Virus sending e-mail

[ballrd]

The other day, I noticed that my yahoo e-mail account sent messages by itself to some people on my contact lists.  The e-mail included a link to another website.  Did this happen because of a virus and if so, how do I get rid of it?

[SuperDave]

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer. I am working under the guidance of one of the specialist of this forum so it may take a bit longer to process your logs.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!

Download SuperAntispyware Free Edition (SAS)
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
•Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.

================================

Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Full Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
• Please save the log to a location you will remember.
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

=========================

Please download: HiJackThis to your Desktop.

• Double Click the HijackThis icon, located on your Desktop.
  
• By Default, it will install to: C:\Program Files\Trend Micro\HijackThis
• Accept the license agreement.
• Click the Open the Misc Tools section button.
  
• Place a checkmark beside Calculate MD5 of files if possible. Then, click Back.
  
• Click Do a System Scan and Save a Logfile. Or, if you see a white screen, click Scan.
  
• Please post the log in your next reply.
  

=========================

Download Security Check by screen317 from one of the following links and save it to your desktop.

Link 1
Link 2

* Unzip SecurityCheck.zip and a folder named Security Check should appear.
* Open the Security Check folder and double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

[ballrd]

here is the log for superantispyware

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/03/2010 at 10:57 PM

Application Version : 4.40.1002

Core Rules Database Version : 5153
Trace Rules Database Version: 2965

Scan type       : Complete Scan
Total Scan Time : 02:59:19

Memory items scanned      : 841
Memory threats detected   : 0
Registry items scanned    : 8327
Registry threats detected : 0
File items scanned        : 159479
File threats detected     : 581

Adware.Tracking Cookie
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\marissa@trafficmp[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\marissa@advertising[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\marissa@media6degrees[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\marissa@tradedoubler[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\marissa@doubleclick[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\marissa@pointroll[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\marissa@tacoda[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\marissa@questionmarket[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\marissa@atwola[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\marissa@serving-sys[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
   .doubleclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .videoegg.adbureau.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .zillow.adbureau.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .247realmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .atdmt.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .oasn03.247realmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .atdmt.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .zedo.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .interclick.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .revsci.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .collective-media.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .adserver.adtechus.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .linksynergy.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .linksynergy.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .linksynergy.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .linksynergy.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .invitemedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .adbrite.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .pointroll.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .game-advertising-online.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .trafficmp.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .cgm.adbureau.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   servedby.adxpower.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   servedby.adxpower.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   servedby.adxpower.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   rotator.hadj7.adjuggler.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .advertising.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   click.fastpartner.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   eas.apm.emediate.eu [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   ads.gamersmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   ad.yieldmanager.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .axxessads.valuead.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .clicksor.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .realmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .crackle.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .apmebf.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .mediaplex.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .hornymatches.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .hornymatches.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .hornymatches.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .hornymatches.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .hornymatches.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .chitika.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .hornymatches.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .hornymatches.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .hornymatches.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .casalemedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .casalemedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .casalemedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .casalemedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .imrworldwide.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .imrworldwide.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .kontera.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .kontera.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   stats.townnews.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .overture.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .richmedia.yahoo.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   stats.townnews.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   stats.townnews.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   stats.townnews.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .overture.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .leeenterprises.112.2o7.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   rotator.adjuggler.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .247realmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .mmedia.t134.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   cdn4.specificclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   eas.apm.emediate.eu [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   eas.apm.emediate.eu [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .azjmp.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .axxessads.valuead.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .axxessads.valuead.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .axxessads.valuead.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .axxessads.valuead.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .axxessads.valuead.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .legolas-media.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   rotator.hadj7.adjuggler.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   ad.admogulmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .specificmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .specificclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .specificclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .specificclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .specificclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .specificclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .specificclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .specificclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .specificclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   cdn4.specificclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .specificclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   cdn4.specificclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   cdn4.specificclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   cdn4.specificclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   r.unicornmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .server.cpmstar.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .server.cpmstar.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .trafficmp.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .trafficmp.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .server.cpmstar.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .tv-advert.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   ads.gamersmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .cgm.adbureau.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .2o7.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .2o7.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .2o7.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .2o7.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .statcounter.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .warnerbros.112.2o7.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .clicksor.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .clicksor.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .clicksor.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .clicksor.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .eyewonder.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .myroitracking.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .adserving.contextualmarketplace.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .adserving.contextualmarketplace.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .azjmp.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .adtech.de [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .a1.interclick.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .lfstmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ad.yieldmanager.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   cache.trafficmp.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   cache.trafficmp.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .burstnet.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .a1.interclick.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .eyewonder.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .adxpose.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .a1.interclick.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .a1.interclick.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .a1.interclick.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .a1.interclick.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .nextag.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .nextag.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ad.yieldmanager.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .collective-media.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .trafficmp.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .trafficmp.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .trafficmp.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ru4.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ru4.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .murrahdesexesloyaler.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .zanox.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .yieldmanager.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   d.mediaforceads.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .murrahdesexesloyaler.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   ad.yieldmanager.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .www.burstnet.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   dc.tremormedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   banner.adchemy.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   banner.adchemy.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   banner.adchemy.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   adserver.duetads.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   adserver.duetads.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .realmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .realmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .realmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .network.realmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .burstnet.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .adecn.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   gr.burstnet.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .invitemedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .media6degrees.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .revsci.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   www.burstbeacon.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .burstbeacon.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .adbrite.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   rotator.adjuggler.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .trafficmp.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .trafficmp.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .oasn04.247realmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .zedo.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .zedo.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .zedo.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .zedo.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .intermundomedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .intermundomedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .media6degrees.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .media6degrees.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .media6degrees.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .media6degrees.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .media6degrees.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .media6degrees.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .cgm.adbureau.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .cgm.adbureau.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .cgm.adbureau.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .lfstmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   click2go.org [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .cgm.adbureau.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .cgm.adbureau.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .invitemedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .xm.xtendmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   ad.yieldmanager.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .oasn04.247realmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ru4.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ru4.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ru4.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .oasn04.247realmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .invitemedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .invitemedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .invitemedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .fastclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .fastclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .fastclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .oasn04.247realmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .oasn04.247realmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .realmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .realmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   network.realmedia.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .fastclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .fastclick.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .bluestreak.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .tribalfusion.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   ads.bridgetrack.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   ads.bridgetrack.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   ads.bridgetrack.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .pointroll.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .adcentriconline.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .insightexpressai.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .bs.serving-sys.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .serving-sys.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .serving-sys.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .serving-sys.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .serving-sys.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .serving-sys.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .serving-sys.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .serving-sys.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .questionmarket.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .questionmarket.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .adbrite.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .adbrite.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .adbrite.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .adbrite.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .adbrite.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   www.burstnet.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   ad.yieldmanager.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .revsci.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .revsci.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .revsci.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .revsci.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .statcounter.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   ad.yieldmanager.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .mediaplex.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .content.yieldmanager.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   ad.yieldmanager.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .advertising.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .advertising.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .yieldmanager.net [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .advertising.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .advertising.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .advertising.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .advertising.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   ad.yieldmanager.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   ad.yieldmanager.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   ad.yieldmanager.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   statse.webtrendslive.com [ C:\Users\marissa\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   crackle.com [ C:\Users\marissa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\B6BRN2EE ]
   ia.media-imdb.com [ C:\Users\marissa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\B6BRN2EE ]
   media.scanscout.com [ C:\Users\marissa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\B6BRN2EE ]
   media1.break.com [ C:\Users\marissa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\B6BRN2EE ]
   mediaforgews.com [ C:\Users\marissa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\B6BRN2EE ]
   s0.2mdn.net [ C:\Users\marissa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\B6BRN2EE ]
   secure-us.imrworldwide.com [ C:\Users\marissa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\B6BRN2EE ]
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@247realmedia[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@247realmedia[3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][5].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@adbrite[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@adbrite[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@adbureau[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@adbureau[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@adcentriconline[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@adcentriconline[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@adecn[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@adecn[3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@adinterax[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@adlegend[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@admarketplace[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@adrevolver[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][4].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@adtech[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@advertising[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@advertising[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@adxpose[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@apmebf[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@atdmt[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@atwola[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@azjmp[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@banner509[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@bannerfountain[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@bannertgt[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@bannertgt[3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@bluestreak[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@burstbeacon[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@burstbeacon[3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@burstnet[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@burstnet[3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@casalemedia[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@chitika[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@claysbanner545[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@click2go[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@collective-media[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][4].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][5].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@crackle[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@doubleclick[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@edgeadx[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@eyewonder[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@fastclick[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@fastclick[3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@findlaw[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@foobanner[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@foundbanner[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@game-advertising-online[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@greenlightbanner[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@hitbox[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@icebanner[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@iconadserver[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@imediablast[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@imrworldwide[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@insightexpressai[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@interclick[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@intermundomedia[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@invitemedia[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@kontera[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@legolas-media[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@lfstmedia[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@linksynergy[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@lossybanner023[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@lucidmedia[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@lynxtrack[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@media6degrees[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@media6degrees[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@mediafire[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@mediaminer[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@mediaplex[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@more-banners[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@murrahdesexesloyaler[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@myroitracking[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@mystats[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@nextag[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@nextag[3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@pointroll[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@popunderadvertise[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@poundbanner260[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@qnsr[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@questionmarket[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@questionmarket[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@questionmarket[3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@questionmarket[5].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@realmedia[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@realmedia[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@revsci[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@revsci[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@ru4[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@serve-banners[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][4].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@serving-sys[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@serving-sys[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@serving-sys[4].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@smartadserver[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@socialmedia[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@specificclick[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@specificclick[3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@specificmedia[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@specificmedia[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@statcounter[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@statcounter[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@statcounter[3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@statcounter[4].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@stopzilla[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@tacoda[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@trackingvalue[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@trafficmp[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@tribalfusion[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@tunebanner352[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@websponsors[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@worrybanner766[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@yellowlinebanner[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@yieldmanager[1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@yieldmanager[3].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\marissa@zedo[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\marissa@advertising[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\marissa@atdmt[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\marissa@doubleclick[2].txt
   C:\Users\marissa\AppData\Roaming\Microsoft\Windows\Cookies\marissa@tacoda[2].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\public@adrevolver[2].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\public@advertising[2].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\public@apmebf[2].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\public@atdmt[1].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\public@doubleclick[1].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\public@fastclick[2].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\public@insightexpressai[1].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\public@interclick[2].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\public@mediaplex[2].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\public@questionmarket[2].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\public@specificclick[1].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\public@specificmedia[1].txt
   C:\Users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\public@tacoda[2].txt

Adware.Flash Tracking Cookie
   C:\Users\marissa\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\B6BRN2EE\IA.MEDIA-IMDB.COM
   C:\Users\marissa\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\B6BRN2EE\MEDIA1.BREAK.COM
   C:\Users\marissa\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\B6BRN2EE\MEDIAFORGEWS.COM
   C:\Users\marissa\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\B6BRN2EE\CRACKLE.COM
   C:\Users\marissa\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\B6BRN2EE\S0.2MDN.NET
   C:\Users\marissa\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\B6BRN2EE\SECURE-US.IMRWORLDWIDE.COM

[ballrd]

here's the malwarebytes log


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4273

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

7/4/2010 11:06:32 AM
mbam-log-2010-07-04 (11-06-32).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 295662
Time elapsed: 2 hour(s), 23 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[ballrd]

here's the hijackthis log


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:22:24 AM, on 7/4/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Dell Video Chat\DellVideoChat.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Dell Remote Access\ezi_ra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (filesize 940856 bytes, MD5 423917871D9FF924420A73CD818074D3)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (filesize 75200 bytes, MD5 E5EF96D01F3B696817DB909B732D9BB2)
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll (filesize 246800 bytes, MD5 7B54980334E33FC209B5C56D80BF5A60)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (filesize 137600 bytes, MD5 F655CDD5506FBB4C40C08C9C6A66F7C8)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (filesize 62784 bytes, MD5 2F2D790D560CE6B8C7BC4DD6CA766A0E)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (filesize 408440 bytes, MD5 1A82C1B9BB43385695EFC3A84F6756A2)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (filesize 804136 bytes, MD5 7D52D1B380C1231FCEC11A707726A781)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (filesize 41760 bytes, MD5 385BD69743EA92E76CDF07B3345A25D5)
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (filesize 1067352 bytes, MD5 4DC993F947CA0E46DAF3260D78BC9A60)
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (filesize 160056 bytes, MD5 01CB9737D47E259CFADF007B3E034E7D)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (filesize 1067352 bytes, MD5 4DC993F947CA0E46DAF3260D78BC9A60)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (filesize 940856 bytes, MD5 423917871D9FF924420A73CD818074D3)
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (filesize 429816 bytes, MD5 CDD49DB35420C0B6B3FEC171171CBCCE)
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (filesize 404216 bytes, MD5 95824597899CCABB419760E3FCD7660D)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exeC:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exeC:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exeC:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exeC:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey (filesize 1218008 bytes, MD5 796AD8EBEA1CBC334D07FCBE152E6167)
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2 (filesize 438403 bytes, MD5 2A80AC69283F3AE0AA298AC2512D5B88)
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" (filesize 126976 bytes, MD5 8A4249120F5B692369B1238F894233B9)
O4 - HKLM\..\Run: [Dell PC TuneUp Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe" (filesize 314224 bytes, MD5 C3317B3E444D3DDB968D2B754325D1C9)
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter (filesize 206064 bytes, MD5 3917664C26B4344768C288BBA6FEFCB6)
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" (filesize 248040 bytes, MD5 52DB6CDAC5BC7A1FC884E97C41C91213)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (filesize 36272 bytes, MD5 F91F52F4EA5D88DAB6245682A16F3A72)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" (filesize 952768 bytes, MD5 DB1DB28467111A24664933AB8908CBCE)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (filesize 421888 bytes, MD5 ED7A6D40B20DC34BE06F4AE196AE7D50)
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (filesize 141624 bytes, MD5 0E284B5BB0CDD631461CE7E91DCEE3E2)
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW (filesize 1144104 bytes, MD5 8D54B8CD5930D2A6137D93C23B60C321)
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript (filesize 1090952 bytes, MD5 D594EA4AC1C0E4675EF2F0063950ABEF)
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (filesize 1233920 bytes, MD5 9E35FF7F943AE0FB89192BFE058B7FD4)
O4 - HKCU\..\Run: [SightSpeed] "C:\Program Files\Dell Video Chat\DellVideoChat.exe" -bootmode (filesize 4812664 bytes, MD5 601646FEB5D676247148EC219E0BD3AA)
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeC:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" (filesize 3558648 bytes, MD5 6EB81986413BFECAF1F34BADD93A609E)
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized (filesize 26102056 bytes, MD5 034AC2B2757FE6841AB092ECADA891B9)
O4 - HKCU\..\Run: [Google Update] "C:\Users\marissa\AppData\Local\Google\Update\GoogleUpdate.exe" /c (filesize 135664 bytes, MD5 8F0DE4FEF8201E306F9938B0905AC96A)
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exeC:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') (filesize 1295656 bytes, MD5 58D9C70B01DBF2DEAEA787A1D7C869BB)
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (filesize 1295656 bytes, MD5 58D9C70B01DBF2DEAEA787A1D7C869BB)
O4 - Global Startup: Dell Remote Access.lnk = ?
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe (filesize 1616976 bytes, MD5 CE109AF553A24AB4DBB669B4705C7FB1)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (filesize 187224 bytes, MD5 19737BD6606A96AB311BBC87659626AC)
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (filesize 187224 bytes, MD5 19737BD6606A96AB311BBC87659626AC)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (filesize 603040 bytes, MD5 79F7DB36E67B9E8365FA824AD96DF400)
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (filesize 603040 bytes, MD5 79F7DB36E67B9E8365FA824AD96DF400)
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (filesize 804136 bytes, MD5 7D52D1B380C1231FCEC11A707726A781)
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (filesize 804136 bytes, MD5 7D52D1B380C1231FCEC11A707726A781)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (filesize 39464 bytes, MD5 AEF204E782BFA2C8448CB43A58960744)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (filesize 804136 bytes, MD5 7D52D1B380C1231FCEC11A707726A781)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (filesize 2135336 bytes, MD5 028FF74DAFDC7BB45C956A5EC8926CEE)
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dllC:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exeC:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exeC:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exeC:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exeC:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exeC:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Advanced Networking Service (hnmsvc) - Dell Inc. - c:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exec:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exeC:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exeC:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeC:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exeC:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exec:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exeC:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exeC:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exeC:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exeC:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exeC:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exeC:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 16025 bytes

[ballrd]

here's the security check log


 Results of screen317's Security Check version 0.99.4 
 Windows Vista Service Pack 2 (UAC is enabled)
 Internet Explorer 8 
``````````````````````````````
Antivirus/Firewall Check:
 Windows Firewall Enabled! 
 McAfee SecurityCenter     
 WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
 Malwarebytes' Anti-Malware   
 HijackThis 2.0.2   
 Java(TM) 6 Update 20 
 Adobe Flash Player 10.1.53.64 
Adobe Reader 9.3.2
 Mozilla Firefox (3.6.4)
````````````````````````````````
Process Check: 
objlist.exe by Laurent
 Windows Defender MSASCui.exe
 McAfee VIRUSS~1 mcshield.exe 
 McAfee VIRUSS~1 mcsysmon.exe 
 Windows Defender MSASCui.exe   
 iolo common lib ioloServiceManager.exe
````````````````````````````````
DNS Vulnerability Check:
 GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

[SuperDave]

Download ComboFix by sUBs from one of the below links.  Be sure to save it to the Desktop.

link # 1
Link # 2

Close any open web browsers (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your anti-virus, and any anti-spyware real-time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

Right-click combofix.exe and select Run as Administrator and follow the prompts.
When finished, ComboFix will produce a log for you.
Post the ComboFix log and a new HijackThis log in your next reply.

NOTE: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your anti-virus and anti-spyware protection when ComboFix is complete.

[ballrd]

here's the combofix log


ComboFix 10-07-04.02 - marissa 07/04/2010  21:31:13.2.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3030.1590 [GMT -7:00]
Running from: c:\users\marissa\Desktop\ComboFix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((   Files Created from 2010-06-05 to 2010-07-05  )))))))))))))))))))))))))))))))
.

2010-07-05 04:40 . 2010-07-05 04:40   --------   d-----w-   c:\windows\system32\config\systemprofile\AppData\Local\temp
2010-07-05 04:40 . 2010-07-05 04:40   --------   d-----w-   c:\users\Public\AppData\Local\temp
2010-07-05 04:40 . 2010-07-05 04:40   --------   d-----w-   c:\users\Public.marissa-PC\AppData\Local\temp
2010-07-05 04:40 . 2010-07-05 04:40   --------   d-----w-   c:\users\Default\AppData\Local\temp
2010-07-04 06:11 . 2010-04-29 22:39   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-04 06:11 . 2010-07-04 06:11   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2010-07-04 06:11 . 2010-04-29 22:39   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
2010-07-04 02:51 . 2010-07-04 02:51   63488   ----a-w-   c:\users\marissa\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-07-04 02:51 . 2010-07-04 02:51   52224   ----a-w-   c:\users\marissa\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-07-04 02:51 . 2010-07-04 02:51   117760   ----a-w-   c:\users\marissa\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-07-04 02:50 . 2010-07-04 02:50   --------   d-----w-   c:\users\marissa\AppData\Roaming\SUPERAntiSpyware.com
2010-07-04 02:50 . 2010-07-04 02:50   --------   d-----w-   c:\programdata\SUPERAntiSpyware.com
2010-07-04 02:50 . 2010-07-04 02:50   --------   d-----w-   c:\program files\SUPERAntiSpyware
2010-06-27 02:39 . 2010-06-27 02:39   --------   d-----w-   c:\users\marissa\AppData\Roaming\Malwarebytes
2010-06-27 02:39 . 2010-06-27 02:39   --------   d-----w-   c:\programdata\Malwarebytes
2010-06-27 02:06 . 2010-06-27 02:06   --------   d-----w-   C:\_OTL
2010-06-26 04:56 . 2010-06-26 04:56   --------   d-----w-   c:\program files\Trend Micro
2010-06-25 05:43 . 2010-06-26 01:33   --------   d-----w-   c:\programdata\Norton
2010-06-25 05:43 . 2010-06-26 01:33   --------   d-----w-   c:\programdata\Symantec
2010-06-25 05:43 . 2010-06-25 05:43   --------   d-----w-   c:\programdata\NortonInstaller
2010-06-25 02:57 . 2010-06-25 05:51   57344   ----a-w-   c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-06-25 02:48 . 2010-06-25 02:41   1062184   ----a-w-   c:\programdata\DivX\Setup\Resource.dll
2010-06-25 02:48 . 2010-06-25 02:41   895256   ----a-w-   c:\programdata\DivX\Setup\DivXSetup.exe
2010-06-25 02:48 . 2010-06-25 02:48   56997   ----a-w-   c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-06-25 02:48 . 2010-06-25 02:48   56765   ----a-w-   c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-06-25 02:48 . 2010-06-25 02:48   53600   ----a-w-   c:\programdata\DivX\Update\Uninstaller.exe
2010-06-25 02:48 . 2010-06-25 02:48   --------   d-----w-   c:\users\marissa\AppData\Roaming\DivX
2010-06-25 02:47 . 2010-06-25 02:47   57409   ----a-w-   c:\programdata\DivX\ControlPanel\Uninstaller.exe
2010-06-25 02:47 . 2010-06-25 02:47   52963   ----a-w-   c:\programdata\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-06-25 02:47 . 2010-06-25 02:47   54073   ----a-w-   c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-06-25 02:41 . 2010-06-25 05:51   --------   d-----w-   c:\programdata\DivX
2010-06-24 07:43 . 2010-06-24 07:43   --------   d-----w-   c:\program files\iPod
2010-06-24 07:43 . 2010-06-24 07:45   --------   d-----w-   c:\program files\iTunes
2010-06-24 07:36 . 2010-06-24 07:36   --------   d-----w-   c:\program files\Bonjour
2010-06-24 07:23 . 2010-06-24 07:23   72504   ----a-w-   c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe
2010-06-23 02:01 . 2009-11-08 17:55   99176   ----a-w-   c:\windows\system32\PresentationHostProxy.dll
2010-06-23 02:01 . 2009-11-08 17:55   49472   ----a-w-   c:\windows\system32\netfxperf.dll
2010-06-23 02:01 . 2009-11-08 17:55   297808   ----a-w-   c:\windows\system32\mscoree.dll
2010-06-23 02:01 . 2009-11-08 17:55   295264   ----a-w-   c:\windows\system32\PresentationHost.exe
2010-06-23 02:00 . 2009-11-08 17:55   1130824   ----a-w-   c:\windows\system32\dfshim.dll
2010-06-23 01:02 . 2010-04-16 16:43   28672   ----a-w-   c:\windows\system32\Apphlpdm.dll
2010-06-23 01:02 . 2010-04-16 14:39   4240384   ----a-w-   c:\windows\system32\GameUXLegacyGDFs.dll
2010-06-11 02:20 . 2010-04-05 17:01   67072   ----a-w-   c:\windows\system32\asycfilt.dll
2010-06-11 02:19 . 2010-05-26 17:06   34304   ----a-w-   c:\windows\system32\atmlib.dll
2010-06-11 02:19 . 2010-05-26 14:47   289792   ----a-w-   c:\windows\system32\atmfd.dll
2010-06-11 02:06 . 2010-05-01 14:13   2037248   ----a-w-   c:\windows\system32\win32k.sys
2010-06-09 04:02 . 2010-06-09 04:02   --------   d-----w-   c:\program files\Common Files\Java
2010-06-09 04:00 . 2010-04-13 00:29   411368   ----a-w-   c:\windows\system32\deployJava1.dll
2010-06-06 05:21 . 2010-06-06 05:21   --------   d-----w-   c:\users\marissa\AppData\Local\oebjputos

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-30 18:45 . 2009-03-15 06:34   --------   d-----w-   c:\users\marissa\AppData\Roaming\LimeWire
2010-06-27 15:19 . 2009-03-15 18:17   6756   ----a-w-   c:\users\marissa\AppData\Local\d3d9caps.dat
2010-06-27 02:04 . 2009-03-06 12:54   --------   d-----w-   c:\program files\Microsoft.NET
2010-06-27 02:03 . 2009-03-15 20:11   --------   d-----w-   c:\programdata\Viewpoint
2010-06-25 05:51 . 2009-05-07 01:10   --------   d-----w-   c:\program files\DivX
2010-06-25 05:51 . 2009-03-06 13:06   --------   d-----w-   c:\program files\Common Files\PX Storage Engine
2010-06-25 02:47 . 2009-05-07 01:10   --------   d-----w-   c:\program files\Common Files\DivX Shared
2010-06-24 07:43 . 2009-03-15 06:21   --------   d-----w-   c:\program files\Common Files\Apple
2010-06-23 03:00 . 2009-03-06 12:55   --------   d-----w-   c:\program files\McAfee
2010-06-15 21:14 . 2009-03-06 12:52   --------   d-----w-   c:\programdata\Microsoft Help
2010-06-12 02:44 . 2006-11-02 11:18   --------   d-----w-   c:\program files\Windows Mail
2010-06-09 03:59 . 2009-03-06 12:48   --------   d-----w-   c:\program files\Java
2010-06-04 04:35 . 2009-03-06 13:36   --------   d-----w-   c:\program files\Microsoft Silverlight
2010-05-21 21:14 . 2009-11-03 18:14   221568   ------w-   c:\windows\system32\MpSigStub.exe
2010-05-18 23:35 . 2010-05-18 23:35   91424   ----a-w-   c:\windows\system32\dnssd.dll
2010-05-18 23:35 . 2010-05-18 23:35   107808   ----a-w-   c:\windows\system32\dns-sd.exe
2010-05-16 08:02 . 2009-03-15 06:33   --------   d-----w-   c:\program files\LimeWire
2010-05-14 09:46 . 2009-08-21 12:51   --------   d-----w-   c:\users\marissa\AppData\Roaming\Skype
2010-05-14 07:00 . 2009-08-21 12:53   --------   d-----w-   c:\users\marissa\AppData\Roaming\skypePM
2010-05-04 05:59 . 2010-06-11 02:18   916480   ----a-w-   c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-11 02:18   71680   ----a-w-   c:\windows\system32\iesetup.dll
2010-05-04 05:55 . 2010-06-11 02:18   109056   ----a-w-   c:\windows\system32\iesysprep.dll
2010-05-04 04:31 . 2010-06-11 02:18   133632   ----a-w-   c:\windows\system32\ieUnatt.exe
2010-04-27 18:40 . 2007-11-14 09:00   45648   ------w-   c:\windows\system32\drivers\pxhelp20.sys
2010-04-23 14:13 . 2010-05-25 19:06   2048   ----a-w-   c:\windows\system32\tzres.dll
2010-04-18 19:31 . 2009-05-11 01:27   59464   ----a-w-   c:\users\Public.marissa-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-16 16:43 . 2010-06-23 01:02   173056   ----a-w-   c:\windows\AppPatch\AcXtrnal.dll
2010-04-16 16:43 . 2010-06-23 01:02   458752   ----a-w-   c:\windows\AppPatch\AcSpecfc.dll
2010-04-16 16:43 . 2010-06-23 01:02   542720   ----a-w-   c:\windows\AppPatch\AcLayers.dll
2010-04-16 16:43 . 2010-06-23 01:02   2159616   ----a-w-   c:\windows\AppPatch\AcGenral.dll
2010-04-12 16:10 . 2010-04-12 16:10   79144   ----a-w-   c:\programdata\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe
2009-03-06 13:00 . 2009-03-06 13:00   75   --sh--r-   c:\windows\CT4CET.bin
2009-03-06 14:02 . 2009-03-06 13:58   8192   --sha-w-   c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"SightSpeed"="c:\program files\Dell Video Chat\DellVideoChat.exe" [2008-08-15 4812664]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-04-03 3558648]
"Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-04-06 26102056]
"Google Update"="c:\users\marissa\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-01-30 135664]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-07-17 196608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-11-21 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-11-21 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-11-21 154136]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-10-29 1218008]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-02-19 438403]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-05-09 126976]
"Dell PC TuneUp Startup"="c:\program files\iolo\Common\Lib\ioloLManager.exe" [2009-02-12 314224]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-10-04 206064]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-03-17 47392]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-12-22 483420]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

c:\users\Public.marissa-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-23 1295656]

c:\users\marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-23 1295656]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Remote Access.lnk - c:\windows\Installer\{F66A31D9-7831-4FBA-BA02-C411C0047CC5}\NewShortcut10_F66A31D978314FBABA02C411C0047CC5.exe [2009-3-6 53248]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-7-9 1616976]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-03-06 13:08   10536   ----a-w-   c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):f4,df,54,c7,71,15,ca,01

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\elrawdsk.sys [2008-09-03 12800]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe [2008-12-22 81920]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-09-24 155648]
S2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2009-02-07 712048]
S2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2009-02-07 712048]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-11-21 112128]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2008-07-28 54784]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2008-05-29 203264]
S3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-07-04 3663360]
S3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\DRIVERS\OA001Ufd.sys [2008-10-27 144672]
S3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\DRIVERS\OA001Vid.sys [2008-10-27 277440]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation   REG_MULTI_SZ      FontCache
.
Contents of the 'Scheduled Tasks' folder

2010-07-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3947971329-2590106394-3651436325-1000Core.job
- c:\users\marissa\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-30 05:31]

2010-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3947971329-2590106394-3651436325-1000UA.job
- c:\users\marissa\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-30 05:31]

2010-05-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-10-22 17:22]

2010-07-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-10-22 17:22]

2010-07-05 c:\windows\Tasks\User_Feed_Synchronization-{B62B1A3F-2A07-43E8-B72E-BCF13F3BF6CD}.job
- c:\windows\system32\msfeedssync.exe [2010-06-11 04:30]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
FF - ProfilePath - c:\users\marissa\AppData\Roaming\Mozilla\Firefox\Profiles\clpyk4wk.default\
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\marissa\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\users\marissa\AppData\Local\Yahoo!\BrowserPlus\2.7.1\Plugins\npybrowserplus_2.7.1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type",                  5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 10);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_ everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_a s_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-04 21:40
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-07-04  21:43:38
ComboFix-quarantined-files.txt  2010-07-05 04:43
ComboFix2.txt  2010-06-27 16:21

Pre-Run: 196,954,603,520 bytes free
Post-Run: 196,935,876,608 bytes free

- - End Of File - - DD15FB751649643F7F86EF71B70FC3C8

[ballrd]

i had to redownload hijackthis because my computer said it was an "illegal operation attempted on a registry key that has been marked for deletion." Here is the new log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:57:14 PM, on 7/4/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Dell Video Chat\DellVideoChat.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Dell Remote Access\ezi_ra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\System32\mobsync.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (filesize 940856 bytes, MD5 423917871D9FF924420A73CD818074D3)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (filesize 75200 bytes, MD5 6D9042F1443A601DA8DC24D991EDDD0A)
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll (filesize 246800 bytes, MD5 7B54980334E33FC209B5C56D80BF5A60)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (filesize 137600 bytes, MD5 F655CDD5506FBB4C40C08C9C6A66F7C8)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (filesize 62784 bytes, MD5 2F2D790D560CE6B8C7BC4DD6CA766A0E)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (filesize 408440 bytes, MD5 1A82C1B9BB43385695EFC3A84F6756A2)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (filesize 804136 bytes, MD5 7D52D1B380C1231FCEC11A707726A781)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (filesize 41760 bytes, MD5 385BD69743EA92E76CDF07B3345A25D5)
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (filesize 1067352 bytes, MD5 4DC993F947CA0E46DAF3260D78BC9A60)
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (filesize 160056 bytes, MD5 01CB9737D47E259CFADF007B3E034E7D)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (filesize 1067352 bytes, MD5 4DC993F947CA0E46DAF3260D78BC9A60)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (filesize 940856 bytes, MD5 423917871D9FF924420A73CD818074D3)
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (filesize 429816 bytes, MD5 CDD49DB35420C0B6B3FEC171171CBCCE)
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (filesize 404216 bytes, MD5 95824597899CCABB419760E3FCD7660D)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exeC:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exeC:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exeC:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exeC:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey (filesize 1218008 bytes, MD5 796AD8EBEA1CBC334D07FCBE152E6167)
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2 (filesize 438403 bytes, MD5 2A80AC69283F3AE0AA298AC2512D5B88)
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" (filesize 126976 bytes, MD5 8A4249120F5B692369B1238F894233B9)
O4 - HKLM\..\Run: [Dell PC TuneUp Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe" (filesize 314224 bytes, MD5 C3317B3E444D3DDB968D2B754325D1C9)
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter (filesize 206064 bytes, MD5 3917664C26B4344768C288BBA6FEFCB6)
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" (filesize 248040 bytes, MD5 52DB6CDAC5BC7A1FC884E97C41C91213)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (filesize 35760 bytes, MD5 A32B25970003B6ABA027EFF8EEDA12A3)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" (filesize 976832 bytes, MD5 0B232C77D822983397674AEEC9AB59DC)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (filesize 421888 bytes, MD5 ED7A6D40B20DC34BE06F4AE196AE7D50)
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (filesize 141624 bytes, MD5 0E284B5BB0CDD631461CE7E91DCEE3E2)
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW (filesize 1144104 bytes, MD5 8D54B8CD5930D2A6137D93C23B60C321)
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript (filesize 1090952 bytes, MD5 D594EA4AC1C0E4675EF2F0063950ABEF)
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (filesize 1233920 bytes, MD5 9E35FF7F943AE0FB89192BFE058B7FD4)
O4 - HKCU\..\Run: [SightSpeed] "C:\Program Files\Dell Video Chat\DellVideoChat.exe" -bootmode (filesize 4812664 bytes, MD5 601646FEB5D676247148EC219E0BD3AA)
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeC:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" (filesize 3558648 bytes, MD5 6EB81986413BFECAF1F34BADD93A609E)
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized (filesize 26102056 bytes, MD5 034AC2B2757FE6841AB092ECADA891B9)
O4 - HKCU\..\Run: [Google Update] "C:\Users\marissa\AppData\Local\Google\Update\GoogleUpdate.exe" /c (filesize 135664 bytes, MD5 8F0DE4FEF8201E306F9938B0905AC96A)
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exeC:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') (filesize 1295656 bytes, MD5 58D9C70B01DBF2DEAEA787A1D7C869BB)
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (filesize 1295656 bytes, MD5 58D9C70B01DBF2DEAEA787A1D7C869BB)
O4 - Global Startup: Dell Remote Access.lnk = ?
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe (filesize 1616976 bytes, MD5 CE109AF553A24AB4DBB669B4705C7FB1)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (filesize 187224 bytes, MD5 19737BD6606A96AB311BBC87659626AC)
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (filesize 187224 bytes, MD5 19737BD6606A96AB311BBC87659626AC)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (filesize 603040 bytes, MD5 79F7DB36E67B9E8365FA824AD96DF400)
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (filesize 603040 bytes, MD5 79F7DB36E67B9E8365FA824AD96DF400)
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (filesize 804136 bytes, MD5 7D52D1B380C1231FCEC11A707726A781)
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (filesize 804136 bytes, MD5 7D52D1B380C1231FCEC11A707726A781)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (filesize 39464 bytes, MD5 AEF204E782BFA2C8448CB43A58960744)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (filesize 804136 bytes, MD5 7D52D1B380C1231FCEC11A707726A781)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (filesize 2135336 bytes, MD5 028FF74DAFDC7BB45C956A5EC8926CEE)
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dllC:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exeC:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exeC:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exeC:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exeC:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exeC:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Advanced Networking Service (hnmsvc) - Dell Inc. - c:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exec:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exeC:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exeC:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeC:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exeC:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exec:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exeC:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exeC:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exeC:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exeC:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exeC:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exeC:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 15841 bytes

[SuperDave]

You have Viewpoint installed.

Viewpoint Media Player/Manager/Toolbar is considered as Foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad".

More information:

* ViewMgr.exe - Useless
* Viewpoint to Plunge Into Adware

It is suggested to remove the program now. Go to Start > Control Panel > Add/Remove Programs - (Vista & Win7 is Programs and Features) and remove the following programs if present.

* Viewpoint
* Viewpoint Manager
* Viewpoint Media Player
* Viewpoint Toolbar
* Viewpoint Experience Technology

==========================

Please read here for more information about WildTangent. Your choice if you want to remove it or not.

If you choose to follow my advice, please follow these instructions.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

•WildTangent Web Driver

=============================

P2P - I see you have P2P software installed on your machine. (LimeWire ) We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.

===================================

Open HijackThis and select Do a system scan only

Place a check mark next to the following entries: (if there)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript (filesize 1090952 bytes, MD5 D594EA4AC1C0E4675EF2F0063950ABEF)


Important: Close all open windows except for HijackThis and then click Fix checked.

Once completed, exit HijackThis.

==============================

I'd like us to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  

•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

[ballrd]

the eset scan did not find any threats

[SuperDave]

the eset scan did not find any threats

That sounds good. If there are no other issues, it's time for some clean-up.

* Click START then RUN - Vista users press the Windows Key and the R keys for the Run box.
* Now type Combofix /uninstall in the runbox
* Make sure there's a space between Combofix and /Uninstall
* Then hit Enter

* The above procedure will:
* Delete the following:
* ComboFix and its associated files and folders.
* Reset the clock settings.
* Hide file extensions, if required.
* Hide System/Hidden files, if required.
* Set a new, clean Restore Point.

================================

Download OTC by OldTimer and save it to your desktop.

1. Double-click OTC to run it.
2. Click the CleanUp! button.
3. Select Yes when the "Begin cleanup Process?" prompt appears.
4. If you are prompted to Reboot during the cleanup, select Yes
5. OTC should delete itself once it finishes, if not delete it yourself.

==============================

Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.

================================

Looking over your log it seems you don't have any evidence of a third party firewall.

Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors.

Remember only install ONE firewall

1) Comodo Personal Firewall (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one)
2) Online Armor
3) Agnitum Outpost
4) PC Tools Firewall Plus

If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time.

==================================

Use the Secunia Software Inspector to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

[ballrd]

ok, all done.  if that's everything, thank you so much for your help