Hello me again, I have been getting various redirects when using my search engines such as abcsearch.com etc not sure what i did but i assume it as something I shouldn't have or I wouldn't be here once again, anyways here is my hjt file.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 19:42, on 2008-04-12
Platform: Windows Vista (WinNT 6.00.1904)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Atheros\ACU.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Jon Sadler\Desktop\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Assist Launcher] ; C:\Program Files\Acer Assist\launcher.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] ; C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LManager] ; C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PCMService] ; "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [RtHDVCpl] ; RtHDVCpl.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\RunOnce: [DebutUninstall] cmd.exe /C rmdir /S /Q "C:\Program Files\NCH Software\Debut"
O4 - HKLM\..\RunOnce: [DebutUninstall2] cmd.exe /C rmdir /Q "C:\Program Files\NCH Software"
O4 - HKLM\..\RunOnce: [DebutUninstall3] cmd.exe /C rmdir /S /Q "C:\Users\Jon Sadler\AppData\Roaming\Program Files\Debut"
O4 - HKLM\..\RunOnce: [DebutUninstall4] cmd.exe /C rmdir /Q "C:\Users\Jon Sadler\AppData\Roaming\Program Files"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {A4069847-C342-48E2-9257-01A24E5C78EA} (F-Secure Online Scanner 3.2) - [url]http://support.f-secure.com/ols3beta/fscax.cab[/url]
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\Windows\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdise rv.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8900 bytes

Has anybody had a chance to look at this for me?

Please read the instructions here (http://www.bleepingcomputer.com/combofix/how-to-use-combofix) and post back with a combofix log and a new HJT Log.

ComboFix 08-04-16.5 - Jon Sadler 2008-04-17 11:43:52.3 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.1.1033.18.390 [GMT -4:00]
Running from: C:\Users\Jon Sadler\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\x64

.
((((((((((((((((((((((((( Files Created from 2008-03-17 to 2008-04-17 )))))))))))))))))))))))))))))))
.

2008-04-17 11:14 . 2007-04-12 13:58 532,480 --a------ C:\Windows\System32\tmp6CC.tmp
2008-04-13 02:43 . 2007-10-18 09:51 172,032 --a------ C:\Windows\System32\igfxres.dll
2008-04-12 13:17 . 2008-04-12 13:17 <DIR> d-------- C:\Users\Jon Sadler\AppData\Roaming\Recordpad
2008-04-12 13:17 . 2008-04-12 13:17 <DIR> d-------- C:\Users\Jon Sadler\AppData\Roaming\NCH Swift Sound
2008-04-12 13:17 . 2008-04-12 13:19 <DIR> d-------- C:\Users\All Users\NCH Swift Sound
2008-04-12 13:17 . 2008-04-12 13:28 <DIR> d-------- C:\Users\All Users\NCH Software
2008-04-12 13:17 . 2008-04-12 13:19 <DIR> d-------- C:\ProgramData\NCH Swift Sound
2008-04-12 13:17 . 2008-04-12 13:28 <DIR> d-------- C:\ProgramData\NCH Software
2008-04-12 13:17 . 2008-04-12 13:31 <DIR> d-------- C:\Program Files\NCH Swift Sound
2008-04-12 13:14 . 2008-04-12 13:31 <DIR> d-------- C:\Program Files\NCH Software
2008-04-11 11:33 . 2008-04-11 11:33 <DIR> d-------- C:\fixwareout
2008-04-09 08:50 . 2008-02-14 19:19 944,184 --a------ C:\Windows\System32\winload.exe
2008-04-09 08:50 . 2008-02-19 01:10 620,088 --a------ C:\Windows\System32\ci.dll
2008-04-09 08:50 . 2008-02-29 02:39 371,712 --a------ C:\Windows\System32\srcore.dll
2008-04-09 08:50 . 2008-02-29 02:38 313,856 --a------ C:\Windows\System32\rstrui.exe
2008-04-09 08:50 . 2008-02-29 02:39 40,960 --a------ C:\Windows\System32\srclient.dll
2008-04-09 08:50 . 2008-02-29 02:51 19,000 --a------ C:\Windows\System32\kd1394.dll
2008-04-09 08:50 . 2008-02-29 02:38 16,384 --a------ C:\Windows\System32\srdelayed.exe
2008-04-09 08:50 . 2008-02-29 02:34 7,168 --a------ C:\Windows\System32\f3ahvoas.dll
2008-04-09 08:50 . 2008-02-29 02:35 6,656 --a------ C:\Windows\System32\kbd106n.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-04-17 15:37 --------- d-----w C:\ProgramData\Lx_cats
2008-04-17 15:18 --------- d-----w C:\Program Files\Lexmark Fax Solutions
2008-04-17 15:15 --------- d-----w C:\Program Files\Lexmark 3500-4500 Series
2008-04-10 13:30 --------- d-----w C:\Program Files\Windows Mail
2008-03-24 13:24 --------- d-----w C:\Program Files\Java
2008-03-20 22:44 --------- d-----w C:\Users\Jon Sadler\AppData\Roaming\FileZilla
2008-02-29 04:16 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-21 04:43 296,448 ----a-w C:\Windows\System32\gdi32.dll
2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-14 22:41 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-14 22:41 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-14 22:41 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-14 22:40 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-14 22:40 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-14 22:40 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-14 22:40 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-02-14 22:40 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-14 22:40 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-14 22:40 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-13 21:43 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-13 21:37 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-13 21:36 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2007-08-30 07:14 174 --sha-w C:\Program Files\desktop.ini
2008-01-09 18:18 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\History\History.IE5\index.da t
2008-01-09 18:18 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-01-09 18:18 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Ro aming\Microsoft\Windows\Cookies\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-03-27 15:22 4670968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2006-11-22 03:29 90191]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2006-11-22 03:29 7757824]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2006-11-22 03:29 81920]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-22 23:00 815104]
"Acer Tour"="" []
"eRecoveryService"="" []
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 06:06 79224]
"lxdimon.exe"="C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" [2007-05-07 14:07 435120]
"lxdiamon"="C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" [2007-03-05 08:40 20480]
"FaxCenterServer"="C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" [2007-05-07 14:10 312240]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Acer Assist Launcher"="C:\Program Files\Acer Assist\launcher.exe" [2006-12-04 17:05 1261568]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [ ]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-11-28 07:14 614400]
"PCMService"="C:\Program Files\Acer\Acer Arcade\PCMService.exe" [2006-11-18 09:57 151552]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-20 02:13 4018176 C:\Windows\RtHDVCpl.exe]
"ACU"="C:\Program Files\Atheros\ACU.exe" [2006-08-10 00:20 344187]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-10-18 10:19 141848]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-10-18 10:18 166424]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2007-10-18 10:18 133656]

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2006-10-19 10:12 258048 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Wind ows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\Windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Wind ows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
backup=C:\Windows\pss\Empowering Technology Launcher.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2007-04-12 09:11 1006264 C:\Program Files\Windows Defender\MSASCui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2007-03-27 15:22 4670968 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"TCP Query User{B1DA0016-8B11-4DE9-863A-F82C942F386C}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{447757BC-B800-41FB-816C-387EBF32A5D1}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"{C60B0EEF-97ED-4666-9F09-2A82A97FA35E}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{D1EF433A-7B4D-429A-98E1-69B57A8FD2DA}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{055C7796-510A-406E-A497-B4B0E0EC1AA3}"= UDP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{127CCFF9-82EB-43B8-BD5C-4EDD0FD3B5B7}"= TCP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{0D00E2D0-798A-46F7-AA98-EEC265AE5537}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{F1A85646-8379-4B02-AF7F-6F29B374B64F}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{EEBE6F97-1369-48EA-8638-7BE455218F3D}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"{0DA2CE83-FCE2-4A73-93B1-E0AD70F0D7DC}"= UDP:C:\Windows\System32\lxdicoms.exe:Lexmark Communications System
"{21F680AE-E896-4FC5-AA77-5880D7822C96}"= TCP:C:\Windows\System32\lxdicoms.exe:Lexmark Communications System
"{64E74182-2DC3-4F54-834E-B73F7960C081}"= UDP:C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe:Lexmark Device Monitor
"{E78E222B-8E04-4CC0-B249-9BDFBE3B2EAC}"= TCP:C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe:Lexmark Device Monitor
"{7709658A-2173-44D9-B14D-E8D3A47B9473}"= UDP:C:\Program Files\Lexmark 3500-4500 Series\App4R.exe:Lexmark Imaging Studio
"{554945D4-F4A4-4D0B-BA0C-D58FE34A4FF6}"= TCP:C:\Program Files\Lexmark 3500-4500 Series\App4R.exe:Lexmark Imaging Studio
"{9899F9C5-439C-4F9B-A05C-6D14F3A93A01}"= UDP:C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
"{F2F92B0E-60A8-4DF6-B9D0-7DC87017B01C}"= TCP:C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
"{7A01C739-7EC3-475A-AF81-11DB68E96D27}"= UDP:C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe:Fax software
"{605F22B6-AD32-4505-9CC1-259C59919DA3}"= TCP:C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe:Fax software
"{065B0182-4B85-4BF4-A2A5-78F6D2397126}"= UDP:C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe:Device Monitor
"{7EAFBA7E-65EF-4151-AF56-7DA1E055722E}"= TCP:C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe:Device Monitor
"{0C41DBD0-77FD-4924-8066-433A8A9A9A2C}"= UDP:C:\Users\Jon Sadler\AppData\Local\Temp\lxdi\wireless\ENGLISH\lx diwpss.exe:
"{61FBB132-34D0-457D-9903-5978E962CEEB}"= TCP:C:\Users\Jon Sadler\AppData\Local\Temp\lxdi\wireless\ENGLISH\lx diwpss.exe:
"{2618DE86-C434-4942-AB2E-78424A291B72}"= UDP:C:\Windows\System32\lxdicfg.exe:Printer Communication System
"{F7ACCD90-C641-43C2-B598-8DFC0B41088C}"= TCP:C:\Windows\System32\lxdicfg.exe:Printer Communication System
"{E0EB7B9C-0CFF-43D8-9062-29806CF84E35}"= UDP:C:\Windows\System32\spool\drivers\w32x86\3\lxd ipswx.exe:Printer Status Window Interface
"{561947D2-AF81-451C-BA8D-A688B810E756}"= TCP:C:\Windows\System32\spool\drivers\w32x86\3\lxd ipswx.exe:Printer Status Window Interface
"{3E778766-E62B-41B2-83C1-5D74178228F4}"= UDP:C:\Windows\System32\spool\drivers\w32x86\3\lxd itime.exe:Lexmark Connect Time Executable
"{D2B9E928-F06B-4FD8-9BA4-E2238DDF195A}"= TCP:C:\Windows\System32\spool\drivers\w32x86\3\lxd itime.exe:Lexmark Connect Time Executable
"{2BD6A42B-0D9B-4621-996B-B605120255E1}"= UDP:C:\Windows\System32\spool\drivers\w32x86\3\lxd ijswx.exe:Job Status Window Interface
"{37282D5D-D783-48D3-838F-630BA93A21E5}"= TCP:C:\Windows\System32\spool\drivers\w32x86\3\lxd ijswx.exe:Job Status Window Interface
"TCP Query User{67905405-611A-4FE8-9016-9C9EB1AAABAE}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{25966FAF-A802-46DC-B505-FB8DFAFFD53B}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{430F3BDD-5BE8-44B6-B42F-1AE79AE8A42A}C:\\users\\jon sadler\\desktop\\blim\\blim.exe"= UDP:C:\users\jon sadler\desktop\blim\blim.exe:blim.exe
"UDP Query User{840256BB-A45E-4883-9834-E9D138869429}C:\\users\\jon sadler\\desktop\\blim\\blim.exe"= TCP:C:\users\jon sadler\desktop\blim\blim.exe:blim.exe
"{5027CB56-012B-4C32-B7CC-83BF2B62F663}"= UDP:C:\Program Files\Lexmark 3500-4500 Series\Wireless\lxdiwpss.exe:
"{6D6B49CF-9925-4C90-924D-8EE2CF8B3218}"= TCP:C:\Program Files\Lexmark 3500-4500 Series\Wireless\lxdiwpss.exe:
"{A6BF8BFA-D06C-444A-B1A1-4DE9189E0837}"= UDP:86:BroadCam Web Server
"{93EFCB93-9C1A-4A27-8458-8829BE68202D}"= UDP:C:\Windows\System32\lxdicoms.exe:Lexmark Communications System
"{26BF3E99-5E21-4495-9A4F-409A5E05434D}"= TCP:C:\Windows\System32\lxdicoms.exe:Lexmark Communications System
"{8B3E313E-2DE0-428C-8A42-8A17530316A7}"= UDP:C:\Windows\System32\spool\drivers\w32x86\3\lxd ipswx.exe:Printer Status Window
"{272BA938-FCA5-4339-B684-96D63615C90E}"= TCP:C:\Windows\System32\spool\drivers\w32x86\3\lxd ipswx.exe:Printer Status Window
"{D0E18049-E816-4847-AD7B-1F02D9C74C2F}"= UDP:C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe:Lexmark Device Monitor
"{443477DF-AE34-469A-9EDC-397EF2F597E7}"= TCP:C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe:Lexmark Device Monitor
"{95CFCA47-9030-4F68-899C-631C45BD035C}"= UDP:C:\Program Files\Lexmark 3500-4500 Series\App4R.exe:Lexmark Imaging Studio
"{C24CB57C-ADD3-4C74-ADF0-FEA714BACDB6}"= TCP:C:\Program Files\Lexmark 3500-4500 Series\App4R.exe:Lexmark Imaging Studio
"{904872E0-A8AE-4968-909A-2E6B0DD803FF}"= UDP:C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
"{716965DA-AD00-4E74-B33E-A882D08949B3}"= TCP:C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
"{8B808F8C-D3E8-49BA-B2E8-1F1AD3F67252}"= UDP:C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe:Fax software
"{B3123A81-8203-47D3-9EF5-C136483F14AE}"= TCP:C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe:Fax software

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\PublicProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|S vc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorre nt
"C:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSf su
"C:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled: encryption
"C:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled: decryption

R2 {2FF8D163-C3C2-46ce-BD8D-D85AC1BC56DD};{2FF8D163-C3C2-46ce-BD8D-D85AC1BC56DD};C:\Program Files\Acer\Acer Arcade\[u]0[/u]00.fcl [2006-11-18 09:57]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\as wMonFlt.sys [2007-09-06 06:02]
R2 eNet Service;eNet Service;C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-11-20 22:43]
R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2006-11-13 01:13]
R2 lxdi_device;lxdi_device;C:\Windows\system32\lxdico ms.exe [2007-04-26 11:38]
R2 lxdiCATSCustConnectService;lxdiCATSCustConnectServ ice;C:\Windows\system32\spool\DRIVERS\W32X86\3\\lx diserv.exe [2007-04-26 11:38]
R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 16:57]
R2 WMIService;ePower Service;C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2006-12-01 11:34]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.s ys [2006-08-04 05:39]
R3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys [2007-12-11 02:32]
R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-10-18 10:05]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 03:30]
S3 SMSCIRDA;SMSC Infrared Device Driver;C:\Windows\system32\DRIVERS\SMSCirda.sys [2006-10-18 19:44]
S3 WSIMD;wsimd Service;C:\Windows\system32\DRIVERS\wsimd.sys [2006-06-02 13:52]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{7104b8b2-b112-11db-9f34-806e6f6e6963}]
\shell\AutoRun\command - E:\Setup.EXE

*Newly Created Service* - CATCHME
.
************************************************** ************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url]http://www.gmer.net[/url]
Rootkit scan 2008-04-17 11:48:27
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
Completion time: 2008-04-17 11:50:07
ComboFix-quarantined-files.txt 2008-04-17 15:49:51

Pre-Run: 9,189,724,160 bytes free
Post-Run: 9,103,552,512 bytes free
.
2008-04-16 13:34:48 --- E O F ---

HJT

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11:58, on 2008-04-17
Platform: Windows Vista (WinNT 6.00.1904)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Atheros\ACU.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Jon Sadler\Desktop\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Assist Launcher] ; C:\Program Files\Acer Assist\launcher.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] ; C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LManager] ; C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PCMService] ; "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [RtHDVCpl] ; RtHDVCpl.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-53645587-2199183222-1866024990-501\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Guest')
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {A4069847-C342-48E2-9257-01A24E5C78EA} (F-Secure Online Scanner 3.2) - [url]http://support.f-secure.com/ols3beta/fscax.cab[/url]
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\Windows\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdise rv.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8535 bytes

So, how is the system running? Are you dual booting this system?

still getting the search redirects during searches

Download AVG Anti-Spyware from HERE (http://www.ewido.net/en/download/)
Install AVG Anti-Spyware
Double-click the icon on Desktop to launch AVG Anti-Spyware
You will need to update AVG Anti-Spyware to the latest definition files.
On the top of the main screen click Shield and then [active] to change it to inactive
On the top of the main screen click Update and then Start Update.
Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
Once in the Settings screen click on "Recommended actions" and then select "Quarantine".


Close ALL open Windows / Programs / Folders. Run AVG Anti-Spyware with it's updated definitions: (...it's important that all windows must be closed)

* Click Scanner and then the Scan tab
* Click Complete System Scan to begin scanning.

Once the scan is complete do the following:
* If you have any infections you will prompted, then select "Apply all actions"
* Once finished, click the Save report button, then click Save Report As and save it to your Desktop. (make sure to remember where you saved that file, this is important).

Close AVG Anti-Spyware and Reboot.

Post the logs and let me know how things seem to be running...

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:39 2008-04-18

+ Scan result:



:mozilla.141:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.133:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.134:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.135:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.146:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.167:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@snagajob.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.180:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.7search : Cleaned.
:mozilla.181:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.7search : Cleaned.
:mozilla.157:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.158:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.159:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.175:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Adengage : Cleaned.
:mozilla.178:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Adengage : Cleaned.
:mozilla.179:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Adengage : Cleaned.
:mozilla.73:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.74:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.75:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.76:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.88:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.92:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.93:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.94:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.197:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.204:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.205:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.206:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.207:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.33:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.250:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.309:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.311:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.312:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.313:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.

C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.267:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.268:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.269:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.270:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.271:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.273:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.421:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.27:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Users\Jon Sadler\AppData\Roaming\Microsoft\Windows\Cookies\j on_sadler@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.435:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Enhance : Cleaned.
:mozilla.436:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Enhance : Cleaned.
:mozilla.253:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.254:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.255:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.256:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.257:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.258:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.297:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.298:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.299:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.300:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.164:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Goclick : Cleaned.
:mozilla.165:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Goclick : Cleaned.
:mozilla.71:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.95:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.96:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@ehg-legonewyorkinc.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\guest@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\guest@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.445:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.446:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.296:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@search.msn[1].txt -> TrackingCookie.Msn : Cleaned.
:mozilla.22:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.138:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.106:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.107:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.108:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.109:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.110:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.111:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.123:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.25:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.26:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.278:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.279:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.280:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.281:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.282:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@realmedia[2].txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.163:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned.
:mozilla.70:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.85:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.86:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.

mozilla.87:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.89:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.91:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@counter15.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@counter16.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.308:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.310:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.103:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.69:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned.
:mozilla.383:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.384:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.385:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.386:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.387:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.126:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.34:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@clickthrough.wegcash[2].txt -> TrackingCookie.Wegcash : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@free.wegcash[2].txt -> TrackingCookie.Wegcash : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@programs.wegcash[2].txt -> TrackingCookie.Wegcash : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@wegcash[2].txt -> TrackingCookie.Wegcash : Cleaned.
:mozilla.174:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.100:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.101:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.102:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.104:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.105:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.98:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.99:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Users\Jon Sadler\AppData\Roaming\Microsoft\Windows\Cookies\j on_sadler@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.127:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.128:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.129:C:\Users\Jon Sadler\AppData\Roaming\Mozilla\Firefox\Profiles\49 duomc9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.


::Report end

Seems to be working ok, I have not had any redirect problems yet.

OK, keep me posted.....