 97.60KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7avi1298u1293k4.bin 0.11MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7avi1299u1293u0.bin 0.12MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7avi1301u12932e.bin 0.13MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7avi1302u1293fn.bin 0.14MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7avi1309u1293ww.bin 0.15MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7avi1314u1293k6.bin 0.18MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7avi1315u9918s.bin 0.80MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7avi1319u13158r.bin 64.44KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7avi132672.bin 5.85MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7avi1327u1323rr.bin 0.11MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7avi1328u1327xs.bin 17.02KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7bnr493me.bin 0.29MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1405u13953v.bin 0.27MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1407u14058c.bin 35.31KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1409u1407nm.bin 34.66KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1410u1409jm.bin 21.04KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1413u1408o0.bin 86.28KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1417u1413yx.bin 35.10KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1423u1411xr.bin 0.12MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1427u14224k.bin 83.28KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1440u1418vu.bin 0.30MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1444u14393j.bin 81.59KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1446u144481.bin 77.28KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1448u1446s0.bin 31.54KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1455u1446zs.bin 0.13MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1460u1455va.bin 62.85KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1462u1460zr.bin 28.75KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1475u14544m.bin 0.34MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1476u14754j.bin 28.15KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1478u1476ms.bin 40.66KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1499u1477r9.bin 0.31MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1505u14738i.bin 0.49MB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1507u1505g8.bin 56.31KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1508u15073h.bin 29.89KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\upd7bin\u7iavi1510u1508xu.bin 19.68KB
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7upd\update7.log 0.44MB
------------------------------------------------------------------------------------------

 

Those files you saved further back in the thread have you scanned those for virus & spyware,the last thing you need is to reinstall everything you've removed,you'll also have too once your satisfied the comp is clean is to delete the system restore points by turning it off then re-enable it,"RE-ENABLE ONLY WHEN SYSTEM IS 100 % CLEAN"

AVG is now at v8.0,tho considering what's happened here your better off with avast as it's a realtime scanner,the downside to avast is it scans every program that launches or attempts to install which can slow things down a bit & yep comodo firewall is excellant it will also send up warnings when progs attempt to launch or install that it does'nt recognise

You might want to consider setting up a restricted user account & password the Admin Acc.


EDIT: Any files downloaded through P2P should be scanned for virus & malware,make sure you update both the scanners before you scan.

 

Dear Afterdawn Users,

Sorry for the invonveinience of my little s****d brother. Did he used my account illegaly? But still my mom grounded him for 2 months. Pls tell me in private message if he uses this account illegaly and do something s*****d! Cause he is getting grounded for 3 months. Our IP address are desame because we use this computer but different accounts. Pls. forgive my little brother is there anything I can do? And can someone tell me what was he was doing for the last 1 month in afterdawn? Sorry for my little brothers actions. Pls apologize us. I didn't expect that this would happen and he would do something crazy.

My apology,
Kevin RedFox085

 

sorry could you be a bit more specific here i've went through so many process's now it hard to remember everything. and wont putting files back just reinfect my computer? really unsure on this point!
Thanks for your input.

 

Hey Muage.

No, you do not have to post any more logs. All I want is the a-squared log. After you do all that I have told you to do, your parent's laptop should be clean and you can rest. Please read carefully all that I said, and follow accordingly, no more, no less. Also, you can flush your system restore points like scorpNZ said, and then turn it back on again.

Hey scorpNZ,
Antivir Free is far superior to AVG or avast in terms of resource consumption and detection. I highly recommend it. See their past testing results at av-comparatives.org.

Best Regards

 

Hey Cdavfrew I already posted asquared log above no?? do you want another?