Surfside Kick that wont go away

A

aefloyd

New member
I have done all that I know to do to get rid of this bugger and others like newdotnet. I have Microsoft antispyware, and have recently downloaded spybot s&d, I am also running Grisoft anitvirus software. Everytime my computer is cleaned these guys return and I am being bombarded with popups! Here is my HJT log. Thanks for your help! Beth~

Logfile of HijackThis v1.99.1
Scan saved at 6:48:13 PM, on 2/7/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\DIGStream\digstream.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Java\jre1.5.0_04\bin\jucheck.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\rdso\eetu.exe
C:\WINDOWS\System32\??stem\msconfig.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\All Users\Documents\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.juno.com/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.juno.com/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.juno.com/s/search?r=minisearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\JUSearch\SearchEnh1.dll
R3 - URLSearchHook: (no name) - {529D7BBE-E059-CEDF-2A06-B8CE6BBFE2BD} - C:\WINDOWS\System32\hwtw.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: JunoBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\Juno\Toolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [gimmygames] C:\\gimmygames.exe
O4 - HKLM\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.Exe -boot
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKCU\..\Run: [uoltray] C:\Program Files\Juno\exec.exe regrun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Aida] "C:\Program Files\rdso\eetu.exe" -vt mt
O4 - HKCU\..\Run: [Whfag] C:\WINDOWS\System32\??stem\msconfig.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzed001DIUS_ZB
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.dollarrevenue.com
O15 - Trusted Zone: *.errorsafe.com
O15 - Trusted Zone: *.imagesrvr.com
O15 - Trusted Zone: *.media-motor.com
O15 - Trusted Zone: *.mediatickets.net
O15 - Trusted Zone: *.proben.nu
O15 - Trusted Zone: *.snet.ms
O15 - Trusted Zone: *.snet.tc
O15 - Trusted Zone: *.snipernet.biz
O15 - Trusted Zone: *.snipernet.us
O15 - Trusted Zone: *.sxload.com
O15 - Trusted Zone: *.winfixer.com
O15 - Trusted Zone: *.yoursitebar.com
O15 - Trusted Zone: *.zango.com
O15 - Trusted Zone: *.zangocash.com
O15 - Trusted Zone: *.adextension.com (HKLM)
O15 - Trusted Zone: *.dollarrevenue.com (HKLM)
O15 - Trusted Zone: *.errorsafe.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.media-motor.com (HKLM)
O15 - Trusted Zone: *.media-motor.net (HKLM)
O15 - Trusted Zone: *.mediatickets.net (HKLM)
O15 - Trusted Zone: *.proben.nu (HKLM)
O15 - Trusted Zone: *.snet.ms (HKLM)
O15 - Trusted Zone: *.snet.tc (HKLM)
O15 - Trusted Zone: *.snipernet.biz (HKLM)
O15 - Trusted Zone: *.snipernet.us (HKLM)
O15 - Trusted Zone: *.sxload.com (HKLM)
O15 - Trusted Zone: *.winfixer.com (HKLM)
O15 - Trusted Zone: *.yoursitebar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted Zone: *.zango.com (HKLM)
O15 - Trusted Zone: *.zangocash.com (HKLM)
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - file://D:\Installers\AuthorwareWebPlayer\awswax.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139241753859
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: Reliability - C:\WINDOWS\system32\l8p2li7o18.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
 
hi

good grief, thats an infected log...



Please create a list of programs that can be removed using Add/Remove Programs
Start HiJackThis
Press 'Config'
Press 'Misc Tools'
Press 'Open Uninstall Manager'
Press 'Save List'
Save the log to a convenient location
Copy the log and post its contents in this thread


then



Please download ewido anti malware it is a free version of the program.
  1. Install ewido security suite
  2. When installing, under "Additional Options" uncheck..
    • Install background guard
    • Install scan via context menu
  3. Launch ewido, there should be an icon on your desktop, double-click it.
  4. The program will now open to the main screen.
  5. When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
  6. You will need to update ewido to the latest definition files.
    • On the left hand side of the main screen click update.
    • Then click on Start Update.
  7. The update will start and a progress bar will show the updates being installed.
    (the status bar at the bottom will display ("Update successful")
If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates

Once the updates are installed do the following:

reboot your computer in SafeMode by doing the following:
  1. Restart your computer
  2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
  3. Instead of Windows loading as normal, a menu should appear
  4. Select the first option, to run Windows in Safe Mode.

then launch ewido:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • You will be prompted to clean the first infection.
  • Select "Perform action on all infections", then proceed.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report .txt file to your desktop or a location where you can find it easily.
Close ewido security suite.


reboot back to normal mode
post the uninstall list, the ewido report
and a fresh hijackthis log
 
new log

okay have done all, hopefully right. Here is the uninstall

3D Groove Playback Engine
Adobe Acrobat 5.0
Adobe Download Manager 1.2 (Remove Only)
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 6.0.1
AdwareAlert 3.6.2.1
aspi
AVG Free Edition
Broadcom Management Programs
CCHelp
CCScore
Conexant SmartHSFi V.9x 56K DF PCI Modem
Dell Digital Jukebox Driver
Dell Media Experience
Dell Solution Center
Dell Support 5.0.0 (766)
Digital Line Detect
Diner Dash (remove only)
DirectX 9 Hotfix - KB839643
Disney's Toontown Online
Dosages and Solutions
Dual Mode Camera
Electronic Care Plan Maker Pediatric
ESPNMotion
ESSAdpt
ESSANUP
ESSBrwr
ESSCAM
ESSCDBK
ESScore
ESSCT
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSTUTOR
ESSvpaht
ESSvpot
ewido anti-malware
F.A. Davis's Nursing Care Plan, ed. 6, on CD-ROM
HijackThis 1.99.1
HLPCCTR
HLPIndex
HLPPDOCK
Homestead SiteBuilder LPX
Intel(R) Extreme Graphics Driver
Internet Explorer Default Page
iTunes
J2SE Runtime Environment 5.0 Update 4
Jasc Paint Shop Photo Album
Jasc Paint Shop Pro 8 Dell Edition
Java 2 Runtime Environment, SE v1.4.2
JumpStart Animal Field Trip
JumpStart Arts and Crafts
Juno
Kinko's File Prep Tool
Kodak EasyShare software
KSU
Learn2 Player (Uninstall Only)
Macromedia Shockwave Player
Math 2
MediaTickets By OIN
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft AntiSpyware
Microsoft Data Access Components KB870669
Microsoft Encarta Encyclopedia Standard 2004
Microsoft Learning and Research Plus Support Files
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Premium
Microsoft Office Professional Edition 2003
Microsoft Picture It! Express 7.0
Modem Helper
Mozilla Firefox (1.5)
MSN
MSN Gaming Zone
MSN Internet Software
MSN Messenger 5.0
Musicmatch® Jukebox
Mystery Club Making of a Mastermind
NCLEX-RN 3500 - Individual Version
NetWaiting
Notifier
OpenMG Limited Patch 3.4-04-16-16-01
OpenMG Secure Module 3.4.01
OTtBP
PCDLNCH
PharmDisk 2006
PhoTags Express
QuickTime
RealOne Player
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905495)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB912919)
SFR
SFR2
Shockwave
Snood for Windows version 3.52-W
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
SonicStage 2.0.06
SpongeBob pinball
Spybot - Search & Destroy 1.4
SpywareBlaster v3.5.1
Trivia Machine (remove only)
TurboTax Basic 2005
TurboTax ItsDeductible 2005
Update for Windows XP (KB835409)
Update for Windows XP (KB898461)
Update for Windows XP (KB910437)
USAFSE Gold
VCAMCEN
Viewpoint Manager (Remove Only)
Viewpoint Media Player
VPRINTOL
WexTech AnswerWorks
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player Hotfix [See Q828026 for more information]
Windows XP Hotfix - KB810217
Windows XP Hotfix - KB821557
Windows XP Hotfix - KB823182
Windows XP Hotfix - KB824105
Windows XP Hotfix - KB824141
Windows XP Hotfix - KB825119
Windows XP Hotfix - KB828741
Windows XP Hotfix - KB833407
Windows XP Hotfix - KB835732
Windows XP Hotfix - KB837001
Windows XP Hotfix - KB839645
Windows XP Hotfix - KB840315
Windows XP Hotfix - KB840374
Windows XP Hotfix - KB841873
Windows XP Hotfix - KB842773
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB889293
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Hotfix - KB897715
Windows XP Hotfix - KB905915
Windows XP Hotfix (SP2) [See Q329115 for more information]
Windows XP Hotfix (SP2) [See Q329390 for more information]
Windows XP Hotfix (SP2) [See Q329834 for more information]
Windows XP Hotfix (SP2) Q329170
Windows XP Hotfix (SP2) Q329441
Windows XP Hotfix (SP2) Q810565
Windows XP Hotfix (SP2) Q810577
Windows XP Hotfix (SP2) Q810833
Windows XP Hotfix (SP2) Q811493
Windows XP Hotfix (SP2) Q814033
Windows XP Hotfix (SP2) Q815021
Windows XP Hotfix (SP2) Q817287
Windows XP Hotfix (SP2) Q817606
WordPerfect Office 11
Yahoo! Address AutoComplete
Yahoo! extras
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Messenger Explorer Bar
Yahoo! Toolbar

The others will be in different posts.
Beth~
 
HJT log

And the new HJT log

Logfile of HijackThis v1.99.1
Scan saved at 3:49:27 PM, on 2/8/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\System32\??stem\msconfig.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Java\jre1.5.0_04\bin\jucheck.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\rdso\eetu.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\All Users\Documents\HijackThis.exe
C:\WINDOWS\System32\rundll32.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.juno.com/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.juno.com/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.juno.com/s/search?r=minisearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\JUSearch\SearchEnh1.dll
R3 - URLSearchHook: (no name) - {529D7BBE-E059-CEDF-2A06-B8CE6BBFE2BD} - C:\WINDOWS\System32\hwtw.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: JunoBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\Juno\Toolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [gimmygames] C:\\gimmygames.exe
O4 - HKLM\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.Exe -boot
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKCU\..\Run: [uoltray] C:\Program Files\Juno\exec.exe regrun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Aida] "C:\Program Files\rdso\eetu.exe" -vt ndrv
O4 - HKCU\..\Run: [Whfag] C:\WINDOWS\System32\??stem\msconfig.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzed001DIUS_ZB
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.adextension.com (HKLM)
O15 - Trusted Zone: *.dollarrevenue.com (HKLM)
O15 - Trusted Zone: *.errorsafe.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.media-motor.com (HKLM)
O15 - Trusted Zone: *.media-motor.net (HKLM)
O15 - Trusted Zone: *.mediatickets.net (HKLM)
O15 - Trusted Zone: *.proben.nu (HKLM)
O15 - Trusted Zone: *.snet.ms (HKLM)
O15 - Trusted Zone: *.snet.tc (HKLM)
O15 - Trusted Zone: *.snipernet.biz (HKLM)
O15 - Trusted Zone: *.snipernet.us (HKLM)
O15 - Trusted Zone: *.sxload.com (HKLM)
O15 - Trusted Zone: *.winfixer.com (HKLM)
O15 - Trusted Zone: *.yoursitebar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted Zone: *.zango.com (HKLM)
O15 - Trusted Zone: *.zangocash.com (HKLM)
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - file://D:\Installers\AuthorwareWebPlayer\awswax.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139241753859
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: ShellServiceObjectDelayLoad - C:\WINDOWS\system32\mvnol9531.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe

The EWIDO report is like 88000 characters long so I am going to have to break it up into 5 diferent posts.
I am thinking something might still be lurking as I have had a few pop ups coming up. Oh and I got 2 error messages at startup both rundll errors about not being able to find these modules; newdotnet, and urloader which I know are both spyware, which should be a good thing?

Thanks
Beth~
 
EWIDO report part 1

+ Scan result:

HKLM\SOFTWARE\Classes\PROTOCOLS\Name-Space Handler\res -> Adware.WebSearch : Cleaned with backup
HKLM\SOFTWARE\Effective-i -> Adware.EffectiveBrandToolbar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\STO -> Adware.WebSearch : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaTickets -> Adware.PurityScan : Cleaned with backup
[708] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Cleaned with backup
[856] C:\WINDOWS\system32\VBR.DLL -> Adware.Look2Me : Error during cleaning
C:\Documents and Settings\Beth\Cookies\beth@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@ads.realcastmedia[1].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@c5.zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@data4.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@linksynergy[2].txt -> TrackingCookie.Linksynergy : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@media.fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@overture[2].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned with backup
C:\Documents and Settings\Beth\Cookies\beth@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.6:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.8:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.9:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.11:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.129:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
 
EWIDO report part 2

:mozilla.130:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.153:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.154:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.155:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.158:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.169:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.192:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.193:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.194:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.234:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.235:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.246:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.247:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.248:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.249:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.256:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.258:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.259:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.260:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.261:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.262:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.263:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.284:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.297:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.299:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.300:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.301:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.304:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.305:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.310:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.318:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.320:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.321:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.322:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.323:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.324:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.325:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.326:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.327:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.328:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.329:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.330:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.331:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.332:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.333:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.334:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.335:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.336:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.349:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup
:mozilla.362:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.370:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.371:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.372:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.373:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.374:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.375:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.376:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.377:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.378:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.379:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.380:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.381:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.382:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.383:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.389:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.390:C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\iej6lqe9.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
 
EWIDO report part 3

C:\Documents and Settings\Greg\Cookies\greg@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@ads.realcastmedia[1].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@ads1.revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@c5.zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@citi.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@com[2].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@data4.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@reduxads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@sel.as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@trafficmp[3].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned with backup
C:\Documents and Settings\Greg\Cookies\greg@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\!update.exe -> Downloader.PurityScan.br : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfk4ogdzcdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfk4qpajihp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfkickc5eho.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfkocicjicp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfkykmc5glo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfl4agdzcbq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfl4aiczcko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfl4sndpofp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wflicjdpmko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfligndpako.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfliqgajohp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wflocgcjckp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfloelc5klp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfloghczkao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfloskdpgkp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wfmiehazkdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjk4cmazsgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjk4cnd5eao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjk4enc5aho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjk4khczcfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjk4kncpeeq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkoaocjalp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkoclcpkkp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkoeidpmap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkogodzgdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkookajofo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkoooczeko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkoqjczmgp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkowhcpocq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkychdpobo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkyckdzmhp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkygodzwbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkyskazglq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkyslazalo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjkywhcjkcq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjl4qhdpmdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjl4whc5caq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlicgdpsap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlieiazadp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlikhdpobo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlikndjmlq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjliqgazicp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjliwjd5ado.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjloaod5ilq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlocmc5elp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjloeodjgco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlokgcpekp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlooic5klp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjloolcpegq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlowicjego.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlowmcpmko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlowpajcbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlowpcjafq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlyapajmbq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlyeoc5gep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlygnazakp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlyomdpobo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjlysmcjikp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjmiqicjwkp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
 
EWIDO report part 4

C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjmiuiczmfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjmiwkd5ecp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjmyalczgao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjmygldjmbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjmyqpd5keo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1gcpwc.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1iajmb.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1id5sc.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1jazcf.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1jcpwf.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1ocpkf.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1oczol.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1pcpah.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1pcpka.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjny-1sc5ah.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyahcjaao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyajdzagp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyancjcbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnycpdjcao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyeidzcap.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyencjado.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyggazego.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnygkdzeco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnygmczgfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnygpcjehq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyogd5weo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyohd5mdq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyohdpmlp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyojdzgdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyokdzkbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyoldzcfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyond5afo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyondpofq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyqgd5sdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyshd5gho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyslc5igq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyukd5eco.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyukdjwhp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@e-2dj6wjnyuocjedp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@servedby.advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\Cookies\greg@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\temp.cab/IExploreSkins.exe -> Adware.WebSearch : Error during cleaning
C:\Documents and Settings\Greg\Local Settings\Temp\temp.cab/toolbar.dll -> Adware.WebSearch : Error during cleaning
C:\Documents and Settings\Greg\Local Settings\Temp\toolbar.dll -> Adware.WebSearch : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\~1968.tmp -> Adware.Wintol : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\~481.tmp -> Adware.Wintol : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\~640990.tmp -> Adware.Wintol : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\~643567.tmp -> Adware.Wintol : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\~654369.tmp -> Adware.Wintol : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\~767.tmp -> Adware.Wintol : Cleaned with backup
C:\Documents and Settings\Greg\Local Settings\Temp\~889.tmp -> Adware.Wintol : Cleaned with backup
C:\Program Files\DIGStream\digstream.exe -> Not-A-Virus.Downloader.Win32.DigStream.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\18CCAB69-3973-485C-B751-D78CA8\A20100E8-AEE8-4F69-88D6-D51CA0 -> Adware.Look2Me : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1A9F9233-A749-4FAC-8847-F364A9\468493ED-0179-45BC-AD90-CC6200 -> Adware.Ucmore : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1A9F9233-A749-4FAC-8847-F364A9\EA45F2C2-FDF7-4DE3-BB9E-BEE18A -> Adware.Ucmore : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\243CA0FC-9FF4-49CA-A233-2BC1A0\16D3D116-55FF-436F-A9C0-6DB2EC -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\0286F81B-FFBA-4D62-BDA2-7A8FF3 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\059A590D-0696-4313-8698-DF1665 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\0763A2DD-AE23-4467-B66A-F91B3C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\0917CE9C-3E2B-4483-976B-45F36E -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\0D32DE29-02A3-4263-8FF2-9D082B -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\0D78C13E-1BE9-471C-9FF9-463E54 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\121D098E-3B02-4D51-AB54-3B5CC0 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\137DF8B2-7CE1-42B1-861E-7865B3 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\14159592-A682-41A9-9CB3-D9C90B -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\14AAC346-00AC-4D72-A305-4F4EB2 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\14DC3AC9-9DAC-43E8-B8F1-46F290 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\14E2891B-EF7D-44A2-995F-3DE085 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\15442497-7212-4A65-95C8-5A536C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\15A04505-1031-436C-9C54-20037D -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\1A3D1EA2-5E08-441D-B2FD-AF94BA -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\1B12E4AF-01FB-42C5-9773-AD4C42 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\1F12E242-9A39-4526-A603-E82319 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\1F5F855B-3D86-45D5-B155-9F6970 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\213FBC7B-3534-4056-9B6E-E16EDD -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\268DC284-5444-450C-82E9-F5B3CC -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\272DFEA5-5CA6-49DB-8A12-0C9FDE -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\27A36933-F650-478A-95D6-C95217 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2804A4DB-E8E2-4057-96AF-7B0879 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\29388388-1F72-4596-933F-8D2CD7 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\29E8E2A9-B75A-4E20-A59A-ADCA1A -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2A20A73A-5A74-407C-9412-D9727D -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2A2DBB8E-2368-4937-BDF8-E47AEB -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2A671B51-9AB3-4D13-9BAF-D93B75 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2A69AEEE-6C1B-4BD3-8B1B-56971A -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2B3201D2-E9CD-416B-83D4-66B99C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2C71CA3E-23CC-404F-989D-ABDCD6 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2D96FF9E-2717-47C0-88DF-83C18F -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2E76F829-A27F-45C0-9A35-3BC779 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\2ED25033-9209-4AC7-8556-AD32FE -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\32DE8930-FB25-4307-AA0C-0C5365 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\34C642DC-5AFA-4408-AE97-A979B3 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\3514AC16-CB06-4D95-9697-D193C7 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\36408B06-BFE5-4C90-96FE-F8CB5C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\368F8E8B-9F97-4F97-AC36-29020B -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\36D224CF-28DB-4930-9390-20811A -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\390361CD-7063-44D2-8728-C85328 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\3B899085-34E7-4636-BB0A-F8C1FD -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\3BDAE7A3-720C-492A-96A9-A35290 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\3D0F19D5-C766-4930-84C6-9416ED -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\3DEEF038-AD8C-4439-BCA5-6ECD16 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\400EA1D1-B0BC-4A3F-B6CD-997DD5 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\41BA9C85-FC03-4FC9-8540-0854EF -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\44758C95-12EB-43B2-9F42-8F439F -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\45A79E95-961B-47C9-B3F2-B417BE -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\45DAC858-1C42-425B-A826-60C442 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\477C2585-B69F-4572-99B0-283248 -> Adware.Wintol : Cleaned with backup
 
EWIDO report part 5

C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\47E43F31-62ED-43D0-87F8-5F48D4 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\49E9F660-4422-4A40-B879-66666B -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\4C96AFDB-4055-4A20-9F5A-520D04 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\4D3A00E0-7C60-4978-813C-22EC8C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\4DDFCD8D-E733-445B-822F-0FEF54 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\4E7945EC-2D01-4E32-A9B8-BDA668 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\50CFC3C8-CC37-4618-883D-F37858 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\52D1E31D-0D3F-4D16-A357-FEFE0F -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\52D2EDF6-3DD6-45A4-A621-DEA713 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\52EDB393-B4CA-43BF-9EBC-FE68DC -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\532B7F27-6D53-4559-81A2-0A8B50 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\533C9506-CEBA-47AC-908F-AAD15E -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\580200DC-468B-494F-ACB9-37E2BD -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\5A8DACFE-EAC9-4A6B-B89E-97A6BD -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\5B5AEE74-6FE0-434B-AFB5-5FF020 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\6202C330-DCC1-48A5-B7E6-240A3F -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\63AE32C1-B6E6-46DA-8826-397360 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\641E1C4C-5553-4E8D-A18C-98C129 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\6676D929-F2CE-489F-98ED-01FB01 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\69788D80-3680-40F7-A0B5-376A64 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\6ADF4C13-1B89-4166-BD03-492D90 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\6B9E155B-DAC7-4CEE-BA63-DB0710 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\6E5B252E-013E-4D8D-80B3-6A8954 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\6F88EE30-2AAA-44E2-9C0E-2DB448 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\6FC9CD98-FD52-41C8-9927-85E812 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\71D94D6C-852E-49F7-B70C-463D45 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\731EDD36-208C-44E2-95E7-147629 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\7586CF2B-13D4-4539-A7E9-E4EEF8 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\776EA619-2A6E-403D-B7F9-2FFBE6 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\78F8841F-08F7-4831-B735-C80889 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\79170CC6-B7AD-44D4-B6D0-BDA14F -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\79662380-E312-48CC-936F-EF4926 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\7A753088-292F-465C-A421-2B031F -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\7FB80533-2402-4D4D-9F47-D986F8 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\818CA52F-E09E-461A-9999-E4831C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\81B8830E-333B-45B0-81E2-1DF88B -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\826D6EB6-CCD3-4507-BE6A-BFA61D -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\83E7E752-541C-4EE3-87A0-A30B89 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\8409DBEF-D51C-4815-A868-814CDB -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\84690ABB-EB35-495F-8565-CC3640 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\863F1A04-E8E3-428F-B48E-9CB188 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\8746B259-CE55-46E4-BB11-B158C5 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\87586FD7-A827-4AD1-83FB-3B6B06 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\8771ACB0-92A1-4C51-A442-65E8D2 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\8B90A64A-2A12-43EA-8FC1-992C84 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\8BCF2C79-3FFB-47A2-97AB-2B8AF3 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\8E029803-A778-4196-A2BA-60EBF3 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\8E580862-D139-4C82-8A3C-7D0430 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\8EAEB917-6ADA-4B1A-8A56-E8EA51 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\8F17D36F-A554-48F3-A1CF-B4E2B0 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\91941C6A-2CD7-4BDE-807C-FD1E38 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\98F1A7F5-8AB1-4643-BF06-C9C975 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\997E6BE0-39C7-4929-8C08-B027CD -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\99CFA38D-4EFC-4490-B03B-19497C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\9AEF6989-52F0-4848-AAA2-CC6F40 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\9AFE6A07-B3A2-4870-BFC4-EEA06D -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\9B100266-B3AF-425F-A8E3-176D64 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\9BBCE5EE-C865-4F55-ADF5-3819A4 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\9D1FF42F-272A-43D5-BE03-9A59B8 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\9E3F0235-8720-4369-A6E8-E90BE3 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\9F0591F6-D767-4297-A4CB-A10AEF -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\9FA2FC4B-15BA-4EA4-92EA-C5DA7F -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\9FF3B219-E679-47AE-8C4E-56BD8E -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\A01551E5-B6A0-4492-8A85-3A32F4 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\A1F5B59B-2931-4D19-BFEC-775D41 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\A48C6EC7-3503-428A-B8A0-38C08A -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\AB2565C9-70AE-4CBE-84C9-963E65 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\AB5AC0B6-190A-46D5-BB53-0C9E1C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\ACECB626-2DD2-4A2C-AEDC-547DAB -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\AD1824ED-EE64-46A8-9719-9CD773 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\B1DB99D5-6B48-4F6D-A0B9-AF8CCA -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\B3245DD4-37DF-45BB-91E8-9DFED5 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\B34586CA-A591-4644-817D-4C0C44 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\B3EEADE8-5B63-46FE-B91B-18D510 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\B45FD1BD-0B65-4AB3-BA5D-2CE3B8 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\B58FD763-4A90-416E-B957-89CD4C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\B6DF84FB-70B0-4E33-9675-AADC0E -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\B9E5C50B-0D18-4017-8C62-594387 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\BAA92BC8-00C0-48B6-A3FE-C9F635 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\BBDEA276-5881-4D66-AE0E-2B762B -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\BE0F8CCB-C728-492D-850D-6D60BA -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\BE3A19F0-53A6-4FAD-9D40-D7935E -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\C2956F60-62F3-4C37-BA55-7723B0 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\C2A370FF-E366-474A-BFF8-6728F9 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\C2A7861F-7AA9-4DFD-A749-955770 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\C7E8A27A-2A4E-43CE-8966-B2CCE0 -> Downloader.Wintool.a : Cleaned with backup
 
EWIDO report final part

C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\CA3E9EA0-AFFB-41C7-9220-C58E7F -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\CA73C2EB-AD68-4F29-B382-650F8D -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\CA8A831B-04C7-4814-8A09-3FEB7B -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\CB576BDC-178D-44AE-9D40-0019A3 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\D1AE9005-452F-4379-AA1B-2422EA -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\D2BF998A-ECA7-44F8-936B-D8B954 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\D3F76D3B-7217-42F8-B056-8ED58D -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\D7796E6A-15AB-4F8D-ABA2-D8FF6B -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\D874282E-CFF6-4FDA-9A8C-97DDFC -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\DB8F0BC4-677D-486E-8262-5B2D4A -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\DBEB69D1-7229-43D8-87F1-9F6ABA -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\DC7A5318-8272-4A05-A149-3517F3 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\DF3E1FC7-4EF0-4EC2-8480-AFE1AD -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\E12B7ABF-7BD4-483E-BDCF-540990 -> Adware.Wintol : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\E2F112E8-EBA5-4E8A-A037-CF8E51 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\E3C31FFA-71C5-4A46-93A3-1531ED -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\E6A3525B-85F5-4BFB-BD50-650543 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\E8AE84F9-3C38-47F6-A6F3-4A253D -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\EB86E724-7B35-4D8E-B0A6-9C47E7 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\ED2985E3-3C4E-4538-B77F-2DAED1 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\EE8363E6-48B7-4D1E-9841-0C7EB4 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\EF004978-AC98-425D-AC27-E61F49 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\EFF76FF7-9B6E-41C3-878F-198930 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\F0033AC2-17A5-4A9B-B347-13F851 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\F261E760-1B94-48B2-9E4A-54BA82 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\F4FD8611-8A36-4872-8586-191699 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\F765939D-3194-40FC-B7F9-02B5D7 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\F8CF2C7E-A912-4376-86F8-0C3D0A -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\FD83FD89-C199-4F00-AD3A-65B98E -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\FF9308F5-63CB-4C27-84D0-247DE4 -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\47493A9B-2A93-405A-A11E-834E07\11CD829D-0850-4295-AD02-99A0E3 -> Adware.Look2Me : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\47493A9B-2A93-405A-A11E-834E07\3DB70F1D-B56C-4DC2-A38A-18D1DE -> Adware.Look2Me : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\47493A9B-2A93-405A-A11E-834E07\AE293A15-4392-415F-9970-00BA1B -> Adware.Look2Me : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\47493A9B-2A93-405A-A11E-834E07\B6D04303-51D6-47D9-8CA2-8D2746 -> Adware.Look2Me : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\47493A9B-2A93-405A-A11E-834E07\C708A48B-7BF9-4D4F-B51B-63C778 -> Adware.Look2Me : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\4CAD9FB4-AD03-4992-B7CA-234EAC\0E4AEC04-75B2-4B30-BF24-14E818 -> Adware.Ucmore : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\4CAD9FB4-AD03-4992-B7CA-234EAC\37E45A89-3AA3-48F8-90FD-E230ED -> Adware.Ucmore : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\74C7E466-D091-45E8-BE3F-8E2AC5\AD61021D-335F-410C-8390-649C31 -> Adware.Look2Me : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\74C7E466-D091-45E8-BE3F-8E2AC5\E1C021E5-8E70-4336-AF40-6AB5E4 -> Adware.Look2Me : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\77F2C2B7-160F-425A-A8EA-DB5DE9\05C0EECF-5456-430C-9AA4-309A97 -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\77F2C2B7-160F-425A-A8EA-DB5DE9\2B8DE750-60C1-4807-A82E-BB98E3 -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\77F2C2B7-160F-425A-A8EA-DB5DE9\4B031ED9-800D-49BC-83E1-A6BFAE -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\77F2C2B7-160F-425A-A8EA-DB5DE9\613C1A35-FE4E-47E9-B276-D4BA48 -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\77F2C2B7-160F-425A-A8EA-DB5DE9\907DA78A-1365-4B3D-AABD-AEEF2A -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\781DEC3D-8BB0-4150-8A24-6600D2\15ACF2AB-BAC4-4C45-B4C3-74D68A -> Adware.Ucmore : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\781DEC3D-8BB0-4150-8A24-6600D2\77545FD0-DCBD-4E80-A119-CD1A4B -> Adware.Ucmore : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\98A99A0E-8333-4517-89A4-F94075\83DC4FA6-213D-42E7-A112-9A9351 -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\98A99A0E-8333-4517-89A4-F94075\D3BF2D4E-4143-48E6-88D5-0A7371 -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\98A99A0E-8333-4517-89A4-F94075\F7329EB1-A27D-4E01-8B6B-4D4D29 -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\98A99A0E-8333-4517-89A4-F94075\F7877119-C9BF-4D87-98E5-EDA7E3 -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\D60F5833-6E18-4311-B263-60A26F\2B7BF724-0B23-49C7-9858-608D33 -> Adware.Ucmore : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\D60F5833-6E18-4311-B263-60A26F\C0AA7DFB-FF49-40D0-B3D0-3365A8 -> Adware.Ucmore : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\E06C92E2-20AE-4D82-88EC-271FEF\26C5ED4D-B79B-4A9A-93AE-39C83C -> Downloader.Wintool.a : Cleaned with backup
C:\Program Files\NewDotNet -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\rdso\eetu.exe -> Downloader.PurityScan.br : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050235.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050236.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050251.exe -> Adware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050290.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP754\A0050962.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP754\A0051028.exe -> Hijacker.VB.kc : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP754\A0051029.exe -> Downloader.VB.vr : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP754\A0051041.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP754\A0051045.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP754\A0051058.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP754\A0051062.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP756\A0051175.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP756\A0051176.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP756\A0051207.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP756\A0051211.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051232.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051233.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051285.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051300.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051307.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051332.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051336.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051355.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051359.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051379.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\mtuninst.exe -> Adware.MediaTickets : Cleaned with backup
C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Cleaned with backup
C:\WINDOWS\SYSTEM32\hwtw.dll -> Adware.PurityScan : Cleaned with backup
C:\WINDOWS\SYSTEM32\l28m0cl1efq.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\SYSTEM32\l48m0el1ehq.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\SYSTEM32\WJ2TOPL.DLL -> Adware.Look2Me : Cleaned with backup


::Report End
 
hi

open hijackthis, click do a system scan only
checkmark these items:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {529D7BBE-E059-CEDF-2A06-B8CE6BBFE2BD} - C:\WINDOWS\System32\hwtw.dll (file missing)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [gimmygames] C:\\gimmygames.exe
O4 - HKLM\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.Exe -boot
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKCU\..\Run: [Aida] "C:\Program Files\rdso\eetu.exe" -vt ndrv
O4 - HKCU\..\Run: [Whfag] C:\WINDOWS\System32\??stem\msconfig.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O15 - Trusted Zone: *.adextension.com (HKLM)
O15 - Trusted Zone: *.dollarrevenue.com (HKLM)
O15 - Trusted Zone: *.errorsafe.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.media-motor.com (HKLM)
O15 - Trusted Zone: *.media-motor.net (HKLM)
O15 - Trusted Zone: *.mediatickets.net (HKLM)
O15 - Trusted Zone: *.proben.nu (HKLM)
O15 - Trusted Zone: *.snet.ms (HKLM)
O15 - Trusted Zone: *.snet.tc (HKLM)
O15 - Trusted Zone: *.snipernet.biz (HKLM)
O15 - Trusted Zone: *.snipernet.us (HKLM)
O15 - Trusted Zone: *.sxload.com (HKLM)
O15 - Trusted Zone: *.winfixer.com (HKLM)
O15 - Trusted Zone: *.yoursitebar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted Zone: *.zango.com (HKLM)
O15 - Trusted Zone: *.zangocash.com (HKLM)

then close all browsers and other windows, leaving only hijackthis running

and click fix checked

reboot

post a fresh hjt log
 
New HJT log

Logfile of HijackThis v1.99.1
Scan saved at 5:32:30 PM, on 2/9/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\All Users\Documents\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [uoltray] C:\Program Files\Juno\exec.exe regrun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.zangocash.com (HKLM)
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - file://D:\Installers\AuthorwareWebPlayer\awswax.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139241753859
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
 
Newer HJT log

I noticed that trusted site zangocash was not gone from last HJT log so scanned again, checked that box, rebooted, ran a new HJT log to make sure that was gone, and it is. Beth~

Logfile of HijackThis v1.99.1
Scan saved at 9:11:37 PM, on 2/9/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\All Users\Documents\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [uoltray] C:\Program Files\Juno\exec.exe regrun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - file://D:\Installers\AuthorwareWebPlayer\awswax.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139241753859
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
 
hi

the log is starting to look quite good ;)

lets still do a virus scan:
Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    • Extended (if available otherwise Standard)
    • Scan Options:
    • Scan Archives
      Scan Mail Bases
  • Click OK
  • Now under select a target to scan:
    • Select My Computer
  • This will start the program and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
 
kaspersky scan report

Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\

Scan Statistics
Total number of scanned objects 103147
Number of viruses found 20
Number of infected objects 37
Number of suspicious objects 0
Duration of the scan process 01:44:02

Infected Object Name Virus Name Last Action
C:\Documents and Settings\Beth\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-1e3b1005-369c71d6.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped

C:\Documents and Settings\Beth\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-1e3b1005-369c71d6.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped

C:\Documents and Settings\Beth\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-1e3b1005-369c71d6.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped

C:\Documents and Settings\Beth\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-1e3b1005-369c71d6.zip ZIP: infected - 3 skipped

C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\0EA07990-8837-413B-B60B-D3FBA0 Infected: not-a-virus:AdWare.Win32.Wintol.p skipped

C:\Program Files\Microsoft AntiSpyware\Quarantine\E06C92E2-20AE-4D82-88EC-271FEF\65A57762-F6E1-4C85-9137-44F8C5 Infected: not-a-virus:AdWare.Win32.Wintol.p skipped

C:\RECYCLER\S-1-5-21-519925110-2557909422-4240004532-500\Dc1\eetu.exe Infected: Trojan-Downloader.Win32.PurityScan.bs skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050113.scr Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050114.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.d skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050115.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.z skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050116.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050117.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.af skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050118.SCR Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050119.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.v skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050120.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050121.EXE Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050122.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050123.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050124.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.f skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050125.DLL Infected: not-a-virus:AdWare.Win32.IWon.a skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050126.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050127.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050128.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.ad skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050130.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.ab skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050131.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.i skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050133.dll Infected: not-a-virus:AdWare.Win32.MyWebSearch.p skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050167.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050168.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050169.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.af skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050170.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.p skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050171.EXE Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050172.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050189.exe Infected: Trojan-Clicker.Win32.VB.lb skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050201.dll Infected: not-a-virus:AdWare.Win32.MyWebSearch.p skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051329.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.e skipped

C:\WINDOWS\Downloaded Program Files\UWFX6_0001_N68M2301NetInstaller.exe Infected: not-a-virus:Downloader.Win32.WinFixer.d skipped

C:\WINDOWS\SYSTEM32\oins.exe Infected: not-a-virus:AdWare.Win32.MediaTickets.r skipped

Scan process completed.
 
hi

delete this file
C:\WINDOWS\SYSTEM32\oins.exe

clear java's cache:
Your scan showed one of more viruses in your Sun Java Runtime Environment (JRE) cache. Delete those by clearing the JRE cache.
To clear the Java Runtime Environment (JRE) cache:
  • Click Start > Control Panel.
  • Double-click the Java icon in the control panel.
    -The Java Control Panel appears.
  • Click Settings under Temporary Internet Files.
    -The Temporary Files Settings dialog box appears.
  • Click Delete Files.
    -The Delete Temporary Files dialog box appears.
    -There are three options on this window to clear the cache.
    • Delete Files
    • View Applications
    • View Applets
  • Click OK on Delete Temporary Files window.
    -Note: This deletes all the Downloaded Applications and Applets from the cache.
  • Click OK on Temporary Files Settings window.
  • Close the Java Control Panel
You can view those instructions along with graphics Here

reboot

post a final hijackthis log thank you

also tell me if there still are problems
 
fresh HJT log

Here is the new HJT log. All of the pop ups are gone, the only thing is when my Microsoft antispyware runs every night, it still finds and then cleans Surfsidekick. It keeps coming back. Beth~

Logfile of HijackThis v1.99.1
Scan saved at 10:29:58 AM, on 2/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\All Users\Documents\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [uoltray] C:\Program Files\Juno\exec.exe regrun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - file://D:\Installers\AuthorwareWebPlayer\awswax.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139241753859
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
 
microsoft antispyware report

It seems like I might have gotten it taken care of, there was this file on my computer
C:\WINDOWS\Downloaded Program Files\UWFX6_0001_N68M2301NetInstaller.exe

I tried to search for it and delete it, but it couldn't be found, so I used the pocket killbox program to delete it, and since I deleted it yesterday surfsidekick is no longer found. Here is a fresh HJT log, along with an ewido and kaspersky scan. Beth~

Logfile of HijackThis v1.99.1
Scan saved at 5:11:33 PM, on 2/14/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\All Users\Documents\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [uoltray] C:\Program Files\Juno\exec.exe regrun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - file://D:\Installers\AuthorwareWebPlayer\awswax.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139241753859
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe


---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 5:12:57 PM, 2/13/2006
+ Report-Checksum: D1D94848

+ Scan result:

C:\!KillBox\UWFX6_0001_N68M2301NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-519925110-2557909422-4240004532-500\Dc1\eetu.exe -> Downloader.PurityScan.bs : Cleaned with backup


::Report End

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Tuesday, February 14, 2006 5:06:47 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 14/02/2006
Kaspersky Anti-Virus database records: 176685
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\

Scan Statistics:
Total number of scanned objects: 100779
Number of viruses found: 20
Number of infected objects: 35
Number of suspicious objects: 0
Duration of the scan process: 02:05:05

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Beth\Local Settings\Temporary Internet Files\Content.IE5\GXI3GLYZ\index[1].php Infected: Trojan-Downloader.HTML.Agent.ae skipped
C:\Program Files\Microsoft AntiSpyware\Quarantine\254C07D5-CDA4-4B01-BEEB-5887E2\0EA07990-8837-413B-B60B-D3FBA0 Infected: not-a-virus:AdWare.Win32.Wintol.p skipped
C:\Program Files\Microsoft AntiSpyware\Quarantine\E06C92E2-20AE-4D82-88EC-271FEF\65A57762-F6E1-4C85-9137-44F8C5 Infected: not-a-virus:AdWare.Win32.Wintol.p skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050113.scr Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050114.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.d skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050115.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.z skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050116.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050117.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.af skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050118.SCR Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050119.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.v skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050120.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050121.EXE Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050122.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050123.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050124.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.f skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050125.DLL Infected: not-a-virus:AdWare.Win32.IWon.a skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050126.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050127.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050128.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.ad skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050130.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.ab skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050131.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.i skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050133.dll Infected: not-a-virus:AdWare.Win32.MyWebSearch.p skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050152.dll Infected: not-a-virus:AdWare.Win32.DownloadWare.a skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050167.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050168.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050169.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.af skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050170.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.p skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050171.EXE Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050172.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050189.exe Infected: Trojan-Clicker.Win32.VB.lb skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0050201.dll Infected: not-a-virus:AdWare.Win32.MyWebSearch.p skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0051329.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.e skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP793\A0054525.exe Infected: not-a-virus:AdWare.Win32.MediaTickets.r skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP796\A0054629.exe Infected: not-a-virus:Downloader.Win32.WinFixer.d skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP796\A0054630.exe Infected: Trojan-Downloader.Win32.PurityScan.bs skipped

Scan process completed.
 
hi

Download System Security Suite here:System Security Suite Download & Tutorial. Unzip it to your desktop. Install the program. Don't use it yet.

Reboot into SafeMode by tapping F8 key repeatedly at bootup: Starting your computer in Safe mode

With all windows and browsers closed.
Clean out temporary and Temporary Internet Files.
A. Open System Security Suite.
B. In the Items to Clear tab select for cleaning:
- Internet Explorer (left pane): Cookies & Temporary files
- My Computer (right pane): Temporary files & Recycle Bin
Press the Clear Selected Items button.
Close the program


Open Internet Explorer, and click on the Tools menu and then Internet Options. At the General tab, which should be the first tab you are currently on, click on the Delete Files button and put a checkmark in Delete offline content. Then press the OK button.


reboot

do another kaspersky scan, post the results

most of the malware was in system restore, we will get rid of them once we're through :)
 
You must log in or register to reply here.
Back
Top