Results 1 to 3 of 3
  1. #1
    Member
    Join Date
    Apr 2013
    Posts
    1
    Points
    0

    Smile I think computer is infected and cursor spins all the time as if something is running

    Hi,

    I have copied the 3 logs you require. I have a HP pavillion running vista. It has seem bogged down for a very long time now. The cursor is constantly spinning everytime I wiggle the mouse to get out of the screen saver. I know I have some kind of virus because I've set my homepage to google but it always goes back to---> about: blank .....and when I try to search the address bar reads mysearchresults.com. I also think there are other things wrong.

    Hijackthis log

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 12:27:47 AM, on 4/21/2013
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16476)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\SlimDrivers\SlimDrivers.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
    C:\Program Files\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
    C:\WINDOWS\System32\wpcumi.exe
    C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
    C:\Program Files\AVG\AVG2013\avgui.exe
    C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\E_FATIFJA.EXE
    C:\Program Files\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\E_FATIFJA.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\Driver Manager\Driver Manager\DriverManager.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Apoint2K\ApMsgFwd.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Users\Jessica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NXI7QOMI\HijackThis.exe
    c:\Users\Jessica\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = AOL.com - News, Sports, Weather, Entertainment, Stocks & Local
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Jessica\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [QlbCtrl] "C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
    O4 - HKLM\..\Run: [OnScreenDisplay] "C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe"
    O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint2K\Apoint.exe"
    O4 - HKLM\..\Run: [hpqSRMon] "C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe"
    O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
    O4 - HKLM\..\Run: [FUFAXSTM] "C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe"
    O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
    O4 - HKLM\..\Run: [Monitor] "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe"
    O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [EPSON WorkForce 610 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFJA.EXE /FU "C:\Windows\TEMP\E_SC522.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [PMSpeed] C:\Program Files\NewSoft\Presto! PageManager 8 for EP\PMSpeed.EXE
    O4 - HKCU\..\Run: [WorkForce 610(Network)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFJA.EXE /FU "C:\Windows\TEMP\E_SB07C.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [Driver Manager] C:\Program Files\Driver Manager\Driver Manager\DriverManager.exe /applicationMode:systemTray /showWelcome:false
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C)" -"http://coursewareobjects.elsevier.com/objects/elr/deWit/medsurg2e/testpage.html"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/...nAxControl.CAB
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...tup1.0.1.1.cab
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe...bat/nos/gp.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - Free Online Games
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
    O23 - Service: DefaultTabSearch - Unknown owner - C:\Program Files\DefaultTab\DefaultTabSearch.exe
    O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Jessica\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
    O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
    O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 13152 bytes



    Superantispyware Log

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 04/18/2013 at 11:42 PM

    Application Version : 5.6.1014

    Core Rules Database Version : 10285
    Trace Rules Database Version: 8097

    Scan type : Complete Scan
    Total Scan Time : 02:46:16

    Operating System Information
    Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
    UAC On - Limited User (Administrator User)

    Memory items scanned : 818
    Memory threats detected : 0
    Registry items scanned : 38671
    Registry threats detected : 0
    File items scanned : 75814
    File threats detected : 255

    Adware.Tracking Cookie
    C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Cookies\9SKODWKB.txt [ /realnetworks.112.2o7.net ]
    C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Cookies\95J4SIGY.txt [ /insightexpressai.com ]
    C:\USERS\GUEST\AppData\Roaming\Microsoft\Windows\Cookies\Z2USGQQR.txt [ Cookie:guest@imrworldwide.com/cgi-bin ]
    C:\USERS\GUEST\AppData\Roaming\Microsoft\Windows\Cookies\guest@wt.xxxcupid[1].txt [ Cookie:guest@wt.xxxcupid.com/ ]
    C:\USERS\GUEST\AppData\Roaming\Microsoft\Windows\Cookies\guest@xxxcupid[1].txt [ Cookie:guest@xxxcupid.com/ ]
    C:\USERS\GUEST\AppData\Roaming\Microsoft\Windows\Cookies\ZW93LBSC.txt [ Cookie:guest@www.googleadservices.com/pagead/conversion/1019358009/ ]
    C:\USERS\GUEST\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@bizrate[2].txt [ Cookie:guest@bizrate.com/ ]
    C:\USERS\GUEST\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@doubleclick[1].txt [ Cookie:guest@doubleclick.net/ ]
    C:\USERS\GUEST\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@youporn[2].txt [ Cookie:guest@youporn.com/ ]
    C:\USERS\GUEST\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@pornhub[1].txt [ Cookie:guest@pornhub.com/ ]
    C:\USERS\GUEST\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@www.bizrate[2].txt [ Cookie:guest@www.bizrate.com/ ]
    C:\USERS\GUEST\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@at.atwola[1].txt [ Cookie:guest@at.atwola.com/ ]
    C:\USERS\GUEST\Cookies\Z2USGQQR.txt [ Cookie:guest@imrworldwide.com/cgi-bin ]
    C:\USERS\GUEST\Cookies\guest@wt.xxxcupid[1].txt [ Cookie:guest@wt.xxxcupid.com/ ]
    C:\USERS\GUEST\Cookies\guest@xxxcupid[1].txt [ Cookie:guest@xxxcupid.com/ ]
    C:\USERS\GUEST\Cookies\ZW93LBSC.txt [ Cookie:guest@www.googleadservices.com/pagead/conversion/1019358009/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\TJX9UYX5.txt [ Cookie:jessica@ad.mlnadvertising.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\V32LC4IX.txt [ Cookie:jessica@clickondetroit.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\YRE4I531.txt [ Cookie:jessica@a1.interclick.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\EIY7RIXF.txt [ Cookie:jessica@amazon-adsystem.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\1CD63XLV.txt [ Cookie:jessica@tracking.williamsburgmarketplace.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\QLM7CQBW.txt [ Cookie:jessica@lucidmedia.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\5X8X5QAC.txt [ Cookie:jessica@c.atdmt.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\J7NF13GS.txt [ Cookie:jessica@adxpose.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\OZJUL46X.txt [ Cookie:jessica@consumercenter.gogecapital.com/consumercenter/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\OWZ3472B.txt [ Cookie:jessica@ad.yieldmanager.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\0FP9NDLD.txt [ Cookie:jessica@advertising.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\LXILPO3Z.txt [ Cookie:jessica@adsonar.com/adserving ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\4M18YVDR.txt [ Cookie:jessica@thecount.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\6S58TZZ6.txt [ Cookie:jessica@tribalfusion.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\6AG5LECK.txt [ Cookie:jessica@invitemedia.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\4WA9ZE6I.txt [ Cookie:jessica@liveperson.net/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\490Z9QM2.txt [ Cookie:jessica@dteenergy.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\KI3BKJZL.txt [ Cookie:jessica@saymedia.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\DOVXCFYG.txt [ Cookie:jessica@www.burstnet.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\WAEELVW3.txt [ Cookie:jessica@ads.bridgetrack.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\AT5AXQ20.txt [ Cookie:jessica@collective-media.net/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\RL6GEVXL.txt [ Cookie:jessica@doubleclick.net/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\OGKE14WF.txt [ Cookie:jessica@media6degrees.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\2OZ8M46E.txt [ Cookie:jessica@fastclick.net/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\M6GI2E1P.txt [ Cookie:jessica@realmedia.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\X5WIVWDL.txt [ Cookie:jessica@liveperson.net/hc/26926668 ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\CPZGBKQR.txt [ Cookie:jessica@solvemedia.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\X1W4E9GH.txt [ Cookie:jessica@brighthouse.122.2o7.net/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\TNRBG65N.txt [ Cookie:jessica@revsci.net/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\YJAP31NS.txt [ Cookie:jessica@atwola.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\ICOSD9CM.txt [ Cookie:jessica@questionmarket.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\DM4KCDXJ.txt [ Cookie:jessica@accounts.google.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\GO5G5A9K.txt [ Cookie:jessica@serving-sys.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\82XL2AK9.txt [ Cookie:jessica@casalemedia.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\BGVEL5EX.txt [ Cookie:jessica@mediaplex.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\6N8GAIT8.txt [ Cookie:jessica@mm.chitika.net/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\84C2M137.txt [ Cookie:jessica@pro-market.net/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\II67IISI.txt [ Cookie:jessica@gntbcstglobal.112.2o7.net/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\3312NM5E.txt [ Cookie:jessica@specificclick.net/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\ADQO33BD.txt [ Cookie:jessica@ru4.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\A64HXMVK.txt [ Cookie:jessica@madethecut.112.2o7.net/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\2FT8IN1K.txt [ Cookie:jessica@liveperson.net/hc/66983038 ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\JVGMC9R4.txt [ Cookie:jessica@msnbc.112.2o7.net/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\4GC21XUV.txt [ Cookie:jessica@intermundomedia.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\TCXD7VDP.txt [ Cookie:jessica@lfstmedia.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\N0QXAXMJ.txt [ Cookie:jessica@clickztrax.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\G0Y34S3B.txt [ Cookie:jessica@bs.serving-sys.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\G9V5DBSO.txt [ Cookie:jessica@trc.taboola.com/demandmedia-ehow/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\F01IVYGD.txt [ Cookie:jessica@gemoneysusmb2.112.2o7.net/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\AALCIPQ7.txt [ Cookie:jessica@gemoneysusgogecapitalcc.112.2o7.net/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\AW6XURNE.txt [ Cookie:jessica@adserver.adtechus.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\9GXTDOKL.txt [ Cookie:jessica@rainbowmedia.122.2o7.net/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZPJHCWQA.txt [ Cookie:jessica@thecanyonsresort.122.2o7.net/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\B7J6473R.txt [ Cookie:jessica@kontera.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\VY77O006.txt [ Cookie:jessica@statcounter.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\JWP8DZJY.txt [ Cookie:jessica@steelhousemedia.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\XOHB21R3.txt [ Cookie:jessica@www.clickondetroit.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\DP7SCIMV.txt [ Cookie:jessica@kanoodle.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\UYZ4A0TR.txt [ Cookie:jessica@px.steelhousemedia.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\LVS4KXZ5.txt [ Cookie:jessica@liveperson.net/hc/66068382 ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\MMMMA66J.txt [ Cookie:jessica@www.insightexpress.com/ix ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\DAXRXMB6.txt [ Cookie:jessica@a.intentmedia.net/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\UH6MD8C8.txt [ Cookie:jessica@247realmedia.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZMKP8XEP.txt [ Cookie:jessica@eyeviewads.com/ ]
    C:\USERS\JESSICA\AppData\Roaming\Microsoft\Windows\Cookies\Low\MZII4LSZ.txt [ Cookie:jessica@rtst.122.2o7.net/ ]
    C:\USERS\KIDS\AppData\Roaming\Microsoft\Windows\Cookies\Low\7DVD9UX6.txt [ Cookie:kids@intermundomedia.com/ ]
    C:\USERS\KIDS\AppData\Roaming\Microsoft\Windows\Cookies\Low\0CR1TKCR.txt [ Cookie:kids@dc.tremormedia.com/ ]
    C:\USERS\KIDS\AppData\Roaming\Microsoft\Windows\Cookies\Low\31G8VXXC.txt [ Cookie:kids@imrworldwide.com/cgi-bin ]
    C:\USERS\KIDS\AppData\Roaming\Microsoft\Windows\Cookies\Low\DD7QDQIU.txt [ Cookie:kids@doubleclick.net/ ]
    C:\USERS\KIDS\AppData\Roaming\Microsoft\Windows\Cookies\Low\A84R0M81.txt [ Cookie:kids@media6degrees.com/ ]
    C:\USERS\KIDS\AppData\Roaming\Microsoft\Windows\Cookies\Low\JDXIW1ZJ.txt [ Cookie:kids@invitemedia.com/ ]
    C:\USERS\KIDS\AppData\Roaming\Microsoft\Windows\Cookies\Low\CEBTM54Y.txt [ Cookie:kids@www.googleadservices.com/pagead/conversion/1050766120/ ]
    secure-us.imrworldwide.com [ C:\USERS\GUEST\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GA2K9H9T ]
    Free Porn Videos & Sex Movies - Porno, XXX, Porn Tube and Pussy Porn [ C:\USERS\GUEST\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GA2K9H9T ]
    C:\USERS\GUEST\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GUEST@THEFIND[1].TXT [ /THEFIND ]
    C:\USERS\GUEST\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GUEST@WWW.GOOGLEADSERVICES[1].TXT [ /WWW.GOOGLEADSERVICES ]
    .doubleclick.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .interclick.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .technoratimedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .technoratimedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .technoratimedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .technoratimedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .c1.atdmt.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .at.atwola.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .liveperson.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    3095006.fls.doubleclick.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .liveperson.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .imrworldwide.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .imrworldwide.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .burstnet.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adtechus.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tribalfusion.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .apmebf.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaplex.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .pointroll.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .pointroll.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .questionmarket.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .questionmarket.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    server.iad.liveperson.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .h.atdmt.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .h.atdmt.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .h.atdmt.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .h.atdmt.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .apmebf.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaplex.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .lucidmedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    in.getclicky.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .c.atdmt.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .c.atdmt.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .c.atdmt.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .c.atdmt.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    bs.serving-sys.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ru4.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .fastclick.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .intermundomedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .intermundomedia.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\JESSICA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    core.insightexpressai.com [ C:\USERS\JESSICA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\ADCRMHS9 ]
    ds.serving-sys.com [ C:\USERS\JESSICA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\ADCRMHS9 ]
    mediabrix.hs.llnwd.net [ C:\USERS\JESSICA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\ADCRMHS9 ]
    msnbcmedia.msn.com [ C:\USERS\JESSICA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\ADCRMHS9 ]
    secure-uk.imrworldwide.com [ C:\USERS\JESSICA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\ADCRMHS9 ]
    secure-us.imrworldwide.com [ C:\USERS\JESSICA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\ADCRMHS9 ]
    track.adform.net [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    track.adform.net [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adform.net [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    server.adformdsp.net [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adformdsp.net [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adform.net [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .specificclick.net [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .solvemedia.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .solvemedia.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .solvemedia.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .solvemedia.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    webmedia.hrblock.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .questionmarket.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .questionmarket.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .at.atwola.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KIDS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mywebsearch.com [ C:\USERS\KIDS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q71MBB2G.DEFAULT\COOKIES.SQLITE ]
    .mywebsearch.com [ C:\USERS\KIDS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q71MBB2G.DEFAULT\COOKIES.SQLITE ]
    .mywebsearch.com [ C:\USERS\KIDS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q71MBB2G.DEFAULT\COOKIES.SQLITE ]
    .mywebsearch.com [ C:\USERS\KIDS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q71MBB2G.DEFAULT\COOKIES.SQLITE ]
    .mywebsearch.com [ C:\USERS\KIDS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q71MBB2G.DEFAULT\COOKIES.SQLITE ]

    Trojan.Agent/Gen-ImageDocFake
    C:\USERS\JESSICA\DOWNLOADS\JOHN HIATT...HANGIN' AROUND THE OBSERVATORY-OVERCOATS(1974-75)CD(2006)[FLAC]\FOLDER.JPG



    Malwarebytes Log

    Malwarebytes Anti-Malware 1.75.0.1300
    Malwarebytes : Free anti-malware download

    Database version: v2013.04.19.04

    Windows Vista Service Pack 2 x86 NTFS
    Internet Explorer 9.0.8112.16421
    Jessica :: JESSICA-PC [administrator]

    4/19/2013 11:38:10 PM
    mbam-log-2013-04-19 (23-38-10).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 270144
    Time elapsed: 20 minute(s), 12 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)

  2. #2
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Please run the following tools and post their logs.

    1.
    Download AdwCleaner
    • Double click on AdwCleaner.exe to run the tool.
      ***Note: Windows Vista and Windows 7 users:
      Right click in the adwCleaner.exe and select
    • Click the Delete button.
    • A logfile will automatically open after the scan has finished.
    • Please post the content of that logfile in your next reply.
    • Or you can find the logfile at C:\AdwCleaner[R1].txt.


    2.
    Download and run Junkware Removal Tool. ***Your Anti Virus may see this download as malicious, don't worry continue on.

    Please download Junkware Removal Tool to your desktop.

    • shut down your protection software now to avoid potential conflicts.
    • run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
      the tool will open and start scanning your system
    • please be patient as this can take a while to complete depending on your system's specifications
    • on completion, a log (JRT.txt) is saved to your desktop and will automatically open
    • post the contents of JRT.txt into your next Reply.


    Things to include in your next reply::
    AdwCleaner log
    JRT.txt
    How is the machine running now?
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  3. #3
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello.

    There had been no reply from the topic starter in 5 days. Due to inactivity, this topic is now closed.
    If you are the topic starter and need this topic reopened, send me a message.

    Everyone else, please begin a new topic.

    With Regards,
    fireman4it
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-