I have done all that I know to do to get rid of this bugger and others like newdotnet. I have Microsoft antispyware, and have recently downloaded spybot s&d, I am also running Grisoft anitvirus software. Everytime my computer is cleaned these guys return and I am being bombarded with popups! Here is my HJT log. Thanks for your help! Beth~

Logfile of HijackThis v1.99.1
Scan saved at 6:48:13 PM, on 2/7/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\DIGStream\digstream.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Java\jre1.5.0_04\bin\jucheck.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\rdso\eetu.exe
C:\WINDOWS\System32\??stem\msconfig.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\All Users\Documents\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.juno.com/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.juno.com/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.juno.com/s/search?r=minisearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\JUSearch\SearchEnh1.dll
R3 - URLSearchHook: (no name) - {529D7BBE-E059-CEDF-2A06-B8CE6BBFE2BD} - C:\WINDOWS\System32\hwtw.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: JunoBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\Juno\Toolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [gimmygames] C:\\gimmygames.exe
O4 - HKLM\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.Exe -boot
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKCU\..\Run: [uoltray] C:\Program Files\Juno\exec.exe regrun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Aida] "C:\Program Files\rdso\eetu.exe" -vt mt
O4 - HKCU\..\Run: [Whfag] C:\WINDOWS\System32\??stem\msconfig.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzed001DIUS_ZB
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.dollarrevenue.com
O15 - Trusted Zone: *.errorsafe.com
O15 - Trusted Zone: *.imagesrvr.com
O15 - Trusted Zone: *.media-motor.com
O15 - Trusted Zone: *.mediatickets.net
O15 - Trusted Zone: *.proben.nu
O15 - Trusted Zone: *.snet.ms
O15 - Trusted Zone: *.snet.tc
O15 - Trusted Zone: *.snipernet.biz
O15 - Trusted Zone: *.snipernet.us
O15 - Trusted Zone: *.sxload.com
O15 - Trusted Zone: *.winfixer.com
O15 - Trusted Zone: *.yoursitebar.com
O15 - Trusted Zone: *.zango.com
O15 - Trusted Zone: *.zangocash.com
O15 - Trusted Zone: *.adextension.com (HKLM)
O15 - Trusted Zone: *.dollarrevenue.com (HKLM)
O15 - Trusted Zone: *.errorsafe.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.media-motor.com (HKLM)
O15 - Trusted Zone: *.media-motor.net (HKLM)
O15 - Trusted Zone: *.mediatickets.net (HKLM)
O15 - Trusted Zone: *.proben.nu (HKLM)
O15 - Trusted Zone: *.snet.ms (HKLM)
O15 - Trusted Zone: *.snet.tc (HKLM)
O15 - Trusted Zone: *.snipernet.biz (HKLM)
O15 - Trusted Zone: *.snipernet.us (HKLM)
O15 - Trusted Zone: *.sxload.com (HKLM)
O15 - Trusted Zone: *.winfixer.com (HKLM)
O15 - Trusted Zone: *.yoursitebar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted Zone: *.zango.com (HKLM)
O15 - Trusted Zone: *.zangocash.com (HKLM)
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - file://D:\Installers\AuthorwareWebPlayer\awswax.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139241753859
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: Reliability - C:\WINDOWS\system32\l8p2li7o18.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe

hi

good grief, thats an infected log...



Please create a list of programs that can be removed using Add/Remove Programs
Start HiJackThis
Press 'Config'
Press 'Misc Tools'
Press 'Open Uninstall Manager'
Press 'Save List'
Save the log to a convenient location
Copy the log and post its contents in this thread


then



Please download ewido anti malware (http://www.ewido.net/en/download/) it is a free version of the program.
Install ewido security suite
When installing, under "Additional Options" uncheck..
Install background guard
Install scan via context menu

Launch ewido, there should be an icon on your desktop, double-click it.
The program will now open to the main screen.
When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.

You will need to update ewido to the latest definition files.
On the left hand side of the main screen click update.
Then click on Start Update.

The update will start and a progress bar will show the updates being installed.
(the status bar at the bottom will display ("Update successful")
If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates (http://www.ewido.net/en/download/updates/)

Once the updates are installed do the following:

reboot your computer in SafeMode by doing the following:
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
Instead of Windows loading as normal, a menu should appear
Select the first option, to run Windows in Safe Mode.


then launch ewido:
Click on scanner
Click on Complete System Scan and the scan will begin.
You will be prompted to clean the first infection.
Select "Perform action on all infections", then proceed.
Once the scan has completed, there will be a button located on the bottom of the screen named Save report
Click Save report.
Save the report .txt file to your desktop or a location where you can find it easily.

Close ewido security suite.


reboot back to normal mode
post the uninstall list, the ewido report
and a fresh hijackthis log

okay have done all, hopefully right. Here is the uninstall

3D Groove Playback Engine
Adobe Acrobat 5.0
Adobe Download Manager 1.2 (Remove Only)
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 6.0.1
AdwareAlert 3.6.2.1
aspi
AVG Free Edition
Broadcom Management Programs
CCHelp
CCScore
Conexant SmartHSFi V.9x 56K DF PCI Modem
Dell Digital Jukebox Driver
Dell Media Experience
Dell Solution Center
Dell Support 5.0.0 (766)
Digital Line Detect
Diner Dash (remove only)
DirectX 9 Hotfix - KB839643
Disney's Toontown Online
Dosages and Solutions
Dual Mode Camera
Electronic Care Plan Maker Pediatric
ESPNMotion
ESSAdpt
ESSANUP
ESSBrwr
ESSCAM
ESSCDBK
ESScore
ESSCT
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSTUTOR
ESSvpaht
ESSvpot
ewido anti-malware
F.A. Davis's Nursing Care Plan, ed. 6, on CD-ROM
HijackThis 1.99.1
HLPCCTR
HLPIndex
HLPPDOCK
Homestead SiteBuilder LPX
Intel(R) Extreme Graphics Driver
Internet Explorer Default Page
iTunes
J2SE Runtime Environment 5.0 Update 4
Jasc Paint Shop Photo Album
Jasc Paint Shop Pro 8 Dell Edition
Java 2 Runtime Environment, SE v1.4.2
JumpStart Animal Field Trip
JumpStart Arts and Crafts
Juno
Kinko's File Prep Tool
Kodak EasyShare software
KSU
Learn2 Player (Uninstall Only)
Macromedia Shockwave Player
Math 2
MediaTickets By OIN
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft AntiSpyware
Microsoft Data Access Components KB870669
Microsoft Encarta Encyclopedia Standard 2004
Microsoft Learning and Research Plus Support Files
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Premium
Microsoft Office Professional Edition 2003
Microsoft Picture It! Express 7.0
Modem Helper
Mozilla Firefox (1.5)
MSN
MSN Gaming Zone
MSN Internet Software
MSN Messenger 5.0
Musicmatch® Jukebox
Mystery Club Making of a Mastermind
NCLEX-RN 3500 - Individual Version
NetWaiting
Notifier
OpenMG Limited Patch 3.4-04-16-16-01
OpenMG Secure Module 3.4.01
OTtBP
PCDLNCH
PharmDisk 2006
PhoTags Express
QuickTime
RealOne Player
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905495)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB912919)
SFR
SFR2
Shockwave
Snood for Windows version 3.52-W
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
SonicStage 2.0.06
SpongeBob pinball
Spybot - Search & Destroy 1.4
SpywareBlaster v3.5.1
Trivia Machine (remove only)
TurboTax Basic 2005
TurboTax ItsDeductible 2005
Update for Windows XP (KB835409)
Update for Windows XP (KB898461)
Update for Windows XP (KB910437)
USAFSE Gold
VCAMCEN
Viewpoint Manager (Remove Only)
Viewpoint Media Player
VPRINTOL
WexTech AnswerWorks
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player Hotfix [See Q828026 for more information]
Windows XP Hotfix - KB810217
Windows XP Hotfix - KB821557
Windows XP Hotfix - KB823182
Windows XP Hotfix - KB824105
Windows XP Hotfix - KB824141
Windows XP Hotfix - KB825119
Windows XP Hotfix - KB828741
Windows XP Hotfix - KB833407
Windows XP Hotfix - KB835732
Windows XP Hotfix - KB837001
Windows XP Hotfix - KB839645
Windows XP Hotfix - KB840315
Windows XP Hotfix - KB840374
Windows XP Hotfix - KB841873
Windows XP Hotfix - KB842773
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB889293
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Hotfix - KB897715
Windows XP Hotfix - KB905915
Windows XP Hotfix (SP2) [See Q329115 for more information]
Windows XP Hotfix (SP2) [See Q329390 for more information]
Windows XP Hotfix (SP2) [See Q329834 for more information]
Windows XP Hotfix (SP2) Q329170
Windows XP Hotfix (SP2) Q329441
Windows XP Hotfix (SP2) Q810565
Windows XP Hotfix (SP2) Q810577
Windows XP Hotfix (SP2) Q810833
Windows XP Hotfix (SP2) Q811493
Windows XP Hotfix (SP2) Q814033
Windows XP Hotfix (SP2) Q815021
Windows XP Hotfix (SP2) Q817287
Windows XP Hotfix (SP2) Q817606
WordPerfect Office 11
Yahoo! Address AutoComplete
Yahoo! extras
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Messenger Explorer Bar
Yahoo! Toolbar

The others will be in different posts.
Beth~

And the new HJT log

Logfile of HijackThis v1.99.1
Scan saved at 3:49:27 PM, on 2/8/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\System32\??stem\msconfig.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Java\jre1.5.0_04\bin\jucheck.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\rdso\eetu.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\All Users\Documents\HijackThis.exe
C:\WINDOWS\System32\rundll32.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.juno.com/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.juno.com/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.juno.com/s/search?r=minisearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\JUSearch\SearchEnh1.dll
R3 - URLSearchHook: (no name) - {529D7BBE-E059-CEDF-2A06-B8CE6BBFE2BD} - C:\WINDOWS\System32\hwtw.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: JunoBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\Juno\Toolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [gimmygames] C:\\gimmygames.exe
O4 - HKLM\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.Exe -boot
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKCU\..\Run: [uoltray] C:\Program Files\Juno\exec.exe regrun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Aida] "C:\Program Files\rdso\eetu.exe" -vt ndrv
O4 - HKCU\..\Run: [Whfag] C:\WINDOWS\System32\??stem\msconfig.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzed001DIUS_ZB
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.adextension.com (HKLM)
O15 - Trusted Zone: *.dollarrevenue.com (HKLM)
O15 - Trusted Zone: *.errorsafe.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.media-motor.com (HKLM)
O15 - Trusted Zone: *.media-motor.net (HKLM)
O15 - Trusted Zone: *.mediatickets.net (HKLM)
O15 - Trusted Zone: *.proben.nu (HKLM)
O15 - Trusted Zone: *.snet.ms (HKLM)
O15 - Trusted Zone: *.snet.tc (HKLM)
O15 - Trusted Zone: *.snipernet.biz (HKLM)
O15 - Trusted Zone: *.snipernet.us (HKLM)
O15 - Trusted Zone: *.sxload.com (HKLM)
O15 - Trusted Zone: *.winfixer.com (HKLM)
O15 - Trusted Zone: *.yoursitebar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted Zone: *.zango.com (HKLM)
O15 - Trusted Zone: *.zangocash.com (HKLM)
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - file://D:\Installers\AuthorwareWebPlayer\awswax.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139241753859
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: ShellServiceObjectDelayLoad - C:\WINDOWS\system32\mvnol9531.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe

The EWIDO report is like 88000 characters long so I am going to have to break it up into 5 diferent posts.
I am thinking something might still be lurking as I have had a few pop ups coming up. Oh and I got 2 error messages at startup both rundll errors about not being able to find these modules; newdotnet, and urloader which I know are both spyware, which should be a good thing?

Thanks
Beth~

+ Scan result:

HKLM\SOFTWARE\Classes\PROTOCOLS\Name-Space Handler\res -> Adware.WebSearch : Cleaned with backup
HKLM\SOFTWARE\Effective-i -> Adware.EffectiveBrandToolbar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\STO -> Adware.WebSearch : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaTickets -> Adware.PurityScan : Cleaned with backup
[708] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Cleaned with backup
[856] C:\WINDOWS\system32\VBR.DLL -> Adware.Look2Me : Error during cleaning
C:\Documents and Settings\Beth\Cookies\beth@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@ads.realcastmedia[1].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@c5.zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@data4.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@linksynergy[2].txt -> TrackingCookie.Linksynergy : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@media.fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@overture[2].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.6:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.8:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.9:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.11:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.129:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup

:mozilla.130:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.153:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.154:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.155:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.158:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.169:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.192:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.193:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.194:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.234:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.235:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.246:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.247:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.248:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.249:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.256:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.258:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.259:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.260:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.261:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.262:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.263:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.284:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.297:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.299:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.300:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.301:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.304:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.305:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.310:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.318:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.320:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.321:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.322:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.323:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.324:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.325:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.326:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.327:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.328:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.329:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.330:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.331:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.332:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.333:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.334:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.335:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.336:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.349:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup
:mozilla.362:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.370:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.371:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.372:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.373:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.374:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.375:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.376:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.377:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.378:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.379:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.380:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.381:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.382:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.383:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.389:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.390:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup

C:\Documents and Settings\Greg\Cookies\greg@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@ads.realcastmedia[1].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@ads1.revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@c5.zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@citi.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@com[2].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@data4.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@reduxads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@sel.as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@trafficmp[3].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\!update.exe -> Downloader.PurityScan.br : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfk4ogdzcdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfk4qpajihp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfkickc5eho.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfkocicjicp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfkykmc5glo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfl4agdzcbq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfl4aiczcko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfl4sndpofp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wflicjdpmko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfligndpako.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfliqgajohp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wflocgcjckp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfloelc5klp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfloghczkao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfloskdpgkp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfmiehazkdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjk4cmazsgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjk4cnd5eao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjk4enc5aho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjk4khczcfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjk4kncpeeq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkoaocjalp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkoclcpkkp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkoeidpmap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkogodzgdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkookajofo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkoooczeko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkoqjczmgp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkowhcpocq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkychdpobo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkyckdzmhp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkygodzwbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkyskazglq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkyslazalo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkywhcjkcq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjl4qhdpmdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjl4whc5caq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlicgdpsap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlieiazadp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlikhdpobo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlikndjmlq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjliqgazicp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjliwjd5ado.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjloaod5ilq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlocmc5elp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjloeodjgco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlokgcpekp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlooic5klp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjloolcpegq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlowicjego.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlowmcpmko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlowpajcbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlowpcjafq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlyapajmbq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlyeoc5gep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlygnazakp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlyomdpobo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlysmcjikp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjmiqicjwkp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup

C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjmiuiczmfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjmiwkd5ecp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjmyalczgao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjmygldjmbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjmyqpd5keo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1gcpwc.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1iajmb.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1id5sc.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1jazcf.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1jcpwf.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1ocpkf.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1oczol.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1pcpah.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1pcpka.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1sc5ah.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyahcjaao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyajdzagp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyancjcbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnycpdjcao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyeidzcap.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyencjado.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyggazego.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnygkdzeco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnygmczgfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnygpcjehq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyogd5weo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyohd5mdq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyohdpmlp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyojdzgdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyokdzkbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyoldzcfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyond5afo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyondpofq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyqgd5sdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyshd5gho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyslc5igq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyukd5eco.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyukdjwhp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyuocjedp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@servedby.advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\temp.cab/IExploreSkins.exe -> Adware.WebSearch : Error during cleaning
C:\Documents and Settings\Greg\Local Settings\Temp\temp.cab/toolbar.dll -> Adware.WebSearch : Error during cleaning
C:\Documents and Settings\Greg\Local Settings\Temp\toolbar.dll -> Adware.WebSearch : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\~1968.tmp -> Adware.Wintol : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\~481.tmp -> Adware.Wintol : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\~640990.tmp -> Adware.Wintol : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\~643567.tmp -> Adware.Wintol : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\~654369.tmp -> Adware.Wintol : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\~767.tmp -> Adware.Wintol : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\~889.tmp -> Adware.Wintol : Cleaned with backup
C:\Program Files\DIGStream\digstream.exe -> Not-A-Virus.Downloader.Win32.DigStream.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\18CCAB69-3973-485C-B751-D78CA8\A20100E8-AEE8-4F69-88D6-D51CA0 -> Adware.Look2Me : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1A9F9233-A749-4FAC-8847-F364A9\468493ED-0179-45BC-AD90-CC6200 -> Adware.Ucmore : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1A9F9233-A749-4FAC-8847-F364A9\EA45F2C2-FDF7-4DE3-BB9E-BEE18A -> Adware.Ucmore : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\243CA0FC-9FF4-49CA-A233-2BC1A0\16D3D116-55FF-436F-A9C0-6DB2EC -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\0286F81B-FFBA-4D62-BDA2-7A8FF3 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\059A590D-0696-4313-8698-DF1665 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\0763A2DD-AE23-4467-B66A-F91B3C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\0917CE9C-3E2B-4483-976B-45F36E -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\0D32DE29-02A3-4263-8FF2-9D082B -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\0D78C13E-1BE9-471C-9FF9-463E54 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\121D098E-3B02-4D51-AB54-3B5CC0 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\137DF8B2-7CE1-42B1-861E-7865B3 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\14159592-A682-41A9-9CB3-D9C90B -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\14AAC346-00AC-4D72-A305-4F4EB2 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\14DC3AC9-9DAC-43E8-B8F1-46F290 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\14E2891B-EF7D-44A2-995F-3DE085 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\15442497-7212-4A65-95C8-5A536C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\15A04505-1031-436C-9C54-20037D -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\1A3D1EA2-5E08-441D-B2FD-AF94BA -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\1B12E4AF-01FB-42C5-9773-AD4C42 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\1F12E242-9A39-4526-A603-E82319 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\1F5F855B-3D86-45D5-B155-9F6970 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\213FBC7B-3534-4056-9B6E-E16EDD -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\268DC284-5444-450C-82E9-F5B3CC -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\272DFEA5-5CA6-49DB-8A12-0C9FDE -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\27A36933-F650-478A-95D6-C95217 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2804A4DB-E8E2-4057-96AF-7B0879 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\29388388-1F72-4596-933F-8D2CD7 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\29E8E2A9-B75A-4E20-A59A-ADCA1A -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2A20A73A-5A74-407C-9412-D9727D -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2A2DBB8E-2368-4937-BDF8-E47AEB -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2A671B51-9AB3-4D13-9BAF-D93B75 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2A69AEEE-6C1B-4BD3-8B1B-56971A -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2B3201D2-E9CD-416B-83D4-66B99C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2C71CA3E-23CC-404F-989D-ABDCD6 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2D96FF9E-2717-47C0-88DF-83C18F -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2E76F829-A27F-45C0-9A35-3BC779 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2ED25033-9209-4AC7-8556-AD32FE -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\32DE8930-FB25-4307-AA0C-0C5365 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\34C642DC-5AFA-4408-AE97-A979B3 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\3514AC16-CB06-4D95-9697-D193C7 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\36408B06-BFE5-4C90-96FE-F8CB5C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\368F8E8B-9F97-4F97-AC36-29020B -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\36D224CF-28DB-4930-9390-20811A -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\390361CD-7063-44D2-8728-C85328 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\3B899085-34E7-4636-BB0A-F8C1FD -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\3BDAE7A3-720C-492A-96A9-A35290 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\3D0F19D5-C766-4930-84C6-9416ED -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\3DEEF038-AD8C-4439-BCA5-6ECD16 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\400EA1D1-B0BC-4A3F-B6CD-997DD5 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\41BA9C85-FC03-4FC9-8540-0854EF -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\44758C95-12EB-43B2-9F42-8F439F -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\45A79E95-961B-47C9-B3F2-B417BE -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\45DAC858-1C42-425B-A826-60C442 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\477C2585-B69F-4572-99B0-283248 -> Adware.Wintol : Cleaned with backup

C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\47E43F31-62ED-43D0-87F8-5F48D4 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\49E9F660-4422-4A40-B879-66666B -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\4C96AFDB-4055-4A20-9F5A-520D04 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\4D3A00E0-7C60-4978-813C-22EC8C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\4DDFCD8D-E733-445B-822F-0FEF54 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\4E7945EC-2D01-4E32-A9B8-BDA668 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\50CFC3C8-CC37-4618-883D-F37858 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\52D1E31D-0D3F-4D16-A357-FEFE0F -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\52D2EDF6-3DD6-45A4-A621-DEA713 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\52EDB393-B4CA-43BF-9EBC-FE68DC -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\532B7F27-6D53-4559-81A2-0A8B50 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\533C9506-CEBA-47AC-908F-AAD15E -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\580200DC-468B-494F-ACB9-37E2BD -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\5A8DACFE-EAC9-4A6B-B89E-97A6BD -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\5B5AEE74-6FE0-434B-AFB5-5FF020 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\6202C330-DCC1-48A5-B7E6-240A3F -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\63AE32C1-B6E6-46DA-8826-397360 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\641E1C4C-5553-4E8D-A18C-98C129 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\6676D929-F2CE-489F-98ED-01FB01 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\69788D80-3680-40F7-A0B5-376A64 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\6ADF4C13-1B89-4166-BD03-492D90 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\6B9E155B-DAC7-4CEE-BA63-DB0710 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\6E5B252E-013E-4D8D-80B3-6A8954 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\6F88EE30-2AAA-44E2-9C0E-2DB448 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\6FC9CD98-FD52-41C8-9927-85E812 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\71D94D6C-852E-49F7-B70C-463D45 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\731EDD36-208C-44E2-95E7-147629 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\7586CF2B-13D4-4539-A7E9-E4EEF8 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\776EA619-2A6E-403D-B7F9-2FFBE6 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\78F8841F-08F7-4831-B735-C80889 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\79170CC6-B7AD-44D4-B6D0-BDA14F -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\79662380-E312-48CC-936F-EF4926 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\7A753088-292F-465C-A421-2B031F -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\7FB80533-2402-4D4D-9F47-D986F8 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\818CA52F-E09E-461A-9999-E4831C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\81B8830E-333B-45B0-81E2-1DF88B -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\826D6EB6-CCD3-4507-BE6A-BFA61D -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\83E7E752-541C-4EE3-87A0-A30B89 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\8409DBEF-D51C-4815-A868-814CDB -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\84690ABB-EB35-495F-8565-CC3640 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\863F1A04-E8E3-428F-B48E-9CB188 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\8746B259-CE55-46E4-BB11-B158C5 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\87586FD7-A827-4AD1-83FB-3B6B06 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\8771ACB0-92A1-4C51-A442-65E8D2 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\8B90A64A-2A12-43EA-8FC1-992C84 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\8BCF2C79-3FFB-47A2-97AB-2B8AF3 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\8E029803-A778-4196-A2BA-60EBF3 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\8E580862-D139-4C82-8A3C-7D0430 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\8EAEB917-6ADA-4B1A-8A56-E8EA51 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\8F17D36F-A554-48F3-A1CF-B4E2B0 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\91941C6A-2CD7-4BDE-807C-FD1E38 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\98F1A7F5-8AB1-4643-BF06-C9C975 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\997E6BE0-39C7-4929-8C08-B027CD -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\99CFA38D-4EFC-4490-B03B-19497C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\9AEF6989-52F0-4848-AAA2-CC6F40 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\9AFE6A07-B3A2-4870-BFC4-EEA06D -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\9B100266-B3AF-425F-A8E3-176D64 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\9BBCE5EE-C865-4F55-ADF5-3819A4 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\9D1FF42F-272A-43D5-BE03-9A59B8 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\9E3F0235-8720-4369-A6E8-E90BE3 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\9F0591F6-D767-4297-A4CB-A10AEF -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\9FA2FC4B-15BA-4EA4-92EA-C5DA7F -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\9FF3B219-E679-47AE-8C4E-56BD8E -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\A01551E5-B6A0-4492-8A85-3A32F4 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\A1F5B59B-2931-4D19-BFEC-775D41 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\A48C6EC7-3503-428A-B8A0-38C08A -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\AB2565C9-70AE-4CBE-84C9-963E65 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\AB5AC0B6-190A-46D5-BB53-0C9E1C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\ACECB626-2DD2-4A2C-AEDC-547DAB -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\AD1824ED-EE64-46A8-9719-9CD773 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\B1DB99D5-6B48-4F6D-A0B9-AF8CCA -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\B3245DD4-37DF-45BB-91E8-9DFED5 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\B34586CA-A591-4644-817D-4C0C44 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\B3EEADE8-5B63-46FE-B91B-18D510 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\B45FD1BD-0B65-4AB3-BA5D-2CE3B8 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\B58FD763-4A90-416E-B957-89CD4C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\B6DF84FB-70B0-4E33-9675-AADC0E -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\B9E5C50B-0D18-4017-8C62-594387 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\BAA92BC8-00C0-48B6-A3FE-C9F635 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\BBDEA276-5881-4D66-AE0E-2B762B -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\BE0F8CCB-C728-492D-850D-6D60BA -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\BE3A19F0-53A6-4FAD-9D40-D7935E -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\C2956F60-62F3-4C37-BA55-7723B0 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\C2A370FF-E366-474A-BFF8-6728F9 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\C2A7861F-7AA9-4DFD-A749-955770 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\C7E8A27A-2A4E-43CE-8966-B2CCE0 -> Downloader.Wintool.a : Cleaned with backup

C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\CA3E9EA0-AFFB-41C7-9220-C58E7F -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\CA73C2EB-AD68-4F29-B382-650F8D -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\CA8A831B-04C7-4814-8A09-3FEB7B -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\CB576BDC-178D-44AE-9D40-0019A3 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\D1AE9005-452F-4379-AA1B-2422EA -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\D2BF998A-ECA7-44F8-936B-D8B954 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\D3F76D3B-7217-42F8-B056-8ED58D -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\D7796E6A-15AB-4F8D-ABA2-D8FF6B -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\D874282E-CFF6-4FDA-9A8C-97DDFC -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\DB8F0BC4-677D-486E-8262-5B2D4A -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\DBEB69D1-7229-43D8-87F1-9F6ABA -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\DC7A5318-8272-4A05-A149-3517F3 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\DF3E1FC7-4EF0-4EC2-8480-AFE1AD -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\E12B7ABF-7BD4-483E-BDCF-540990 -> Adware.Wintol : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\E2F112E8-EBA5-4E8A-A037-CF8E51 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\E3C31FFA-71C5-4A46-93A3-1531ED -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\E6A3525B-85F5-4BFB-BD50-650543 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\E8AE84F9-3C38-47F6-A6F3-4A253D -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\EB86E724-7B35-4D8E-B0A6-9C47E7 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\ED2985E3-3C4E-4538-B77F-2DAED1 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\EE8363E6-48B7-4D1E-9841-0C7EB4 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\EF004978-AC98-425D-AC27-E61F49 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\EFF76FF7-9B6E-41C3-878F-198930 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\F0033AC2-17A5-4A9B-B347-13F851 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\F261E760-1B94-48B2-9E4A-54BA82 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\F4FD8611-8A36-4872-8586-191699 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\F765939D-3194-40FC-B7F9-02B5D7 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\F8CF2C7E-A912-4376-86F8-0C3D0A -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\FD83FD89-C199-4F00-AD3A-65B98E -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\FF9308F5-63CB-4C27-84D0-247DE4 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\47493A9B-2A93-405A-A11E-834E07\11CD829D-0850-4295-AD02-99A0E3 -> Adware.Look2Me : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\47493A9B-2A93-405A-A11E-834E07\3DB70F1D-B56C-4DC2-A38A-18D1DE -> Adware.Look2Me : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\47493A9B-2A93-405A-A11E-834E07\AE293A15-4392-415F-9970-00BA1B -> Adware.Look2Me : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\47493A9B-2A93-405A-A11E-834E07\B6D04303-51D6-47D9-8CA2-8D2746 -> Adware.Look2Me : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\47493A9B-2A93-405A-A11E-834E07\C708A48B-7BF9-4D4F-B51B-63C778 -> Adware.Look2Me : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\4CAD9FB4-AD03-4992-B7CA-234EAC\0E4AEC04-75B2-4B30-BF24-14E818 -> Adware.Ucmore : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\4CAD9FB4-AD03-4992-B7CA-234EAC\37E45A89-3AA3-48F8-90FD-E230ED -> Adware.Ucmore : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\74C7E466-D091-45E8-BE3F-8E2AC5\AD61021D-335F-410C-8390-649C31 -> Adware.Look2Me : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\74C7E466-D091-45E8-BE3F-8E2AC5\E1C021E5-8E70-4336-AF40-6AB5E4 -> Adware.Look2Me : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\77F2C2B7-160F-425A-A8EA-DB5DE9\05C0EECF-5456-430C-9AA4-309A97 -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\77F2C2B7-160F-425A-A8EA-DB5DE9\2B8DE750-60C1-4807-A82E-BB98E3 -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\77F2C2B7-160F-425A-A8EA-DB5DE9\4B031ED9-800D-49BC-83E1-A6BFAE -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\77F2C2B7-160F-425A-A8EA-DB5DE9\613C1A35-FE4E-47E9-B276-D4BA48 -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\77F2C2B7-160F-425A-A8EA-DB5DE9\907DA78A-1365-4B3D-AABD-AEEF2A -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\781DEC3D-8BB0-4150-8A24-6600D2\15ACF2AB-BAC4-4C45-B4C3-74D68A -> Adware.Ucmore : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\781DEC3D-8BB0-4150-8A24-6600D2\77545FD0-DCBD-4E80-A119-CD1A4B -> Adware.Ucmore : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\98A99A0E-8333-4517-89A4-F94075\83DC4FA6-213D-42E7-A112-9A9351 -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\98A99A0E-8333-4517-89A4-F94075\D3BF2D4E-4143-48E6-88D5-0A7371 -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\98A99A0E-8333-4517-89A4-F94075\F7329EB1-A27D-4E01-8B6B-4D4D29 -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\98A99A0E-8333-4517-89A4-F94075\F7877119-C9BF-4D87-98E5-EDA7E3 -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\D60F5833-6E18-4311-B263-60A26F\2B7BF724-0B23-49C7-9858-608D33 -> Adware.Ucmore : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\D60F5833-6E18-4311-B263-60A26F\C0AA7DFB-FF49-40D0-B3D0-3365A8 -> Adware.Ucmore : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\E06C92E2-20AE-4D82-88EC-271FEF\26C5ED4D-B79B-4A9A-93AE-39C83C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\NewDotNet -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\rdso\eetu.exe -> Downloader.PurityScan.br : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050235.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050236.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050251.exe -> Adware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050290.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP754\A0050962.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP754\A0051028.exe -> Hijacker.VB.kc : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP754\A0051029.exe -> Downloader.VB.vr : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP754\A0051041.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP754\A0051045.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP754\A0051058.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP754\A0051062.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP756\A0051175.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP756\A0051176.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP756\A0051207.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP756\A0051211.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051232.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051233.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051285.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051300.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051307.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051332.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051336.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051355.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051359.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051379.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\mtuninst.exe -> Adware.MediaTickets : Cleaned with backup
C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Cleaned with backup
C:\WINDOWS\SYSTEM32\hwtw.dll -> Adware.PurityScan : Cleaned with backup
C:\WINDOWS\SYSTEM32\l28m0cl1efq.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\SYSTEM32\l48m0el1ehq.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\SYSTEM32\WJ2TOPL.DLL -> Adware.Look2Me : Cleaned with backup


::Report End

hi

open hijackthis, click do a system scan only
checkmark these items:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {529D7BBE-E059-CEDF-2A06-B8CE6BBFE2BD} - C:\WINDOWS\System32\hwtw.dll (file missing)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [gimmygames] C:\\gimmygames.exe
O4 - HKLM\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.Exe -boot
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKCU\..\Run: [Aida] "C:\Program Files\rdso\eetu.exe" -vt ndrv
O4 - HKCU\..\Run: [Whfag] C:\WINDOWS\System32\??stem\msconfig.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O15 - Trusted Zone: *.adextension.com (HKLM)
O15 - Trusted Zone: *.dollarrevenue.com (HKLM)
O15 - Trusted Zone: *.errorsafe.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.media-motor.com (HKLM)
O15 - Trusted Zone: *.media-motor.net (HKLM)
O15 - Trusted Zone: *.mediatickets.net (HKLM)
O15 - Trusted Zone: *.proben.nu (HKLM)
O15 - Trusted Zone: *.snet.ms (HKLM)
O15 - Trusted Zone: *.snet.tc (HKLM)
O15 - Trusted Zone: *.snipernet.biz (HKLM)
O15 - Trusted Zone: *.snipernet.us (HKLM)
O15 - Trusted Zone: *.sxload.com (HKLM)
O15 - Trusted Zone: *.winfixer.com (HKLM)
O15 - Trusted Zone: *.yoursitebar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted Zone: *.zango.com (HKLM)
O15 - Trusted Zone: *.zangocash.com (HKLM)

then close all browsers and other windows, leaving only hijackthis running

and click fix checked

reboot

post a fresh hjt log

Logfile of HijackThis v1.99.1
Scan saved at 5:32:30 PM, on 2/9/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\All Users\Documents\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [uoltray] C:\Program Files\Juno\exec.exe regrun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.zangocash.com (HKLM)
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - file://D:\Installers\AuthorwareWebPlayer\awswax.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139241753859
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe

I noticed that trusted site zangocash was not gone from last HJT log so scanned again, checked that box, rebooted, ran a new HJT log to make sure that was gone, and it is. Beth~

Logfile of HijackThis v1.99.1
Scan saved at 9:11:37 PM, on 2/9/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\All Users\Documents\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [uoltray] C:\Program Files\Juno\exec.exe regrun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - file://D:\Installers\AuthorwareWebPlayer\awswax.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139241753859
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe

hi

the log is starting to look quite good ;)

lets still do a virus scan:
Please do an online scan with Kaspersky WebScanner (http://www.kaspersky.com/service?chapter=161739400)

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
The program will launch and then begin downloading the latest definition files:
Once the files have been downloaded click on NEXT

Now click on Scan Settings
In the scan settings make that the following are selected:
Scan using the following Anti-Virus database:
Extended (if available otherwise Standard)

Scan Options:
Scan Archives
Scan Mail Bases

Click OK
Now under select a target to scan:Select My Computer

This will start the program and scan your system.
The scan will take a while so be patient and let it run.
Once the scan is complete it will display if your system has been infected.
Now click on the Save as Text button:
Save the file to your desktop.
Copy and paste that information in your next post.

Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\

Scan Statistics
Total number of scanned objects 103147
Number of viruses found 20
Number of infected objects 37
Number of suspicious objects 0
Duration of the scan process 01:44:02

Infected Object Name Virus Name Last Action
C:\Documents and Settings\Beth\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-1e3b1005-369c71d6.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped

C:\Documents and Settings\Beth\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-1e3b1005-369c71d6.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped

C:\Documents and Settings\Beth\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-1e3b1005-369c71d6.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped

C:\Documents and Settings\Beth\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-1e3b1005-369c71d6.zip ZIP: infected - 3 skipped

C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\0EA07990-8837-413B-B60B-D3FBA0 Infected: not-a-virus:AdWare.Win32.Wintol.p skipped

C:\Program Files\Microsoft AntiSpyware\Quarantine\E06C92E2-20AE-4D82-88EC-271FEF\65A57762-F6E1-4C85-9137-44F8C5 Infected: not-a-virus:AdWare.Win32.Wintol.p skipped

C:\RECYCLER\S-1-5-21-519925110-2557909422-4240004532-500\Dc1\eetu.exe Infected: Trojan-Downloader.Win32.PurityScan.bs skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050113.scr Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050114.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.d skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050115.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.z skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050116.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050117.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.af skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050118.SCR Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050119.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.v skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050120.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050121.EXE Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050122.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050123.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050124.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.f skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050125.DLL Infected: not-a-virus:AdWare.Win32.IWon.a skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050126.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050127.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050128.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.ad skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050130.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.ab skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050131.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.i skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050133.dll Infected: not-a-virus:AdWare.Win32.MyWebSearch.p skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050167.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050168.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050169.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.af skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050170.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.p skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050171.EXE Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050172.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050189.exe Infected: Trojan-Clicker.Win32.VB.lb skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050201.dll Infected: not-a-virus:AdWare.Win32.MyWebSearch.p skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051329.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.e skipped

C:\WINDOWS\Downloaded Program Files\UWFX6_0001_N68M2301NetInstaller.exe Infected: not-a-virus:Downloader.Win32.WinFixer.d skipped

C:\WINDOWS\SYSTEM32\oins.exe Infected: not-a-virus:AdWare.Win32.MediaTickets.r skipped

Scan process completed.

hi

delete this file
C:\WINDOWS\SYSTEM32\oins.exe

clear java's cache:
Your scan showed one of more viruses in your Sun Java Runtime Environment (JRE) cache. Delete those by clearing the JRE cache.
To clear the Java Runtime Environment (JRE) cache:
Click Start > Control Panel.
Double-click the Java icon in the control panel.
-The Java Control Panel appears.
Click Settings under Temporary Internet Files.
-The Temporary Files Settings dialog box appears.
Click Delete Files.
-The Delete Temporary Files dialog box appears.
-There are three options on this window to clear the cache.
Delete Files
View Applications
View Applets
Click OK on Delete Temporary Files window.
-Note: This deletes all the Downloaded Applications and Applets from the cache.
Click OK on Temporary Files Settings window.
Close the Java Control Panel
You can view those instructions along with graphics Here (http://www.java.com/en/download/help/5000020300.xml)

reboot

post a final hijackthis log thank you

also tell me if there still are problems

Here is the new HJT log. All of the pop ups are gone, the only thing is when my Microsoft antispyware runs every night, it still finds and then cleans Surfsidekick. It keeps coming back. Beth~

Logfile of HijackThis v1.99.1
Scan saved at 10:29:58 AM, on 2/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\All Users\Documents\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [uoltray] C:\Program Files\Juno\exec.exe regrun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - file://D:\Installers\AuthorwareWebPlayer\awswax.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139241753859
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe

can you post a scan log from microsoft antispyware ?

It seems like I might have gotten it taken care of, there was this file on my computer
C:\WINDOWS\Downloaded Program Files\UWFX6_0001_N68M2301NetInstaller.exe

I tried to search for it and delete it, but it couldn't be found, so I used the pocket killbox program to delete it, and since I deleted it yesterday surfsidekick is no longer found. Here is a fresh HJT log, along with an ewido and kaspersky scan. Beth~

Logfile of HijackThis v1.99.1
Scan saved at 5:11:33 PM, on 2/14/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\All Users\Documents\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [uoltray] C:\Program Files\Juno\exec.exe regrun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - file://D:\Installers\AuthorwareWebPlayer\awswax.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139241753859
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe


---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 5:12:57 PM, 2/13/2006
+ Report-Checksum: D1D94848

+ Scan result:

C:\!KillBox\UWFX6_0001_N68M2301NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-519925110-2557909422-4240004532-500\Dc1\eetu.exe -> Downloader.PurityScan.bs : Cleaned with backup


::Report End

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Tuesday, February 14, 2006 5:06:47 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 14/02/2006
Kaspersky Anti-Virus database records: 176685
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\

Scan Statistics:
Total number of scanned objects: 100779
Number of viruses found: 20
Number of infected objects: 35
Number of suspicious objects: 0
Duration of the scan process: 02:05:05

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Beth\Local Settings\Temporary Internet Files\Content.IE5\GXI3GLYZ\index[1].php Infected: Trojan-Downloader.HTML.Agent.ae skipped
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\0EA07990-8837-413B-B60B-D3FBA0 Infected: not-a-virus:AdWare.Win32.Wintol.p skipped
C:\Program Files\Microsoft AntiSpyware\Quarantine\E06C92E2-20AE-4D82-88EC-271FEF\65A57762-F6E1-4C85-9137-44F8C5 Infected: not-a-virus:AdWare.Win32.Wintol.p skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050113.scr Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050114.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.d skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050115.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.z skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050116.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050117.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.af skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050118.SCR Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050119.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.v skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050120.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050121.EXE Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050122.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050123.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050124.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.f skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050125.DLL Infected: not-a-virus:AdWare.Win32.IWon.a skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050126.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050127.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050128.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.ad skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050130.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.ab skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050131.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.i skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050133.dll Infected: not-a-virus:AdWare.Win32.MyWebSearch.p skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050152.dll Infected: not-a-virus:AdWare.Win32.DownloadWare.a skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050167.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050168.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050169.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.af skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050170.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.p skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050171.EXE Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050172.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050189.exe Infected: Trojan-Clicker.Win32.VB.lb skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050201.dll Infected: not-a-virus:AdWare.Win32.MyWebSearch.p skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051329.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.e skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP793\A0054525.exe Infected: not-a-virus:AdWare.Win32.MediaTickets.r skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP796\A0054629.exe Infected: not-a-virus:Downloader.Win32.WinFixer.d skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP796\A0054630.exe Infected: Trojan-Downloader.Win32.PurityScan.bs skipped

Scan process completed.

hi

Download System Security Suite here:System Security Suite Download & Tutorial (http://www.igorshpak.net/). Unzip it to your desktop. Install the program. Don't use it yet.

Reboot into SafeMode by tapping F8 key repeatedly at bootup: Starting your computer in Safe mode (http://www.bleepingcomputer.com/forums/index.php?showtutorial=61#winxo)

With all windows and browsers closed.
Clean out temporary and Temporary Internet Files.
A. Open System Security Suite.
B. In the Items to Clear tab select for cleaning:
- Internet Explorer (left pane): Cookies & Temporary files
- My Computer (right pane): Temporary files & Recycle Bin
Press the Clear Selected Items button.
Close the program


Open Internet Explorer, and click on the Tools menu and then Internet Options. At the General tab, which should be the first tab you are currently on, click on the Delete Files button and put a checkmark in Delete offline content. Then press the OK button.


reboot

do another kaspersky scan, post the results

most of the malware was in system restore, we will get rid of them once we're through :)

I could not get the security suite to open when my computer was in safe mode, it was not on the desktop and when I went to all programs, I couldn't find it, tried to do a search but then my computer locked up. Restarted in regular mode and went ahead and opened the program and deleted those items. Ran a new kaspersky scan, here are the results, it looks like most are either quarantined or on restore points, except for the trojan downloader in the temp internet files. Oh I also have ATF cleaner and have deleted everything except the internet history. Beth~

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Wednesday, February 15, 2006 7:00:13 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 15/02/2006
Kaspersky Anti-Virus database records: 176939
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\

Scan Statistics:
Total number of scanned objects: 86555
Number of viruses found: 20
Number of infected objects: 35
Number of suspicious objects: 0
Duration of the scan process: 01:33:01

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Beth\Local Settings\Temporary Internet Files\Content.IE5\GXI3GLYZ\index[1].php Infected: Trojan-Downloader.HTML.Agent.ae skipped
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\0EA07990-8837-413B-B60B-D3FBA0 Infected: not-a-virus:AdWare.Win32.Wintol.p skipped
C:\Program Files\Microsoft AntiSpyware\Quarantine\E06C92E2-20AE-4D82-88EC-271FEF\65A57762-F6E1-4C85-9137-44F8C5 Infected: not-a-virus:AdWare.Win32.Wintol.p skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050113.scr Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050114.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.d skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050115.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.z skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050116.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050117.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.af skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050118.SCR Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050119.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.v skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050120.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050121.EXE Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050122.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050123.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050124.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.f skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050125.DLL Infected: not-a-virus:AdWare.Win32.IWon.a skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050126.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050127.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050128.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.ad skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050130.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.ab skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050131.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.i skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050133.dll Infected: not-a-virus:AdWare.Win32.MyWebSearch.p skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050152.dll Infected: not-a-virus:AdWare.Win32.DownloadWare.a skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050167.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050168.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050169.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.af skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050170.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.p skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050171.EXE Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050172.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050189.exe Infected: Trojan-Clicker.Win32.VB.lb skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050201.dll Infected: not-a-virus:AdWare.Win32.MyWebSearch.p skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051329.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.e skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP793\A0054525.exe Infected: not-a-virus:AdWare.Win32.MediaTickets.r skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP796\A0054629.exe Infected: not-a-virus:Downloader.Win32.WinFixer.d skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP796\A0054630.exe Infected: Trojan-Downloader.Win32.PurityScan.bs skipped

Scan process completed.

Okay, here is a new Kaspersky scan after I logged into the user Beth on my computer and deleted all cookies, and temp internet files to include offline content. Looks like all the found items are quarantined or on restore points. Beth~

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Wednesday, February 15, 2006 10:06:14 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 16/02/2006
Kaspersky Anti-Virus database records: 176969
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\

Scan Statistics:
Total number of scanned objects: 83994
Number of viruses found: 19
Number of infected objects: 34
Number of suspicious objects: 0
Duration of the scan process: 01:29:39

Infected Object Name / Virus Name / Last Action
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\0EA07990-8837-413B-B60B-D3FBA0 Infected: not-a-virus:AdWare.Win32.Wintol.p skipped
C:\Program Files\Microsoft AntiSpyware\Quarantine\E06C92E2-20AE-4D82-88EC-271FEF\65A57762-F6E1-4C85-9137-44F8C5 Infected: not-a-virus:AdWare.Win32.Wintol.p skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050113.scr Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050114.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.d skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050115.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.z skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050116.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050117.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.af skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050118.SCR Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050119.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.v skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050120.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050121.EXE Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050122.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050123.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050124.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.f skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050125.DLL Infected: not-a-virus:AdWare.Win32.IWon.a skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050126.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050127.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050128.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.ad skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050130.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.ab skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050131.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.i skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050133.dll Infected: not-a-virus:AdWare.Win32.MyWebSearch.p skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050152.dll Infected: not-a-virus:AdWare.Win32.DownloadWare.a skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050167.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050168.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050169.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.af skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050170.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.p skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050171.EXE Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050172.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050189.exe Infected: Trojan-Clicker.Win32.VB.lb skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050201.dll Infected: not-a-virus:AdWare.Win32.MyWebSearch.p skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051329.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.e skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP793\A0054525.exe Infected: not-a-virus:AdWare.Win32.MediaTickets.r skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP796\A0054629.exe Infected: not-a-virus:Downloader.Win32.WinFixer.d skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP796\A0054630.exe Infected: Trojan-Downloader.Win32.PurityScan.bs skipped

Scan process completed.

hi
yeps. looks good, you really need to erase internet histories too to get rid of that one downloader

for system restore, read a little further:

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:
Disable and Enable System Restore. - If you are using Windows ME or XP then you should disable and re-enable system restore to make sure there are no infected files found in a restore point.

You can find instructions on how to enable and reenable system restore here:

Managing Windows Millenium System Restore (http://www.bleepingcomputer.com/forums/tutorial63.html)

or

Windows XP System Restore Guide (http://www.bleepingcomputer.com/forums/tutorial56.html)

Reenable system restore with instructions from tutorial above


Make your Internet Explorer more secure - This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.

Change the Download signed ActiveX controls to Prompt

Change the Download unsigned ActiveX controls to Disable

Change the Initialize and script ActiveX controls not marked as safe to Disable

Change the Installation of desktop items to Prompt

Change the Launching programs and files in an IFRAME to Prompt

Change the Navigate sub-frames across different domains to Prompt

When all these settings have been made, click on the OK button.

If it prompts you as to whether or not you want to save the settings, press the Yes button.

Next press the Apply button and then the OK to exit the Internet Properties page.

Use an AntiVirus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

See this link for a listing of some online & their stand-alone antivirus programs:

Virus, Spyware, and Malware Protection and Removal Resources (http://www.bleepingcomputer.com/forums/topict405.html)


Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.


Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

For a tutorial on Firewalls and a listing of some available ones see the link below:

Understanding and Using Firewalls (http://www.bleepingcomputer.com/forums/tutorial60.html)


Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com (http://www.windowsupdate.com) regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.


Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an antivirus software.

A tutorial on installing & using this product can be found here:

Using Spybot - Search & Destroy to remove Spyware , Malware, and Hijackers (http://www.bleepingcomputer.com/forums/tutorial43.html)


Install Ad-Aware - Install and download Ad-Aware. ou should also scan your computer with program on a regular basis just as you would an antivirus software in conjunction with Spybot.

A tutorial on installing & using this product can be found here:

Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer (http://www.bleepingcomputer.com/forums/tutorial48.html)


Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

A tutorial on installing & using this product can be found here:

Using SpywareBlaster to protect your computer from Spyware and Malware (http://www.bleepingcomputer.com/forums/tutorial49.html)


Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Follow this list and your potential for being infected again will reduce dramatically.

here are some additional utilities that will enhance your safety

IE/Spyad (https://netfiles.uiuc.edu/ehowes/www/resource.htm) <= IE/Spyad places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
MVPS Hosts file (http://mvps.org/winhelp2002/hosts.htm) <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your coputer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer
Google Toolbar (http://toolbar.google.com/) <= Get the free google toolbar to help stop pop up windows.
Winpatrol (http://www.winpatrol.com/) <= Download and install the free version of Winpatrol. a tutorial for this product is located here:
Using Winpatrol to protect your computer from malicious software (http://www.winpatrol.com/features.html)

Okay I am all clean, cleared the restore points, have run all scanners I have and they are all clean, woo, hoo!! I have one last question, while going to download ad-aware, how can I be sure it is the real ad-aware and not some other adware program? Also I saw something about a regristry cleaner, do you recommend this? Beth~

hi

adaware, download it from the authors site ( lavasofts)
www.lavasoft.de for example

i do recommend registry cleaners
be sure to make backups though
my favorite freeware cleaner is regseeker from hoverdesk www.hoverdesk.net/freeware.htm
my favorite "payware" cleaner is jv power tools, which includes other useful utilities www.macecraft.com

As the problem appears to be resolved this topic will be archived.
If you need it re-opened please send me a pm and provide a link to the topic.
Glad we could help, thank you illukka.