I've read some of the other topics regarding this issue and I hope someone can help me with this hijackthis log. Please let me know if I need to post more information. Thanks!

Logfile of HijackThis v1.99.1
Scan saved at 1:29:55 AM, on 6/4/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Nhksrv.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SYSTEM32\ZoneLabs\minilog.exe
C:\Updater.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\DELLMMKB.EXE
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\pop06ap2.exe
C:\WINDOWS\System32\nodeipproc.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Money\System\Money Express.exe
C:\Program Files\Southwest Airlines\Ding\Ding.exe
C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Lori Duck\Local Settings\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://server224.smartbotpro.net/7search/?new-hklm
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.roxio.com/dell/qd9ci8f.jhtml
F1 - win.ini: run=C:\WINDOWS\..\PROGRA~1\COMMON~1\MICROS~1\MSInfo\info32.exe
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\System32\ifaql.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,tbhtwkt.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: web compressor - {23FB5ADD-DA37-4a40-9FC0-B0E2384CDE92} - C:\WINDOWS\System32\nsc22F.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [iRiver Updater] \Updater.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Tapicfg.exe] \tapicfg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exe
O4 - HKLM\..\Run: [mswspl] C:\Program Files\Windows Media Player\wmplayer.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [pop06ap] C:\WINDOWS\pop06ap2.exe
O4 - HKLM\..\Run: [nodeipproc] C:\WINDOWS\System32\nodeipproc.exe
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [sccbase] C:\WINDOWS\System32\sccbase.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - Global Startup: DING!.lnk = C:\Program Files\Southwest Airlines\Ding\Ding.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/fltt0_x.cab
O16 - DPF: Yahoo! NFL GameChannel StatTracker - http://aud16.sports.sc5.yahoo.com/java/y/nflgcst1010_x.cab
O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt0_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potc_x.cab
O16 - DPF: Yahoo! Sheepshead - http://download.games.yahoo.com/games/clients/y/dt0_x.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200203...meInstaller.exe
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - ms-its:mhtml:file://c:\nesuned.mht!http://adgate.info/zscript/dra.chm::/3138302D2D2D.exe
O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} (PopCapLoaderCtrl Class) - http://zone.msn.com/bingame/rock/default/popcaploader1.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - http://www.worldwinner.com/games/shared/dephlp.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O19 - User stylesheet: (file missing)
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: TrueVector Basic Logging Client (minilog) - Zone Labs Inc. - C:\WINDOWS\SYSTEM32\ZoneLabs\minilog.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe

Are you having problems or are you just curious to see what you should not have or should not be running?

I'm having a problem with click2begin. It pops up regularly with new searches. I've run SpyBot and SpyWare Blaster, but it keeps coming back. I've looked around a little and it looks like this HijackThis program is good for getting rid of it, so I just need to know what to get rid of to stop click2begin (and I guess to see if there's anything else that's a red flag).

Thanks!

try this

1. Download Ewido and install
Ewido Security Suite. It is a free trial version of the program:

http://www.ewido.net/en/download/

2. Install ewido security suite
3. Launch ewido, there should be an icon on your desktop double-click it.
4. The program will now go to the main screen

You will need to update ewido to the latest definition files.

1. On the left hand side of the main screen click update
2. Then click on Start Update

The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use Ewido manual updates

once you have ewido and are updated start hjt:

scan with HJT, put a checkmark beside the items below, close all windows and click fix checked.

O2 - BHO: bitlocker - {01EB5130-FC0C-4d75-B9CE-4801B1B854F5} - C:\WINDOWS\system32\nsh7.dll

O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZN

O9 - Extra button: Point Alert - {67B50696-04BA-48ea-A697-28AA0EAA9C26} - file://C:\Program Files\MyPoints_PointAlert\Sy800\Tp800\scri800a.htm (HKCU)

i would print or copy this to notepad so yopu can read it in safe mode
after using hjt, reboot computer into safe mode, you reach safe mode by tapping the f8 key during a reboot, chose the first option. once in safe mode run ewido.
ewido:
Click on scanner
Click Complete System Scan and the scan will begin.
During the scan it will prompt you to clean files, click OK
When it asks if you want to clean the first file, put a check in the lower left corner of the box that says "Perform action on all infections" then choose clean and click OK.
When the scan is finished, click the Save report button at the bottom of the screen.
Save the report to your desktop.

run spybot in safe mode.
also do this:

Click Start>Run then type %temp%
Hit OK. Delete all the files you can.

Empty your Temp folders. Go to Start > Run and type:cleanmgr. Windows will scan. When done check these 3 and press *ok* to remove:

Temporary Files
Temporary Internet Files
Recycle Bin
-------------------------------------
reboot computer normally, rescan and post a new hjt log and the saved ewido log in next reply...........

Thanks, I'll let you know what I find out.

Here's my hjt log:

Logfile of HijackThis v1.99.1
Scan saved at 1:41:45 PM, on 6/4/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Nhksrv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Updater.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\DELLMMKB.EXE
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\nodeipproc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Money\System\Money Express.exe
C:\Program Files\Southwest Airlines\Ding\Ding.exe
C:\Program Files\Netropa\OSD.exe
C:\WINDOWS\System32\ifaql.exe
C:\WINDOWS\System32\ifaql.exe
C:\WINDOWS\System32\ifaql.exe
C:\WINDOWS\System32\ifaql.exe
C:\WINDOWS\System32\ifaql.exe
C:\WINDOWS\System32\ifaql.exe
C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
C:\WINDOWS\System32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\ZoneLabs\MINILOG.EXE
C:\Program Files\Microsoft Money\System\urlmap.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://server224.smartbotpro.net/7search/?new-hklm
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.roxio.com/dell/qd9ci8f.jhtml
F1 - win.ini: run=C:\WINDOWS\..\PROGRA~1\COMMON~1\MICROS~1\MSInfo\info32.exe
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\System32\ifaql.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,tbhtwkt.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: web compressor - {23FB5ADD-DA37-4a40-9FC0-B0E2384CDE92} - C:\WINDOWS\System32\nsc22F.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [iRiver Updater] \Updater.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exe
O4 - HKLM\..\Run: [mswspl] C:\Program Files\Windows Media Player\wmplayer.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nodeipproc] C:\WINDOWS\System32\nodeipproc.exe
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [sccbase] C:\WINDOWS\System32\sccbase.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [nktfn] C:\WINDOWS\System32\rvjmlf.exe reg_run
O4 - Global Startup: DING!.lnk = C:\Program Files\Southwest Airlines\Ding\Ding.exe
O4 - Global Startup: kduns.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll (file missing)
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll (file missing)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O15 - Trusted Zone: *.media-motor.net
O15 - Trusted Zone: *.mmohsix.com
O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/fltt0_x.cab
O16 - DPF: Yahoo! NFL GameChannel StatTracker - http://aud16.sports.sc5.yahoo.com/java/y/nflgcst1010_x.cab
O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt0_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potc_x.cab
O16 - DPF: Yahoo! Sheepshead - http://download.games.yahoo.com/games/clients/y/dt0_x.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200203...meInstaller.exe
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - ms-its:mhtml:file://c:\nesuned.mht!http://adgate.info/zscript/dra.chm::/3138302D2D2D.exe
O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} (PopCapLoaderCtrl Class) - http://zone.msn.com/bingame/rock/default/popcaploader1.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - http://www.worldwinner.com/games/shared/dephlp.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O19 - User stylesheet: (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: TrueVector Basic Logging Client (minilog) - Zone Labs Inc. - C:\WINDOWS\SYSTEM32\ZoneLabs\minilog.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe


and the ewido one:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 11:50:07 AM, 6/4/2006
+ Report-Checksum: B89084F9

+ Scan result:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\AMeOpt -> Adware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Kapabout -> Adware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\media-motor -> Adware.MediaMotor : Cleaned with backup
HKLM\SOFTWARE\Policies\Avenue Media -> Adware.InternetOptimizer : Cleaned with backup
HKU\S-1-5-21-917563655-2163411867-2876842818-1006\Software\2nd -> Adware.SecondThought : Cleaned with backup
HKU\S-1-5-21-917563655-2163411867-2876842818-1006\Software\2nd\Client -> Adware.SecondThought : Cleaned with backup
HKU\S-1-5-21-917563655-2163411867-2876842818-1006\Software\Hiwire -> Adware.HiWire : Cleaned with backup
HKU\S-1-5-21-917563655-2163411867-2876842818-1006\Software\Hiwire\MusicMatch -> Adware.HiWire : Cleaned with backup
HKU\S-1-5-21-917563655-2163411867-2876842818-1006\Software\Hiwire\MusicMatch\Browser -> Adware.HiWire : Cleaned with backup
HKU\S-1-5-21-917563655-2163411867-2876842818-1006\Software\Hiwire\MusicMatch\Faceplate -> Adware.HiWire : Cleaned with backup
HKU\S-1-5-21-917563655-2163411867-2876842818-1006\Software\Hiwire\MusicMatch\History -> Adware.HiWire : Cleaned with backup
HKU\S-1-5-21-917563655-2163411867-2876842818-1006\Software\Hiwire\MusicMatch\Resources -> Adware.HiWire : Cleaned with backup
HKU\S-1-5-21-917563655-2163411867-2876842818-1006\Software\Hiwire\MusicMatch\Stations -> Adware.HiWire : Cleaned with backup
HKU\S-1-5-21-917563655-2163411867-2876842818-1006\Software\Hiwire\MusicMatch\WebUpdate -> Adware.HiWire : Cleaned with backup
HKU\S-1-5-21-917563655-2163411867-2876842818-1006\Software\Microsoft\Windows\CurrentVersion\Policies\AMeOpt -> Adware.InternetOptimizer : Cleaned with backup
HKU\S-1-5-21-917563655-2163411867-2876842818-1006\Software\Policies\Avenue Media -> Adware.InternetOptimizer : Cleaned with backup
[696] C:\WINDOWS\System32\xdimdnf.dll -> Downloader.Qoologic.bj : Cleaned with backup
C:\command.exe -> Dropper.Delf.ev : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.153:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.154:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.166:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.168:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.172:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.191:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.193:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.194:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.200:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Clickhype : Cleaned with backup
:mozilla.204:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.211:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.212:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.213:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.214:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.215:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.217:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.218:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.219:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.220:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.225:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.228:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.231:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\default.mgf\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Sextracker : Cleaned with backup
:mozilla.11:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Masterstats : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Clickhype : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Sextracker : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.154:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.155:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.157:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.158:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.159:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.160:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.161:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.162:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.168:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.169:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.176:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.200:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.202:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.203:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.212:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.213:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.215:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.223:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.224:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.225:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.226:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.255:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.256:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.257:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.258:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.259:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.260:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.262:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.266:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.267:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.268:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.269:C:\Documents and Settings\Lori Duck\Application Data\Mozilla\Firefox\Profiles\Freckles Brown\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@ads.realcastmedia[2].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@ads05.bpath[1].txt -> TrackingCookie.Bpath : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@ads08.bpath[2].txt -> TrackingCookie.Bpath : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@ads43.bpath[1].txt -> TrackingCookie.Bpath : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@as.casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@axa.addcontrol[2].txt -> TrackingCookie.Addcontrol : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@banner.casinoking[1].txt -> TrackingCookie.Casinoking : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@banner.casinolasvegas[2].txt -> TrackingCookie.Casinolasvegas : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@banner.goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@c1.zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@casinolasvegas[1].txt -> TrackingCookie.Casinolasvegas : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@casinotropez[1].txt -> TrackingCookie.Casinotropez : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@cbs.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@centrport[2].txt -> TrackingCookie.Centrport : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@citi.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@cnn.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@cornerstone.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@coxhsi.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@cz7.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@cz8.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@data1.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@data3.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@data4.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@e-2dj6wfkiaoc5mbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@e-2dj6wfkygpdzodo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@e-2dj6wjkyaicjkdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@e-2dj6wjkyulajmlp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@e-2dj6wjlichcjkdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@e-2dj6wjlosjdpmcp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@e-2dj6wjlygmczigq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@e-2dj6wjlykkc5ihp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Lori Duck\Cookies\lori duck@e-2dj6wjmykpazoho.stats.esomniture[2].txt -> Tr

wow

impressive, huh?

Not Really... Dude you got some serious problems...

1. Since you have No AntiVirus protection you really need to get some...
Go to Avast and download their free 4 Home version. http://files.avast.com/iavs4pro/setupeng.exe
Install this after you run the HouseCall Online Scanner from the next step.

Go to Trend Micro and run their HouseCall virus scanner http://www.trendmicro.com/hc_intro/default.asp
Clean up everything it finds, rebooting if necessary.

2. After the HouseCall is done install Avast and follow the onscreen instructions to scan your computer.

3. As far as Hijack this Goes... Major problems with your OS...

Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
You need to install windows updates after your done or all of this is just a waste of time...

Remove EVERYTHING in the list below...

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://server224.smartbotpro.net/7search/?new-hklm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.roxio.com/dell/qd9ci8f.jhtml

(Serious Trojans)
F1 - win.ini: run=C:\WINDOWS\..\PROGRA~1\COMMON~1\MICROS~1\MSInfo\info32.exe
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\System32\ifaql.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,tbhtwkt.exe
O2 - BHO: web compressor - {23FB5ADD-DA37-4a40-9FC0-B0E2384CDE92} - C:\WINDOWS\System32\nsc22F.dll (file missing)
O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exe
O4 - HKLM\..\Run: [mswspl] C:\Program Files\Windows Media Player\wmplayer.exe
O4 - HKLM\..\Run: [nodeipproc] C:\WINDOWS\System32\nodeipproc.exe
O4 - HKCU\..\Run: [sccbase] C:\WINDOWS\System32\sccbase.exe
O4 - HKCU\..\Run: [nktfn] C:\WINDOWS\System32\rvjmlf.exe reg_run
O4 - Global Startup: DING!.lnk = C:\Program Files\Southwest Airlines\Ding\Ding.exe
O4 - Global Startup: kduns.exe
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll (file missing)
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll (file missing)

(Dangerous)
O15 - Trusted Zone: *.media-motor.net
O15 - Trusted Zone: *.mmohsix.com


O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/fltt0_x.cab
O16 - DPF: Yahoo! NFL GameChannel StatTracker - http://aud16.sports.sc5.yahoo.com/java/y/nflgcst1010_x.cab
O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt0_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potc_x.cab
O16 - DPF: Yahoo! Sheepshead - http://download.games.yahoo.com/games/clients/y/dt0_x.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200203...meInstaller.exe
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - ms-its:mhtml:file://c:\nesuned.mht!http://adgate.info/zscript/dra.chm::/3138302D2D2D.exe
O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} (PopCapLoaderCtrl Class) - http://zone.msn.com/bingame/rock/default/popcaploader1.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - http://www.worldwinner.com/games/shared/dephlp.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab

O19 - User stylesheet: (file missing)

After all that, You'll probably need a reboot again... Then make sure your SpyBot is updated and run it again...

Install Ad-Aware -> http://www.download.com/Ad-Aware-SE-Person...tml?tag=lst-0-1

And run it as well...

Then repost the HJT log again...

Yeah, I didn't really realize it was as bad as it was until I saw that. I didn't really know what it all meant, but I thought it was bad that it was soo long.



I wasn't able to do all of this in order. Maybe I'm just too impatient. I downloaded avast and then ran the housecall thing, but it wouldn't finish. So I went back to avast and ran that. When I'd reboot my computer it would run the scan but it got stuck scanning the same file twice. It seemed like a pretty innocent file, but what do I know?! Anyway, I ran avast from windows and it kept on showing me all of these warnings about the same 5 or 6 trojan horse files so after a while I decided to go ahead and run hjt and have it fix those things that you listed.



I haven't gotten to the rest of this yet, but after running the hjt thing, the constant avast warnings have stopped. Avast is still scanning but I've got to hit the sack. Tomorrow I'll be installing ad-aware and windows updates and then I'll run spybot and hjt and repost the hjt log again.

I really do appreciate all the help. As you can guess, I'm not too savvy on the security stuff. I thought ZoneAlarm was doing a pretty good job.

OK, I updated SpyBot, ran it, DLd Ad-Aware, ran it and here's my new HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 1:19:29 PM, on 6/5/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Nhksrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\minilog.exe
C:\Updater.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\DELLMMKB.EXE
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Money\System\Money Express.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [iRiver Updater] \Updater.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: TrueVector Basic Logging Client (minilog) - Zone Labs Inc. - C:\WINDOWS\SYSTEM32\ZoneLabs\minilog.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe


Like I said before. Click2Begin is no longer a problem, but I want to make sure I'm getting my computer as clean as it needs to be. Also, how often should I run the new programs I have now?

Looks Good TopDawg!
Good to hear click2begin is gone, and by the way Welcome to 4Peeps!

The two Avast lines that read:
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

Are not really missing, it's just HJT has a problem with "Service" lines that have a "/" data parameter after them, if you check they should be in the Avast directory.

One line does concern me from the latest HJT log and that is the:
F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,userinit.exe

The line will not cause you any trouble but it shows up as a warning in HJT... To fix it it's real easy...

Run Regedit and goto:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
In there on the right hand side you should see a line:

[ab]Userinint REG_SZ C:\WINDOWS\system32\Userinit.exe,userinit.exe

Just double click the key and remove the second userinit.exe but leave the comma there so it looks like this:

[ab]Userinint REG_SZ C:\WINDOWS\system32\Userinit.exe,

Then it will not show up in HJT again...

Avast will run all the time in the background scanning files as it goes, it should auto update as well...
You can merge the two avast icons in your systray together by right clicking the little blue ball with the i in it and select merge with main avast icon.

If you switch over to Firefox as your web browser you'll probably never run SpyBot and Ad-Aware again...
Go to http://www.mozilla.com and install Firefox as your default browser...

Also if you use Outlook Express for email then grab Thunderbird http://www.mozilla.com/thunderbird/ as well and use it as your email program...

If you stick with Internet Explorer then I'd update & run them at least once a week depending on your web surfing...

The spyware today are harder to get rid of than the viruses are...

Thank you, I really appreciate all your help.



Done.




We had been using Firefox but then it just stopped working so I slipped back into IE. I didn't think it'd be that big a deal. Apparently it was. Oops! I'm typing this using Firefox.

Thanks again for all the time and help. I'm truly appreciative. This is a great service.

Your welcome TopDawg, glad I could help.