Solve : resource:///components/nsSessionStore.js:402?

1.	Solve : resource:///components/nsSessionStore.js:402?
Answer» Hi! My laptop is becoming increasingly slow as if there is a virus. Firefox keeps asking me whether I can to stop a script, GOOGLE chrom says about a PLUGIN that has crashed but in general sometimes I think it has frozen all together. I just for that on a screen a while ago resource:///components/nsSessionStore.js:402 Any idea as to what it is and above all what I can do for my computer to run properly? thanks, Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer. 1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine. 2. The fixes are specific to your problem and should only be used for this issue on this machine. 3. If you don't know or understand something, please don't hesitate to ask. 4. Please DO NOT run any other tools or scans while I am helping you. 5. It is important that you reply to this thread. Do not start a new topic. 6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe. 7. Absence of symptoms does not mean that everything is clear. If you can't access the internet with your infected computer you will have to download and TRANSFER any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line. ***************************************************************** SUPERAntiSpyware If you already have SUPERAntiSpyware be sure to check for updates before scanning! Download SuperAntispyware Free Edition (SAS) * Double-click the icon on your desktop to run the installer. * When asked to Update the program definitions, click Yes * If you encounter any problems while downloading the updates, manually download and unzip them from here * Next click the Preferences button. •Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts * Click the Scanning Control tab. * Under Scanner Options make sure only the following are checked: •Close browsers before scanning •Scan for tracking cookies •Terminate memory threats before quarantining •Please leave the others unchecked •Click the Close button to leave the control center screen. * On the main screen click Scan your computer * On the left check the box for the drive you are scanning. * On the right choose Perform Complete Scan * Click Next to start the scan. Please be patient while it scans your computer. * After the scan is complete a summary box will appear. Click OK * Make sure everything in the white box has a check next to it, then click Next * It will quarantine what it found and if it asks if you want to reboot, click Yes •To retrieve the removal information please do the following: •After reboot, double-click the SUPERAntiSpyware icon on your desktop. •Click Preferences. Click the Statistics/Logs tab. •Under Scanner Logs, double-click SUPERAntiSpyware Scan Log. •It will open in your default text editor (preferably Notepad). •Save the notepad file to your desktop by clicking (in notepad) File > Save As... * Save the log somewhere you can easily find it. (normally the desktop) * Click close and close again to exit the program. *Copy and Paste the log in your post. ******************************************* Please download Malwarebytes Anti-Malware from here. Double Click mbam-setup.exe to install the application. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and LAUNCH Malwarebytes Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform Full Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note) Please save the log to a location you will remember. The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy and paste the entire report in your next reply. Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. ******************************************************************** Download DDS from HERE or HERE and save it to your desktop. Vista users right click on dds and select Run as administrator** (you will receive a UAC prompt, please allow it) * XP users Double click on dds to run it. * If your antivirus or firewall try to block DDS then please allow it to run. * When finished DDS will open two (2) logs. * Save both reports to your desktop. * The instructions here ask you to attach the Attach.txt. 1) DDS.txt 2) Attach.txt Instead of attaching, please copy/past both logs into your Thread Note: DDS will instruct you to post the Attach.txt log as an attachment. Please just post it as you would any other log by copying and pasting it into the reply. •Close the program window, and delete the program from your desktop. Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE .Then post your DDS logs. (DDS.txt and Attach.txt ) Thanks. This is the SUPERAntiSpyware Scan Log SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 02/26/2012 at 04:52 PM Application Version : 5.0.1144 Core RULES Database Version : 8279 Trace Rules Database Version: 6091 Scan type : Complete Scan Total Scan Time : 09:59:07 Operating System Information Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601) UAC On - Limited User Memory items scanned : 576 Memory threats detected : 0 Registry items scanned : 66358 Registry threats detected : 4 File items scanned : 261118 File threats detected : 556 Browser Hijacker.Deskbar (x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B} (x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid32 (x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib (x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib#Version Adware.Tracking Cookie C:\Users\marina\AppData\Roaming\Microsoft\Windows\Cookies\YVRJ2FYS.txt [ /c.atdmt.com ] C:\Users\marina\AppData\Roaming\Microsoft\Windows\Cookies\V5NB1UG9.txt [ /mywebsearch.com ] C:\Users\marina\AppData\Roaming\Microsoft\Windows\Cookies\CT0ZAN1V.txt [ /atdmt.com ] C:\USERS\MARINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\1I6Y6E7X.txt [ Cookie:[email protected]/ ] C:\USERS\MARINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\WA530UF2.txt [ Cookie:[email protected]/adServe/banners ] C:\USERS\MARINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\H48NWYV4.txt [ Cookie:[email protected]/cgi-bin ] C:\USERS\MARINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\LWOTI6EC.txt [ Cookie:[email protected]/ ] C:\USERS\MARINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZJYAWTEW.txt [ Cookie:[email protected]/ ] C:\USERS\MARINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\YEP7UH7S.txt [ Cookie:[email protected]/ ] C:\USERS\MARINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\XES36DXK.txt [ Cookie:[email protected]/ ] C:\USERS\MARINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\JAILEL10.txt [ Cookie:[email protected]/ ] C:\USERS\MARINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\TM2QR2BS.txt [ Cookie:[email protected]/ ] C:\USERS\MARINA\Cookies\YVRJ2FYS.txt [ Cookie:[email protected]/ ] C:\USERS\MARINA\Cookies\V5NB1UG9.txt [ Cookie:[email protected]/ ] C:\USERS\MARINA\Cookies\CT0ZAN1V.txt [ Cookie:[email protected]/ ] .serving-sys.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .serving-sys.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .imrworldwide.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .imrworldwide.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .apmebf.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mediaplex.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adbrite.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] rotator.adjuggler.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] rotator.adjuggler.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] rotator.adjuggler.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.adform.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ru4.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .specificclick.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adviva.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .serving-sys.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .doubleclick.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .apmebf.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adxvalue.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .fastclick.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adinterax.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zanox.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.zanox.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .uk.at.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .at.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tacoda.at.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tacoda.at.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tacoda.at.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tacoda.at.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .at.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tacoda.at.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tacoda.at.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ar.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tribalfusion.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pro-market.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adxpose.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adbrite.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .wpni.112.2o7.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pointroll.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pointroll.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] statse.webtrendslive.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .chitika.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mm.chitika.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adtech.de [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .histats.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .weborama.fr [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .baa.solution.weborama.fr [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .baa.solution.weborama.fr [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .baa.solution.weborama.fr [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .baa.solution.weborama.fr [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .histats.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .lucidmedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .yieldmanager.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adinterax.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] eas.apm.emediate.eu [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] eas.apm.emediate.eu [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .questionmarket.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] accounts.google.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .virginmedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] server.adformdsp.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adformdsp.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adform.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .bs.serving-sys.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.adform.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adform.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .247realmedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ads.audience2media.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ads.audience2media.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .audience2media.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .serving-sys.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .serving-sys.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .doubleclick.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .247realmedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .247realmedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ru4.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mediaplex.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.insightexpressai.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] cdn2.baronsmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] cloud.video.unrulymedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] cloudfront.mediamatters.org [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] content.oddcast.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] content.yieldmanager.edgesuite.net [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] ds.serving-sys.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] ec.atdmt.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] ia.media-imdb.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] media.buto.tv [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] media.kyte.tv [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] media.mtvnservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] media.npr.org [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] media.scanscout.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] media.socialvibe.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] media1.break.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] media3.break.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] msnbcmedia.msn.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] s0.2mdn.net [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] secure-uk.imrworldwide.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] secure-us.imrworldwide.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] serving-sys.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] spe.atdmt.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] stat.easydate.biz [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] tracking.onefeed.co.uk [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] www.99counters.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] www.al-anon.alateen.org [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ] .casalemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .casalemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .casalemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .casalemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .casalemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .casalemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .casalemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .casalemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .getclicky.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .static.getclicky.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] in.getclicky.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] track.solocpm.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] track.solocpm.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] track.solocpm.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adviva.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] eas.apm.emediate.eu [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] eas4.emediate.eu [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .indoormedia.co.uk [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] max.bannermanager.gr [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] openx1.overadmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .accounts.google.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .accounts.google.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] accounts.google.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] accounts.google.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .mjtracking.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .mjtracking.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] islamicinsights.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .islamicinsights.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .islamicinsights.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .richmedia.yahoo.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .apmebf.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .apmebf.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .mediafire.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .mediafire.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .mediafire.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] server.adformdsp.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adformdsp.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] stats.e-go.gr [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] Blocked Russian URL [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .game-advertising-online.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] track.adform.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adform.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .statcounter.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] cdmedia.rotator.hadj7.adjuggler.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] cdmedia.rotator.hadj7.adjuggler.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] vidasco.rotator.hadj7.adjuggler.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] vidasco.rotator.hadj7.adjuggler.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adjuggler.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adinterax.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adinterax.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .amazon-adsystem.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .amazon-adsystem.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .zedo.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .zedo.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .zedo.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .zedo.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .zedo.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] uk.sitestat.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] uk.sitestat.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .harrenmedianetwork.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .fastclick.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .fastclick.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .ad-emea.doubleclick.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .ad-emea.doubleclick.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .www.cdmediallc.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] statse.webtrendslive.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] tracking.hostgator.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] ox.mediabistro.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .find-me-a-gift.co.uk [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .find-me-a-gift.co.uk [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .e-2dj6wjlyundpgeo.stats.esomniture.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .imrworldwide.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .imrworldwide.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] wstat.wibiya.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .atdmt.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .atdmt.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .yieldmanager.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .histats.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .histats.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .legolas-media.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .legolas-media.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .legolas-media.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .tripod.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .tripod.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] leads.383media.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] leads.383media.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .mm.chitika.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .ads.24media.gr [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .ads.24media.gr [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .service.24media.gr [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .service.24media.gr [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] ads.audience2media.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .audience2media.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] ads.audience2media.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .audience2media.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .clickfuse.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .clickfuse.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .clickfuse.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] findnsave.sacbee.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .c.gigcount.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .247realmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .247realmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .247realmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .collective-media.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .collective-media.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .collective-media.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .collective-media.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] doublespeed.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] doublespeed.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] help.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] help.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] my.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adbrite.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adbrite.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adbrite.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adbrite.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adbrite.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] dc.tremormedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .nextag.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .nextag.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .nextag.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .nextag.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .womanmediagroup.es [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] ad.zanox.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .zanox.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adxpose.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] ads.saymedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] ads.saymedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] clickztrax.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] clickztrax.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .clicksor.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .clicksor.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www4.smartadserver.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .unrulymedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .eyewonder.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .eyewonder.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .technoratimedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .lucidmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] publishers.clickbooth.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.findaproperty.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .findaproperty.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .findaproperty.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .findaproperty.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] ad2.adfarm1.adition.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .pointroll.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .pointroll.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .specificclick.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .revenuemantra.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .xm.xtendmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] accounts.youtube.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .lfstmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .lfstmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .lfstmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .lfstmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .pro-market.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .overture.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .overture.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .perf.overture.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] network.clickbanner.gr [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .kantarmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .kantarmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .files.bannersnack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .files.bannersnack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adxvalue.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .interclick.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .interclick.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .a1.interclick.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .a1.interclick.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .interclick.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .interclick.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .ru4.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .ru4.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .mediaplex.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .mediaplex.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] Blocked Russian URL [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] Blocked Russian URL [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adtechus.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adserver.adtechus.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.burstnet.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .www.burstnet.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .burstnet.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] www.burstnet.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .at.atwola.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .uk.at.atwola.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .uk.at.atwola.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .uk.at.atwola.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .bs.serving-sys.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .hearstmagazines.112.2o7.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .wpni.112.2o7.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .highbeam.122.2o7.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .112.2o7.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .opodo.122.2o7.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .traveladvertising.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .traveladvertising.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .questionmarket.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .questionmarket.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] adfarm1.adition.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] eas.apm.emediate.eu [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] eas.apm.emediate.eu [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .tribalfusion.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .adinterax.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .mediaplex.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ] Malwarebytes Anti-Malware (Trial) 1.60.1.1000 www.malwarebytes.org Database version: v2012.02.26.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 marina :: SAMMADHITTI [administrator] Protection: Enabled 26/02/2012 17:54:58 mbam-log-2012-02-26 (17-54-58).txt Scan type: Full scan Scan options enabled: Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken \| PUP \| PUM Scan options disabled: P2P Objects scanned: 535028 Time elapsed: 5 hour(s), 8 minute(s), 7 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 2 C:\Program Files (x86)\27res.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Users\marina\AppData\LocalLow\OurBabyMaker_27EI\Installr\Cache\023EC878.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully. (end) I will need to see the DDS logs; both of them.Thanks. Here is the first (the DDS) . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31 Run by marina at 3:49:45 on 2012-02-27 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3999.1335 [GMT 0:00] . AV: Norton Internet Security Enabled/Updated {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender Disabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security Enabled/Updated {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security Enabled {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\IDT\WDM\AESTSr64.exe C:\Windows\SysWOW64\svchost.exe -k Akamai C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\SysWOW64\svchost.exe -k netsvcs C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\ccSvcHst.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\ccSvcHst.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Windows\System32\StikyNot.exe C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\marina\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Users\marina\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\SecureW2\sw2_tray.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE C:\Users\marina\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe C:\Program Files (x86)\real\realplayer\Update\realsched.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\NOTEPAD.EXE Q:\140062.enu\Office14\ONENOTEM.EXE C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\splwow64.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Q:\140062.enu\Office14\WINWORD.EXE C:\Windows\system32\svchost.exe -k defragsvc C:\Windows\system32\taskeng.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://start.facemoods.com/?a=axl uInternet Settings,ProxyOverride = 127.0.0.1:9421;.local mSearchAssistant = hxxp://start.facemoods.com/?a=axl&s={searchTerms}&f=4 BHO: Shopping Assistant Plugin: {1631550f-191d-4826-b069-d9439253d926} - C:\Program Files (x86)\PriceGong\2.5.2\PriceGongIE.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\coIEPlg.dll BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\IPS\IPSBHO.DLL BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - C:\Program Files (x86)\WOT\WOT.dll BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: TBLA06779 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - C:\Program Files (x86)\ListenArabic\ListenArabic Toolbar\tbcore3.dll TB: ListenArabic Toolbar: {f569cf08-edf6-4fab-8c8a-eec184358372} - C:\Program Files (x86)\ListenArabic\ListenArabic Toolbar\tbcore3.dll TB: C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\coIEPlg.dll TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - C:\Program Files (x86)\WOT\WOT.dll TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe uRun: [VeohPlugin] "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized uRun: [Akamai NetSession Interface] "C:\Users\marina\AppData\Local\Akamai\netsession_win.exe" mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe mRun: [SecureW2 Tray] C:\Program Files (x86)\SecureW2\sw2_tray.exe mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe mRun: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I mRun: [TkBellExe] "C:\Program Files (x86)\real\realplayer\update\realsched.exe" -osboot mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun: [] mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray StartupFolder: C:\Users\marina\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\BBCIPL~1.LNK - StartupFolder: C:\Users\marina\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\marina\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\marina\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE StartupFolder: C:\Users\marina\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\FLIPTO~1.LNK - C:\Program Files (x86)\Fliptoast\fliptoast.exe StartupFolder: C:\Users\marina\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: HideFastUserSwitching = 0 (0x0) mPolicies-system: EnableLinkedConnections = 1 (0x1) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {F569CF08-EDF6-4FAB-8C8A-EEC184358372} - {F569CF08-EDF6-4FAB-8C8A-EEC184358372} - C:\Program Files (x86)\ListenArabic\ListenArabic Toolbar\tbcore3.dll DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 194.168.4.100 194.168.8.100 TCP: Interfaces\{6BA18F65-FA7D-4561-B466-FF1BDBAC958E} : DhcpNameServer = 193.63.73.32 TCP: Interfaces\{B56D9987-1A01-4B59-AB71-BD1DFCE6B55B} : DhcpNameServer = 194.168.4.100 194.168.8.100 TCP: Interfaces\{B56D9987-1A01-4B59-AB71-BD1DFCE6B55B}\249627B6265636B6D27514D4 : DhcpNameServer = 193.61.1.250 TCP: Interfaces\{B56D9987-1A01-4B59-AB71-BD1DFCE6B55B}\24F646C6569616E6D2C49626271627965637 : DhcpNameServer = 163.1.2.1 129.67.1.1 129.67.1.180 TCP: Interfaces\{B56D9987-1A01-4B59-AB71-BD1DFCE6B55B}\36F6374716 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{B56D9987-1A01-4B59-AB71-BD1DFCE6B55B}\478656169627C696E656 : DhcpNameServer = 10.81.93.254 10.81.93.254 TCP: Interfaces\{B56D9987-1A01-4B59-AB71-BD1DFCE6B55B}\9435D434D214B455 : DhcpNameServer = 217.13.1.28 83.218.143.36 TCP: Interfaces\{B56D9987-1A01-4B59-AB71-BD1DFCE6B55B}\B49405F4350234146454 : DhcpNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - C:\Windows\SysWow64\EZUPBH~1.DLL mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" BHO-X64: Shopping Assistant Plugin: {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.2\PriceGongIE.dll BHO-X64: PriceGong - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll BHO-X64: Babylon toolbar helper - No File BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\coIEPlg.dll BHO-X64: Norton Identity Protection - No File BHO-X64: CescrtHlpr Object: {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll BHO-X64: facemoods Helper - No File BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\IPS\IPSBHO.DLL BHO-X64: Norton Vulnerability Protection - No File BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO-X64: Search Helper - No File BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: TBLA06779 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\ListenArabic\ListenArabic Toolbar\tbcore3.dll BHO-X64: TBLA06779 - No File TB-X64: ListenArabic Toolbar: {F569CF08-EDF6-4FAB-8C8A-EEC184358372} - C:\Program Files (x86)\ListenArabic\ListenArabic Toolbar\tbcore3.dll TB-X64: C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\coIEPlg.dll TB-X64: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll TB-X64: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll TB-X64: facemoods Toolbar: {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun-x64: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe mRun-x64: [SecureW2 Tray] C:\Program Files (x86)\SecureW2\sw2_tray.exe mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe mRun-x64: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I mRun-x64: [TkBellExe] "C:\Program Files (x86)\real\realplayer\update\realsched.exe" -osboot mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun-x64: [(Default)] mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray SEH-X64: EasyBits ShellExecute Hook: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\2y9b2iki.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://www.soas.ac.uk/ FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&SearchSource=2&q= FF - prefs.js: network.proxy.gopher - FF - prefs.js: network.proxy.type - 4 FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dll FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\Users\marina\AppData\Roaming\Move Networks\plugins\npqmp071700000016.dll FF - plugin: C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\2y9b2iki.default\extensions\[email protected]\plugins\NPLoaderFF.dll FF - plugin: C:\Users\marina\AppData\Roaming\Mozilla\plugins\np-mswmp.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true . ============= SERVICES / DRIVERS =============== . R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\system32\DRIVERS\NBVol.sys --> C:\Windows\system32\DRIVERS\NBVol.sys [?] R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\system32\DRIVERS\NBVolUp.sys --> C:\Windows\system32\DRIVERS\NBVolUp.sys [?] R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1305000.091\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1305000.091\SYMDS64.SYS [?] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1305000.091\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1305000.091\SYMEFA64.SYS [?] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20120215.001\BHDrvx64.sys [2012-2-16 1157240] R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\system32\drivers\NISx64\1305000.091\ccSetx64.sys --> C:\Windows\system32\drivers\NISx64\1305000.091\ccSetx64.sys [?] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120224.002\IDSviA64.sys [2012-2-24 488568] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1305000.091\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1305000.091\Ironx64.SYS [?] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1305000.091\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1305000.091\SYMNETS.SYS [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2010-6-30 89600] R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\system32\svchost.exe -k netsvcs [2009-7-13 20992] R2 Giraffic;Veoh Giraffic Video Accelerator;C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe --service --> C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe --service [?] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-5-4 652360] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-9-23 641832] R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\ccsvchst.exe [2012-1-31 138248] R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2011-10-12 4700824] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-11-7 227896] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-7 138360] R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-31 136176] S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-31 136176] S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232] S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?] S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] . =============== Created Last 30 ================ . 2012-02-26 17:00:58 -------- d-----w- C:\Users\marina\AppData\Local\{D99E6408-6589-41E0-BA0D-B098D5082C64} 2012-02-26 17:00:30 -------- d-----w- C:\Users\marina\AppData\Local\{017CAE32-ABCB-4464-B7BD-71CF6398EBC9} 2012-02-26 06:42:25 -------- d-----w- C:\Users\marina\AppData\Roaming\SUPERAntiSpyware.com 2012-02-26 06:41:56 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2012-02-26 06:41:55 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2012-02-26 00:32:43 -------- d-----w- C:\Users\marina\AppData\Local\{7B3394B8-F42F-43EC-B37C-0808475E0F16} 2012-02-26 00:32:16 -------- d-----w- C:\Users\marina\AppData\Local\{9A0DD797-9B50-4819-A68C-C6B440A483E8} 2012-02-23 08:39:58 -------- d-----w- C:\Users\marina\AppData\Local\{B43DA613-BCA4-40B9-AD3B-188ABD753A68} 2012-02-23 08:39:42 -------- d-----w- C:\Users\marina\AppData\Local\{D4045162-63B9-4EE8-B67B-8A5461CFD840} 2012-02-22 12:39:28 -------- d-----w- C:\Users\marina\AppData\Local\{97F142C7-5B8D-4A3E-A2A5-F3E075451A80} 2012-02-22 12:39:12 -------- d-----w- C:\Users\marina\AppData\Local\{BA3EEA9B-68BC-4BF4-9CF2-5A6ACEE01010} 2012-02-21 22:08:25 -------- d-----w- C:\Users\marina\AppData\Local\{1AB97308-BA12-4912-B470-90ACD4BF5D01} 2012-02-21 22:08:24 -------- d-----w- C:\Users\marina\AppData\Local\{C5C365A5-EFDF-4565-B8BC-CC390EF098B3} 2012-02-21 10:07:54 -------- d-----w- C:\Users\marina\AppData\Local\{12C36157-1412-492B-B45A-CE97FC6F213D} 2012-02-20 22:07:14 -------- d-----w- C:\Users\marina\AppData\Local\{4E76EBDC-2BA3-485B-ADA7-9850A2986377} 2012-02-20 10:06:37 -------- d-----w- C:\Users\marina\AppData\Local\{D2663F44-A3B5-49E7-A18C-4584E6E55E7C} 2012-02-20 10:06:26 -------- d-----w- C:\Users\marina\AppData\Local\{8E61D92A-2012-4E61-92B0-36ED0DD0551B} 2012-02-20 10:06:14 -------- d-----w- C:\Users\marina\AppData\Local\{C41EBCCA-1024-4F31-A7DE-4182EA5AEE21} 2012-02-19 22:05:36 -------- d-----w- C:\Users\marina\AppData\Local\{D596DBB8-6166-4F26-A3CC-97BA84205D87} 2012-02-19 10:04:58 -------- d-----w- C:\Users\marina\AppData\Local\{CE09F457-4120-4A65-A4CA-1330AD011899} 2012-02-19 10:04:35 -------- d-----w- C:\Users\marina\AppData\Local\{587E0FB2-D6A6-4338-A830-DA39D588B73A} 2012-02-18 22:04:06 -------- d-----w- C:\Users\marina\AppData\Local\{BD466FBC-807A-4DD3-9FEE-011813B72995} 2012-02-18 22:03:43 -------- d-----w- C:\Users\marina\AppData\Local\{2618F9A5-29EA-4A4D-84C0-E1567B27660E} 2012-02-18 10:02:48 -------- d-----w- C:\Users\marina\AppData\Local\{126B6BC5-CA38-4B1B-93A4-963E230286A2} 2012-02-18 10:02:33 -------- d-----w- C:\Users\marina\AppData\Local\{AC00071A-AF7F-4B73-9953-97B1F8E36CDF} 2012-02-17 20:43:15 -------- d-----w- C:\Users\marina\AppData\Local\{C3ECA418-0C05-4FF2-8E0D-B129A50FC09B} 2012-02-17 08:42:38 -------- d-----w- C:\Users\marina\AppData\Local\{C3ADA18E-767E-43C9-A061-A2358AEE4C9E} 2012-02-16 20:36:22 -------- d-----w- C:\Users\marina\AppData\Local\{924BA057-6F9B-4A3A-A8B1-4D8C90EE447B} 2012-02-16 20:35:59 -------- d-----w- C:\Users\marina\AppData\Local\{4F9BB7C1-12ED-44B3-B6F0-DE4000F0CB80} 2012-02-16 08:35:11 -------- d-----w- C:\Users\marina\AppData\Local\{77C03757-398F-4C92-944D-7A8BE2F52026} 2012-02-16 08:34:57 -------- d-----w- C:\Users\marina\AppData\Local\{052B150C-50F3-4941-B5FE-72B1518C4B10} 2012-02-15 12:20:37 -------- d-----w- C:\Users\marina\AppData\Local\{74F3AED9-B0F5-4602-B279-BCDAD2BC8E48} 2012-02-15 08:30:29 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-02-15 08:30:29 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2012-02-15 08:30:28 515584 ----a-w- C:\Windows\System32\timedate.cpl 2012-02-15 08:30:28 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl 2012-02-15 08:30:27 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-02-15 08:30:25 498688 ----a-w- C:\Windows\System32\drivers\afd.sys 2012-02-15 08:30:21 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2012-02-15 08:30:21 634880 ----a-w- C:\Windows\System32\msvcrt.dll 2012-02-15 00:19:59 -------- d-----w- C:\Users\marina\AppData\Local\{3BB23024-0975-41F4-984D-02144E1C502E} 2012-02-14 12:19:20 -------- d-----w- C:\Users\marina\AppData\Local\{B724E541-12D0-4293-9234-3F8811FA1436} 2012-02-14 07:24:00 -------- d-----w- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E} 2012-02-14 00:18:20 -------- d-----w- C:\Users\marina\AppData\Local\{D70CBE41-0C86-4C65-B9B0-90EBB3656462} 2012-02-14 00:17:51 -------- d-----w- C:\Users\marina\AppData\Local\{2DF0ACF9-7C36-4BFC-AB1A-F50144FD263A} 2012-02-13 18:22:30 476904 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll 2012-02-13 12:17:20 -------- d-----w- C:\Users\marina\AppData\Local\{78709EDC-D9DF-4FAA-B978-4F0C8EECA182} 2012-02-12 23:46:13 -------- d-----w- C:\Users\marina\AppData\Local\{01E5DAFD-20A9-41A8-8CEB-39D71ADEB301} 2012-02-12 11:45:25 -------- d-----w- C:\Users\marina\AppData\Local\{0DBEC31D-3AD8-4ACF-9125-35026BEEA5FF} 2012-02-11 23:44:44 -------- d-----w- C:\Users\marina\AppData\Local\{03A3DD3A-381D-4766-B47F-963AC65A6073} 2012-02-11 11:44:06 -------- d-----w- C:\Users\marina\AppData\Local\{05DAA6DF-7F93-4CFF-9738-2CA0C9D0F4F1} 2012-02-10 23:43:28 -------- d-----w- C:\Users\marina\AppData\Local\{995C33D3-81ED-4CE6-BDD1-808493D106FE} 2012-02-10 11:42:50 -------- d-----w- C:\Users\marina\AppData\Local\{4AE3DEC7-9062-4007-A279-B66B3E8730FF} 2012-02-10 11:42:27 -------- d-----w- C:\Users\marina\AppData\Local\{3A212164-740A-4E05-917B-A7911CB7F5B3} 2012-02-09 23:41:58 -------- d-----w- C:\Users\marina\AppData\Local\{D0F2561A-ABB6-49FE-AD44-CCFEE1776D1E} 2012-02-09 23:41:35 -------- d-----w- C:\Users\marina\AppData\Local\{820FF5C9-CAD9-4878-916E-9A9693222499} 2012-02-09 11:41:03 -------- d-----w- C:\Users\marina\AppData\Local\{46BB1FD4-FA32-4874-8611-9F03C8ADD4B1} 2012-02-09 11:40:48 -------- d-----w- C:\Users\marina\AppData\Local\{522FD6FD-35B5-4EFA-8956-3EDBF4FC889B} 2012-02-08 23:20:59 -------- d-----w- C:\Users\marina\AppData\Local\{A1515CB7-60EC-4EBE-B810-ACDC8335B1C4} 2012-02-08 11:20:20 -------- d-----w- C:\Users\marina\AppData\Local\{F5B578C9-5CD3-4634-BD10-1748A17622E3} 2012-02-08 11:19:57 -------- d-----w- C:\Users\marina\AppData\Local\{844A91F3-4EAC-4F93-AB07-90FD02E213DC} 2012-02-07 23:19:39 -------- d-----w- C:\Users\marina\AppData\Local\{E311FC56-9106-431B-ABBF-541F55441850} 2012-02-07 23:19:38 -------- d-----w- C:\Users\marina\AppData\Local\{ED473BA8-D36B-4CC6-AF40-E7E825D5E9E0} 2012-02-07 11:14:57 -------- d-----w- C:\Users\marina\AppData\Local\{2F574A1E-401A-4DC7-8152-AFCB215E36BE} 2012-02-06 23:14:21 -------- d-----w- C:\Users\marina\AppData\Local\{F11D66AB-3D23-4C4F-AAE6-2CDE923A2BB4} 2012-02-06 11:13:56 -------- d-----w- C:\Users\marina\AppData\Local\{413950EE-612C-4232-9FE2-54DAD651D1BC} 2012-02-05 23:04:19 -------- d-----w- C:\Users\marina\AppData\Local\{EC815D95-A1D6-4FB4-8621-5720BC3965F3} 2012-02-05 11:03:53 -------- d-----w- C:\Users\marina\AppData\Local\{B4A3F3B2-0DEB-429E-A68B-21657163FA17} 2012-02-04 23:03:17 -------- d-----w- C:\Users\marina\AppData\Local\{72C8D4C3-737F-48F8-BBC9-C124517ABFEC} 2012-02-04 11:02:40 -------- d-----w- C:\Users\marina\AppData\Local\{21DED89F-1A40-4A58-A0E2-3C12C91921A8} 2012-02-03 23:02:02 -------- d-----w- C:\Users\marina\AppData\Local\{D9BB0D6C-88D8-4667-A835-8B12002AB044} 2012-02-03 11:01:25 -------- d-----w- C:\Users\marina\AppData\Local\{DAE1B859-76F7-49A2-B171-7F77C912D2DC} 2012-02-02 22:15:39 -------- d-----w- C:\Users\marina\AppData\Local\{A08348E7-39C5-4B5A-83F3-FE03786D12A3} 2012-02-02 10:17:37 -------- d-----w- C:\Program Files\iTunes 2012-02-02 10:14:57 -------- d-----w- C:\Users\marina\AppData\Local\{38D86300-CED2-4D9E-B700-48EE7B230496} 2012-02-02 10:14:31 -------- d-----w- C:\Users\marina\AppData\Local\{7ADF098C-749A-4355-BBB2-89940D6641E5} 2012-02-02 10:08:43 -------- d-----w- C:\Program Files\Bonjour 2012-02-02 10:08:43 -------- d-----w- C:\Program Files (x86)\Bonjour 2012-02-02 02:37:00 120368 ----a-w- C:\Windows\SysWow64\ezuninst.exe 2012-02-02 02:37:00 117808 ----a-w- C:\Windows\SysWow64\ezshellstart.exe 2012-02-01 22:14:01 -------- d-----w- C:\Users\marina\AppData\Local\{960D9650-F51E-4D72-BEFC-87632EED221A} 2012-02-01 10:13:20 -------- d-----w- C:\Users\marina\AppData\Local\{9DE140E0-297F-4FBD-A374-A23F604D51D3} 2012-02-01 10:12:56 -------- d-----w- C:\Users\marina\AppData\Local\{7B3F2776-4D10-4B94-A3A7-A66F73565F63} 2012-01-31 22:13:17 -------- d-----w- C:\Users\marina\AppData\Local\WiredRed 2012-01-31 22:12:37 -------- d-----w- C:\Users\marina\AppData\Local\{1C8565F4-D7F5-45C3-A854-ADBD047AF93D} 2012-01-31 22:12:36 -------- d-----w- C:\Users\marina\AppData\Local\{45514A8E-1666-445B-AB59-B94A6B1EEB21} 2012-01-31 12:52:20 738936 ----a-w- C:\Windows\System32\drivers\NISx64\1305000.091\srtsp64.sys 2012-01-31 12:52:20 451192 ----a-r- C:\Windows\System32\drivers\NISx64\1305000.091\symds64.sys 2012-01-31 12:52:20 405624 ----a-w- C:\Windows\System32\drivers\NISx64\1305000.091\symnets.sys 2012-01-31 12:52:20 37496 ----a-w- C:\Windows\System32\drivers\NISx64\1305000.091\srtspx64.sys 2012-01-31 12:52:20 190072 ----a-w- C:\Windows\System32\drivers\NISx64\1305000.091\ironx64.sys 2012-01-31 12:52:20 1092728 ----a-w- C:\Windows\System32\drivers\NISx64\1305000.091\symefa64.sys 2012-01-31 12:52:19 167048 ----a-w- C:\Windows\System32\drivers\NISx64\1305000.091\ccsetx64.sys 2012-01-31 12:52:04 -------- d-----w- C:\Windows\System32\drivers\NISx64\1305000.091 2012-01-31 10:12:09 -------- d-----w- C:\Users\marina\AppData\Local\{CE0C35F1-DC5D-4FA3-A1F5-2F652B6631D9} 2012-01-30 22:11:30 -------- d-----w- C:\Users\marina\AppData\Local\{DB1F1FBB-08BB-483D-BA17-96358785683C} 2012-01-30 10:10:54 -------- d-----w- C:\Users\marina\AppData\Local\{55263DC9-BDC6-40F4-9C9B-6B4998AF84A2} 2012-01-29 22:10:17 -------- d-----w- C:\Users\marina\AppData\Local\{2EF1D81D-ADE2-469F-84EC-EE9BD5A71825} 2012-01-29 10:09:41 -------- d-----w- C:\Users\marina\AppData\Local\{A1EB882C-65CE-403B-BB40-45048E796CB6} 2012-01-28 21:26:45 -------- d-----w- C:\Users\marina\AppData\Local\{E4CC6B2D-86DD-4570-9292-89EAB488CFFD} 2012-01-28 09:26:09 -------- d-----w- C:\Users\marina\AppData\Local\{66588035-62A9-4C49-970B-F5D68FD54D62} . ==================== Find3M ==================== . 2012-02-25 21:15:15 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-02-07 11:43:54 60 ----a-w- C:\Windows\wpd99.drv 2012-01-31 12:52:30 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2012-01-22 21:13:10 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll 2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll 2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll 2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-12-10 15:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-12-01 08:18:06 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2011-12-01 08:18:06 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll . ============= FINISH: 3:50:48.48 =============== And the attach . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 01/04/2010 11:52:49 System Uptime: 27/02/2012 00:17:23 (3 hours ago) . Motherboard: Hewlett-Packard \| \| 3069 Processor: Pentium(R) Dual-Core CPU T4300 2.10GHz \| CPU \| 2100/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 285 GiB total, 161.411 GiB free. D: is FIXED (NTFS) - 12 GiB total, 2.048 GiB free. E: is CDROM (CDFS) . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP229: 13/02/2012 18:20:55 - Installed Java(TM) 6 Update 30 RP230: 14/02/2012 07:24:16 - Installed HP Support Assistant RP231: 14/02/2012 07:28:34 - Windows Modules Installer RP232: 14/02/2012 07:29:44 - Windows Modules Installer RP233: 14/02/2012 18:08:47 - HPSF Applying updates RP234: 16/02/2012 08:35:27 - Windows Update RP235: 16/02/2012 16:30:43 - Windows Update RP236: 18/02/2012 16:48:22 - Windows Update RP237: 25/02/2012 21:02:52 - Installed Java(TM) 6 Update 31 . ==== Installed Programs ====================== . 7-Zip 9.20 Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.2) Adobe Shockwave Player Akamai NetSession Interface Akamai NetSession Interface Service Apple Application Support Apple Software Update Babylon toolbar on IE BBC iPlayer Desktop Bing Bar Bing Bar Platform Camera Access Library Camera Support Core Library Camera Window DS Camera Window DVC Camera Window MC Canon Camera Access Library Canon Camera Support Core Library Canon Camera Window DC_DV 5 for ZoomBrowser EX Canon Camera Window DC_DV 6 for ZoomBrowser EX Canon Camera Window DSLR 5 for ZoomBrowser EX Canon Camera Window MC 6 for ZoomBrowser EX CANON iMAGE GATEWAY Task CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Internet Library for ZoomBrowser EX Canon MovieEdit Task for ZoomBrowser EX Canon PhotoRecord Canon RAW Image Task for ZoomBrowser EX Canon Utilities PhotoStitch 3.1 Canon ZoomBrowser EX (E) Compatibility Pack for the 2007 Office system CyberLink DVD Suite CyberLink MediaShow CyberLink PowerDVD 8 CyberLink YouCam D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dropbox Dudeism.com Relaxer Easy Burner EndNote ERUNT 1.1j ESET Online Scanner v3 Facemoods Toolbar FreeMind FYZip 1.00 GamePlayLabs Plugin Google Chrome Google Update Helper Hewlett-Packard ACLM.NET v1.1.2.0 High-Definition Video Playback HP Advisor HP Customer Experience Enhancements HP Games HP Quick Launch Buttons HP Setup HP Support Assistant HP Update HP User Guides 0148 HP Wireless Assistant Huawei modem IDT Audio Internet Library ISI ResearchSoft - Export Helper Java Auto Updater Java(TM) 6 Update 31 Junk Mail filter update KeePass Password Safe 1.19b LabelPrint LightScribe System Software ListenArabic Toolbar Magic Desktop Malwarebytes Anti-Malware version 1.60.1.1000 McAfee Security Scan Plus Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Business 2010 - English Microsoft Office Home and Student 2010 Microsoft Office Live Add-in 1.5 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2010 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Works Moozy Move Media Player MovieEdit Task Mozilla Firefox 10.0.2 (x86 en-US) MSVCRT MSVCRT_amd64 muvee Reveal Nero 11 Nero 11 Disc Menus Basic Nero 11 Effects Basic Nero 11 Image Samples Nero 11 Kwik Themes Basic Nero 11 PiP Effects Basic Nero Audio Pack 1 Nero BackItUp 11 Nero BackItUp 11 Help (CHM) Nero Burning ROM 11 Nero Burning ROM 11 Help (CHM) Nero ControlCenter 11 Nero ControlCenter 11 Help (CHM) Nero Core Components 11 Nero CoverDesigner 11 Nero CoverDesigner 11 Help (CHM) Nero Express 11 Nero Express 11 Help (CHM) Nero Kwik Media Nero Kwik Media Help (CHM) Nero Recode 11 Nero Recode 11 Help (CHM) Nero RescueAgent 11 Nero RescueAgent 11 Help (CHM) Nero SoundTrax 11 Nero SoundTrax 11 Help (CHM) Nero Update Nero Video 11 Nero Video 11 Help (CHM) Nero WaveEditor 11 Nero WaveEditor 11 Help (CHM) nero.prerequisites.msi Norton Internet Security Norton Online Backup Pdf995 PhotoStitch Power2Go PowerDirector PriceGong 2.5.2 QLBCASL QuickTime RAW Image Task 2.2 RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer Realtek 8136 8168 8169 Ethernet Driver Realtek USB 2.0 Card Reader RealUpgrade 1.1 Recovery Manager Safari SecureW2 Enterprise Client 3.4.6 Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition Signature995 Skype™ 5.5 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition Update for Microsoft Outlook Social Connector (KB2583935) Veoh Giraffic Video Accelerator Veoh Web Player welcome Windows iLivid Toolbar Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WOT for Internet Explorer . ==== Event Viewer Messages From Past Week ======== . 27/02/2012 03:44:51, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service. 26/02/2012 23:18:35, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 26/02/2012 23:13:58, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect. 26/02/2012 23:13:58, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 26/02/2012 06:05:24, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service. 26/02/2012 06:04:54, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RasMan service. 26/02/2012 00:31:37, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect. 26/02/2012 00:31:37, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 26/02/2012 00:27:43, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion. 26/02/2012 00:27:40, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Application Virtualization Client service to connect. 26/02/2012 00:27:40, Error: Service Control Manager [7000] - The Application Virtualization Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 24/02/2012 09:46:38, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. 24/02/2012 04:25:31, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Browser service. 24/02/2012 04:25:31, Error: Service Control Manager [7000] - The Computer Browser service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File =========================== One thing that might be of significance is that I did not disable Norton Internet security while I was running the DDSs. If you think this will affect the result please let me know and I will do it again with the Norton disabled Download OTL to your desktop. Open OTL * Copy and Paste the following text in the codebox into the Custom Scans/Fixes window. Code: [Select]:OTL BHO: Shopping Assistant Plugin: {1631550f-191d-4826-b069-d9439253d926} - C:\Program Files (x86)\PriceGong\2.5.2\PriceGongIE.dll BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll mRun: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I BHO-X64: PriceGong - No File BHO-X64: AcroIEHelperStub - No File BHO-X64: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll BHO-X64: Babylon toolbar helper - No File BHO-X64: CescrtHlpr Object: {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll BHO-X64: facemoods Helper - No File BHO-X64: Search Helper - No File BHO-X64: URLRedirectionBHO - No File BHO-X64: TBLA06779 - No File TB-X64: facemoods Toolbar: {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll mRun-x64: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I :folders C:\Program Files (x86)\PriceGong C:\Program Files (x86)\BabylonToolbar\BabylonToolbar C:\Program Files (x86)\facemoods.com\facemoods :COMMANDS [resethosts] [purity] [start explorer] * Click Run Fix * OTLI2 may ask to reboot the machine. Please do so if asked. * Click OK * A report will open. Copy and Paste that report in your next reply. ********************************************************** Download Combofix from any of the links below, and save it to your desktop. Link 1 Link 2 Link 3 To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure. Close any open windows and double click ComboFix.exe to run it. You will see the following image: Click I Agree to start the program. ComboFix will then extract the necessary files and you will see this: As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7 It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. If you did not have it installed, you will see the prompt below. Choose YES. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console. Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: Click on Yes, to continue scanning for malware. When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt). Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so. Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.Still problem with the script. While I was trying to talk on Skype the following appeared A script on this page may be busy, or it may have stopped responding. You can stop the script now, or you can continue to see if the script will complete. Script: http://mail.yimg.com/zz/combo?nq/3909/yui/yui-min.js&nq/3909/oop/oop-min.js&nq/3909/dom/dom-min.js&nq/3909/event/event-min.js&nq/3909/event-custom/event-custom-min.js&nq/3909/base/base-base-min.js&nq/3909/plugin/plugin-min.js&nq/3909/pluginhost/pluginhost-min.js&nq/3909/node/node-min.js&nq/3909/attribute/attribute-min.js&nq/3909/json/json-min.js&nq/3909/intl/intl-min.js&nq/3909/datatype/lang/datatype-date.js&nq/3909/datatype/datatype-date-min.js&nq/3909/datatype/datatype-xml-min.js&nq/3909/cookie/cookie-min.js&nq/3909/async-queue/async-queue-min.js&nq/3909/collection/array-extras-min.js&nq/3909/querystring/querystring-parse-simple-min.js&nq/3909/querystring/querystring-stringify-simple-min.js&nq/3909/loader/loader-min.js:13OTL did not ask me to reboot. This is the log. Is there something wrong? I will try to do it once again ========== OTL ========== Error: Unable to interpret <:folders> in the current context! Error: Unable to interpret in the current context! Error: Unable to interpret in the current context! Error: Unable to interpret in the current context! ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.33.2 log created on 02272012_224127 I tried again. Same message. Hope is fineThat's ok. Please uninstall these programs Babylon toolbar on IE Facemoods Toolbar PriceGong 2.5.2 They are malicious. Then, please proceed with ComboFix. Thanks. I deleted the programs you told me and run ComboFix (it took several attempts, quite some time and a reboot) When I tried to open any of the different browsers so that I could send you the log the following message appeared "c:\Program Files (x86) Mozilla Firefox/firefox.exe Illegal Operation attempted on a registry item that has been marked to delete" The same with IE and Google Chrone Fortunately it worked OK after another reboot but I just thought I will tell you anyway Also: while I have been trying to write this the following message appeared "A script on this page may be busy, or it may have stopped responding. You can stop the script now, or you can continue to see if the script will complete. Script: http://d3lvr7yuk4uaui.cloudfront.net/items/it/js/itn.js:46" I get those messages daily sometimes several times. I am tired of them. Any suggestions as to what to do?And the Combo Fix log ComboFix 12-02-27.02 - marina 28/02/2012 20:50:35.10.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3999.1950 [GMT 0:00] Running from: c:\users\marina\Desktop\ComboFix.exe AV: Norton Internet Security Disabled/Updated {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton Internet Security Disabled {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton Internet Security Enabled/Updated {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender Disabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\boost_interprocess\20120228140443.359599 c:\programdata\boost_interprocess\20120228140443.359599\Nobu64AgentService c:\programdata\boost_interprocess\20120228140443.359599\Nobu64TrayIcon . . ((((((((((((((((((((((((( Files Created from 2012-01-28 to 2012-02-28 ))))))))))))))))))))))))))))))) . . 2012-02-28 21:18 . 2012-02-28 21:18 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-02-28 21:18 . 2012-02-28 21:18 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-27 22:41 . 2012-02-27 22:41 -------- d-----w- C:\_OTL 2012-02-26 06:42 . 2012-02-26 06:42 -------- d-----w- c:\users\marina\AppData\Roaming\SUPERAntiSpyware.com 2012-02-26 06:41 . 2012-02-26 06:44 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-02-26 06:41 . 2012-02-26 06:41 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-02-25 21:17 . 2012-02-25 21:17 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-02-15 08:30 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll 2012-02-15 08:30 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll 2012-02-15 08:30 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl 2012-02-15 08:30 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl 2012-02-15 08:30 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys 2012-02-15 08:30 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys 2012-02-15 08:30 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll 2012-02-15 08:30 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll 2012-02-14 07:24 . 2012-02-14 07:24 -------- d-----w- c:\programdata\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E} 2012-02-13 18:22 . 2012-02-25 21:15 476904 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll 2012-02-02 10:12 . 2012-02-02 10:12 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll 2012-02-02 10:08 . 2012-02-02 10:08 -------- d-----w- c:\program files\Bonjour 2012-02-02 10:08 . 2012-02-02 10:08 -------- d-----w- c:\program files (x86)\Bonjour 2012-02-02 02:37 . 2012-02-02 02:37 120368 ----a-w- c:\windows\SysWow64\ezuninst.exe 2012-02-02 02:37 . 2012-02-02 02:37 117808 ----a-w- c:\windows\SysWow64\ezshellstart.exe 2012-01-31 22:13 . 2012-02-22 20:20 -------- d-----w- c:\users\marina\AppData\Local\WiredRed 2012-01-31 12:52 . 2012-02-01 00:44 -------- d-----w- c:\windows\system32\drivers\NISx64\1305000.091 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-25 21:15 . 2010-05-02 11:55 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-01-31 12:52 . 2011-05-12 15:12 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS 2012-01-22 21:13 . 2011-06-12 05:22 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-12-10 15:24 . 2011-05-04 13:55 23152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-12-01 08:18 . 2011-12-01 08:18 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll 2011-12-01 08:18 . 2011-12-01 08:18 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{F569CF08-EDF6-4FAB-8C8A-EEC184358372}"= "c:\program files (x86)\ListenArabic\ListenArabic Toolbar\tbcore3.dll" [2009-06-02 2695168] . [HKEY_CLASSES_ROOT\clsid\{f569cf08-edf6-4fab-8c8a-eec184358372}] [HKEY_CLASSES_ROOT\TBLA06779.TBLA06779.3] [HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] [HKEY_CLASSES_ROOT\TBLA06779.TBLA06779] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] ="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\marina\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] ="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\marina\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] ="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\marina\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] ="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\marina\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 2741616] "HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2010-06-30 1689144] "VeohPlugin"="c:\program files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2011-08-25 2816328] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304] "Akamai NetSession Interface"="c:\users\marina\AppData\Local\Akamai\netsession_win.exe" [2012-02-02 3329824] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 323640] "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-09-02 60464] "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-03-23 500792] "SecureW2 Tray"="c:\program files (x86)\SecureW2\sw2_tray.exe" [2010-07-28 200584] "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "NBAgent"="c:\program files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-09-20 1493288] "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2011-10-12 3151000] "TkBellExe"="c:\program files (x86)\real\realplayer\update\realsched.exe" [2011-12-01 296056] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-31 460872] . c:\users\marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ BBC iPlayer Desktop.lnk - [N/A] Dropbox.lnk - c:\users\marina\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216] ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE [2005-10-20 38912] fliptoast.lnk - c:\program files (x86)\Fliptoast\fliptoast.exe [N/A] OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE [2012-1-4 3208032] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] ="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] ="Driver" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-31 136176] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-31 136176] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1305000.091\SYMDS64.SYS S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1305000.091\SYMEFA64.SYS S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20120215.001\BHDrvx64.sys [2012-02-07 1157240] S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1305000.091\ccSetx64.sys S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120225.004\IDSvia64.sys [2011-12-15 488568] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1305000.091\Ironx64.SYS S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1305000.091\SYMNETS.SYS S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2010-06-30 89600] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136] S2 Giraffic;Veoh Giraffic Video Accelerator;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2012-01-22 2230416] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-31 652360] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-09-23 641832] S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.5.0.145\ccSvcHst.exe [2011-11-30 138248] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-07 138360] S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2011-03-04 11:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2012-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-31 15:52] . 2012-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-31 15:52] . 2012-02-26 c:\windows\Tasks\HPCeeScheduleFormarina.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 22:15] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] ="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\marina\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] ="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\marina\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] ="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\marina\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] ="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\marina\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-10 165912] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-10 387608] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-10 365592] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-30 487424] . ------- Supplementary Scan ------- . uStart Page = hxxp://www.alwaraq.net/Core/index.jsp?option=1 uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = 127.0.0.1:9421;.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: {{F569CF08-EDF6-4FAB-8C8A-EEC184358372} - {F569CF08-EDF6-4FAB-8C8A-EEC184358372} - c:\program files (x86)\ListenArabic\ListenArabic Toolbar\tbcore3.dll TCP: DhcpNameServer = 193.63.73.32 FF - ProfilePath - c:\users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\2y9b2iki.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://www.soas.ac.uk/ FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&SearchSource=2&q= FF - prefs.js: network.proxy.gopher - FF - prefs.js: network.proxy.type - 4 FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe Toolbar-10 - (no file) WebBrowser-{F569CF08-EDF6-4FAB-8C8A-EEC184358372} - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe AddRemove-Searchqu 406 MediaBar - c:\program files (x86)\Windows iLivid Toolbar\uninstall.exe AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS] "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.5.0.145\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.5.0.145\diMaster.dll\" /prefetch:1" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai] "ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] Denied: (A 2) (Everyone) ="FlashBroker" "LocalizedString"="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] ="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] ="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] Denied: (A 2) (Everyone) ="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] ="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] ="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] ="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] ="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] ="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] ="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] ="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] Denied: (A 2) (Everyone) ="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] ="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] ="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] ="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] ="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] ="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] ="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] Denied: (A 2) (Everyone) ="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] ="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] ="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\CyberLink\Shared files\RichVideo.exe c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files (x86)\Giraffic\Veoh_Giraffic.exe c:\program files (x86)\Canon\CAL\CALMAIN.exe . ************************************************************************* . Completion time: 2012-02-28 21:33:45 - machine was rebooted ComboFix-quarantined-files.txt 2012-02-28 21:33 . Pre-Run: 174,577,553,408 bytes free Post-Run: 177,564,450,816 bytes free . - - End Of File - - FE017AF54B38363089461AA075AD570E

Answer»

Hi! My laptop is becoming increasingly slow as if there is a virus. Firefox keeps asking me whether I can to stop a script, GOOGLE chrom says about a PLUGIN that has crashed but in general sometimes I think it has frozen all together.

I just for that on a screen a while ago

resource:///components/nsSessionStore.js:402

Any idea as to what it is and above all what I can do for my computer to run properly?

thanks,
Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and TRANSFER any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************************
SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!

Download SuperAntispyware Free Edition (SAS)
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
•Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
*********************************************
Please download Malwarebytes Anti-Malware from here.
Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and LAUNCH Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Full Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
Please save the log to a location you will remember.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
************************************************************************
Download DDS from HERE or HERE and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.

1) DDS.txt
2) Attach.txt
Instead of attaching, please copy/past both logs into your Thread

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.

•Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE .Then post your DDS logs. (DDS.txt and Attach.txt )
Thanks. This is the SUPERAntiSpyware Scan Log

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 02/26/2012 at 04:52 PM

Application Version : 5.0.1144

Core RULES Database Version : 8279
Trace Rules Database Version: 6091

Scan type : Complete Scan
Total Scan Time : 09:59:07

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 576
Memory threats detected : 0
Registry items scanned : 66358
Registry threats detected : 4
File items scanned : 261118
File threats detected : 556

Browser Hijacker.Deskbar
   (x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
   (x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid32
   (x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib
   (x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib#Version

Adware.Tracking Cookie
   C:\Users\marina\AppData\Roaming\Microsoft\Windows\Cookies\YVRJ2FYS.txt [ /c.atdmt.com ]
   C:\Users\marina\AppData\Roaming\Microsoft\Windows\Cookies\V5NB1UG9.txt [ /mywebsearch.com ]
   C:\Users\marina\AppData\Roaming\Microsoft\Windows\Cookies\CT0ZAN1V.txt [ /atdmt.com ]
   C:\USERS\MARINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\1I6Y6E7X.txt [ Cookie:[email protected]/ ]
   C:\USERS\MARINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\WA530UF2.txt [ Cookie:[email protected]/adServe/banners ]
   C:\USERS\MARINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\H48NWYV4.txt [ Cookie:[email protected]/cgi-bin ]
   C:\USERS\MARINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\LWOTI6EC.txt [ Cookie:[email protected]/ ]
   C:\USERS\MARINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZJYAWTEW.txt [ Cookie:[email protected]/ ]
   C:\USERS\MARINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\YEP7UH7S.txt [ Cookie:[email protected]/ ]
   C:\USERS\MARINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\XES36DXK.txt [ Cookie:[email protected]/ ]
   C:\USERS\MARINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\JAILEL10.txt [ Cookie:[email protected]/ ]
   C:\USERS\MARINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\TM2QR2BS.txt [ Cookie:[email protected]/ ]
   C:\USERS\MARINA\Cookies\YVRJ2FYS.txt [ Cookie:[email protected]/ ]
   C:\USERS\MARINA\Cookies\V5NB1UG9.txt [ Cookie:[email protected]/ ]
   C:\USERS\MARINA\Cookies\CT0ZAN1V.txt [ Cookie:[email protected]/ ]
   .serving-sys.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .atdmt.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .atdmt.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .serving-sys.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .imrworldwide.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .imrworldwide.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .apmebf.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .mediaplex.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adbrite.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .zedo.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .zedo.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   rotator.adjuggler.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   rotator.adjuggler.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   rotator.adjuggler.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   track.adform.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ru4.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .specificclick.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adviva.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .serving-sys.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .doubleclick.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .apmebf.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adxvalue.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .fastclick.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .casalemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .casalemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .casalemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .casalemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .casalemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .casalemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adinterax.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .zanox.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.zanox.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tradedoubler.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tradedoubler.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tradedoubler.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .uk.at.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .at.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tacoda.at.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tacoda.at.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tacoda.at.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tacoda.at.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .at.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tacoda.at.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tacoda.at.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ar.atwola.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tribalfusion.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .pro-market.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adxpose.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adbrite.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .wpni.112.2o7.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .pointroll.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .pointroll.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   statse.webtrendslive.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .chitika.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .mm.chitika.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .histats.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .weborama.fr [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .baa.solution.weborama.fr [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .baa.solution.weborama.fr [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .baa.solution.weborama.fr [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .baa.solution.weborama.fr [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .histats.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .lucidmedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .yieldmanager.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adinterax.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   eas.apm.emediate.eu [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   eas.apm.emediate.eu [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .questionmarket.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   accounts.google.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .virginmedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   server.adformdsp.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adformdsp.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adform.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .bs.serving-sys.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   track.adform.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adform.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .zedo.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .zedo.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .247realmedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ads.audience2media.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ads.audience2media.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .media6degrees.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .media6degrees.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .media6degrees.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .media6degrees.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .media6degrees.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .media6degrees.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .audience2media.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .zedo.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .zedo.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .zedo.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .serving-sys.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .serving-sys.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .doubleclick.net [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .247realmedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .247realmedia.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ru4.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .mediaplex.com [ C:\USERS\MARINA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.insightexpressai.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   cdn2.baronsmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   cloud.video.unrulymedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   cloudfront.mediamatters.org [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   content.oddcast.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   content.yieldmanager.edgesuite.net [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   ds.serving-sys.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   ec.atdmt.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   ia.media-imdb.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   media.buto.tv [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   media.kyte.tv [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   media.mtvnservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   media.npr.org [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   media.scanscout.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   media.socialvibe.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   media1.break.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   media3.break.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   msnbcmedia.msn.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   s0.2mdn.net [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   secure-uk.imrworldwide.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   secure-us.imrworldwide.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   serving-sys.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   spe.atdmt.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   stat.easydate.biz [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   tracking.onefeed.co.uk [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   www.99counters.com [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   www.al-anon.alateen.org [ C:\USERS\MARINA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3BXS5EM8 ]
   .casalemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .getclicky.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .static.getclicky.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   in.getclicky.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   track.solocpm.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   track.solocpm.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   track.solocpm.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adviva.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   eas.apm.emediate.eu [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   eas4.emediate.eu [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .indoormedia.co.uk [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   max.bannermanager.gr [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .tradedoubler.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .tradedoubler.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .tradedoubler.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   openx1.overadmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .accounts.google.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .accounts.google.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   accounts.google.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   accounts.google.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .mjtracking.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .mjtracking.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   islamicinsights.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .islamicinsights.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .islamicinsights.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .richmedia.yahoo.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .apmebf.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .apmebf.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .mediafire.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .mediafire.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .mediafire.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   server.adformdsp.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adformdsp.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   stats.e-go.gr [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   *Blocked Russian URL* [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .game-advertising-online.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   track.adform.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adform.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .statcounter.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   cdmedia.rotator.hadj7.adjuggler.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   cdmedia.rotator.hadj7.adjuggler.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   vidasco.rotator.hadj7.adjuggler.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   vidasco.rotator.hadj7.adjuggler.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adjuggler.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adinterax.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adinterax.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .amazon-adsystem.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .amazon-adsystem.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .zedo.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .zedo.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .zedo.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .zedo.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .zedo.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   uk.sitestat.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   uk.sitestat.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .harrenmedianetwork.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .fastclick.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .fastclick.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .ad-emea.doubleclick.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .ad-emea.doubleclick.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .doubleclick.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .doubleclick.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .www.cdmediallc.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   statse.webtrendslive.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   tracking.hostgator.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   ox.mediabistro.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .find-me-a-gift.co.uk [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .find-me-a-gift.co.uk [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .e-2dj6wjlyundpgeo.stats.esomniture.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .imrworldwide.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .imrworldwide.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   wstat.wibiya.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .atdmt.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .atdmt.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .yieldmanager.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .histats.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .histats.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .legolas-media.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .legolas-media.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .legolas-media.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .tripod.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .tripod.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   leads.383media.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   leads.383media.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .mm.chitika.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .ads.24media.gr [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .ads.24media.gr [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .service.24media.gr [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .service.24media.gr [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   ads.audience2media.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .audience2media.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   ads.audience2media.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .audience2media.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   httptrack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .clickfuse.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .clickfuse.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .clickfuse.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   findnsave.sacbee.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .c.gigcount.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .247realmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .247realmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .247realmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   doublespeed.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   doublespeed.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   help.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   help.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   my.virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .virginmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .revsci.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adbrite.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adbrite.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adbrite.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adbrite.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adbrite.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   dc.tremormedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .nextag.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .nextag.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .nextag.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .nextag.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .womanmediagroup.es [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   ad.zanox.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .zanox.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adxpose.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   ads.saymedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   ads.saymedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   clickztrax.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   clickztrax.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .clicksor.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .clicksor.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .smartadserver.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www4.smartadserver.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .unrulymedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .eyewonder.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .eyewonder.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .technoratimedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .lucidmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   publishers.clickbooth.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.findaproperty.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .findaproperty.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .findaproperty.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .findaproperty.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   ad2.adfarm1.adition.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .pointroll.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .pointroll.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .ads.pointroll.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .specificclick.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .revenuemantra.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .xm.xtendmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   accounts.youtube.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .lfstmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .lfstmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .lfstmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .lfstmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .pro-market.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .advertising.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .advertising.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .advertising.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .advertising.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .advertising.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .advertising.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .advertising.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .overture.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .overture.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .perf.overture.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   network.clickbanner.gr [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .kantarmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .kantarmedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .files.bannersnack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .files.bannersnack.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adxvalue.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .interclick.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .interclick.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .a1.interclick.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .a1.interclick.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .interclick.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .interclick.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .ru4.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .ru4.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .mediaplex.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .mediaplex.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   *Blocked Russian URL* [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   *Blocked Russian URL* [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adtechus.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adserver.adtechus.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.burstnet.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .www.burstnet.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .burstnet.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   www.burstnet.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .at.atwola.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .uk.at.atwola.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .uk.at.atwola.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .uk.at.atwola.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .serving-sys.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .serving-sys.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .serving-sys.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .bs.serving-sys.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .hearstmagazines.112.2o7.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .wpni.112.2o7.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .highbeam.122.2o7.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .112.2o7.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .opodo.122.2o7.net [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .traveladvertising.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .traveladvertising.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .media6degrees.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .media6degrees.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .media6degrees.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .media6degrees.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .media6degrees.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .media6degrees.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .media6degrees.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .media6degrees.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .media6degrees.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .questionmarket.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .questionmarket.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adfarm1.adition.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adfarm1.adition.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   adfarm1.adition.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   eas.apm.emediate.eu [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   eas.apm.emediate.eu [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .tribalfusion.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .adinterax.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .serving-sys.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .serving-sys.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .mediaplex.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\USERS\MARINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2Y9B2IKI.DEFAULT\COOKIES.SQLITE ]
Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.26.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
marina :: SAMMADHITTI [administrator]

Protection: Enabled

26/02/2012 17:54:58
mbam-log-2012-02-26 (17-54-58).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 535028
Time elapsed: 5 hour(s), 8 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Program Files (x86)\27res.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Users\marina\AppData\LocalLow\OurBabyMaker_27EI\Installr\Cache\023EC878.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.

(end)
I will need to see the DDS logs; both of them.Thanks. Here is the first (the DDS)

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by marina at 3:49:45 on 2012-02-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3999.1335 [GMT 0:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k netsvcs
C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\ccSvcHst.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\ccSvcHst.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\marina\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Users\marina\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\SecureW2\sw2_tray.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
C:\Users\marina\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
C:\Program Files (x86)\real\realplayer\Update\realsched.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\NOTEPAD.EXE
Q:\140062.enu\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\splwow64.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Q:\140062.enu\Office14\WINWORD.EXE
C:\Windows\system32\svchost.exe -k defragsvc
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.facemoods.com/?a=axl
uInternet Settings,ProxyOverride = 127.0.0.1:9421;*.local
mSearchAssistant = hxxp://start.facemoods.com/?a=axl&s={searchTerms}&f=4
BHO: Shopping Assistant Plugin: {1631550f-191d-4826-b069-d9439253d926} - C:\Program Files (x86)\PriceGong\2.5.2\PriceGongIE.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\coIEPlg.dll
BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\IPS\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - C:\Program Files (x86)\WOT\WOT.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TBLA06779 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - C:\Program Files (x86)\ListenArabic\ListenArabic Toolbar\tbcore3.dll
TB: ListenArabic Toolbar: {f569cf08-edf6-4fab-8c8a-eec184358372} - C:\Program Files (x86)\ListenArabic\ListenArabic Toolbar\tbcore3.dll
TB: C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\coIEPlg.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - C:\Program Files (x86)\WOT\WOT.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll
TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [VeohPlugin] "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [Akamai NetSession Interface] "C:\Users\marina\AppData\Local\Akamai\netsession_win.exe"
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [SecureW2 Tray] C:\Program Files (x86)\SecureW2\sw2_tray.exe
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
mRun: [TkBellExe] "C:\Program Files (x86)\real\realplayer\update\realsched.exe" -osboot
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: []
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\marina\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\BBCIPL~1.LNK -
StartupFolder: C:\Users\marina\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\marina\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\marina\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\Users\marina\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\FLIPTO~1.LNK - C:\Program Files (x86)\Fliptoast\fliptoast.exe
StartupFolder: C:\Users\marina\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: HideFastUserSwitching = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {F569CF08-EDF6-4FAB-8C8A-EEC184358372} - {F569CF08-EDF6-4FAB-8C8A-EEC184358372} - C:\Program Files (x86)\ListenArabic\ListenArabic Toolbar\tbcore3.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{6BA18F65-FA7D-4561-B466-FF1BDBAC958E} : DhcpNameServer = 193.63.73.32
TCP: Interfaces\{B56D9987-1A01-4B59-AB71-BD1DFCE6B55B} : DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{B56D9987-1A01-4B59-AB71-BD1DFCE6B55B}\249627B6265636B6D27514D4 : DhcpNameServer = 193.61.1.250
TCP: Interfaces\{B56D9987-1A01-4B59-AB71-BD1DFCE6B55B}\24F646C6569616E6D2C49626271627965637 : DhcpNameServer = 163.1.2.1 129.67.1.1 129.67.1.180
TCP: Interfaces\{B56D9987-1A01-4B59-AB71-BD1DFCE6B55B}\36F6374716 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{B56D9987-1A01-4B59-AB71-BD1DFCE6B55B}\478656169627C696E656 : DhcpNameServer = 10.81.93.254 10.81.93.254
TCP: Interfaces\{B56D9987-1A01-4B59-AB71-BD1DFCE6B55B}\9435D434D214B455 : DhcpNameServer = 217.13.1.28 83.218.143.36
TCP: Interfaces\{B56D9987-1A01-4B59-AB71-BD1DFCE6B55B}\B49405F4350234146454 : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: Shopping Assistant Plugin: {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.2\PriceGongIE.dll
BHO-X64: PriceGong - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll
BHO-X64: Babylon toolbar helper - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\coIEPlg.dll
BHO-X64: Norton Identity Protection - No File
BHO-X64: CescrtHlpr Object: {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
BHO-X64: facemoods Helper - No File
BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\IPS\IPSBHO.DLL
BHO-X64: Norton Vulnerability Protection - No File
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: TBLA06779 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\ListenArabic\ListenArabic Toolbar\tbcore3.dll
BHO-X64: TBLA06779 - No File
TB-X64: ListenArabic Toolbar: {F569CF08-EDF6-4FAB-8C8A-EEC184358372} - C:\Program Files (x86)\ListenArabic\ListenArabic Toolbar\tbcore3.dll
TB-X64: C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\coIEPlg.dll
TB-X64: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
TB-X64: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll
TB-X64: facemoods Toolbar: {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun-x64: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun-x64: [SecureW2 Tray] C:\Program Files (x86)\SecureW2\sw2_tray.exe
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun-x64: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
mRun-x64: [TkBellExe] "C:\Program Files (x86)\real\realplayer\update\realsched.exe" -osboot
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
SEH-X64: EasyBits ShellExecute Hook: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\2y9b2iki.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.soas.ac.uk/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&SearchSource=2&q=
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.type - 4
FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dll
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\marina\AppData\Roaming\Move Networks\plugins\npqmp071700000016.dll
FF - plugin: C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\2y9b2iki.default\extensions\[email protected]\plugins\NPLoaderFF.dll
FF - plugin: C:\Users\marina\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true
.
============= SERVICES / DRIVERS ===============
.
R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\system32\DRIVERS\NBVol.sys --> C:\Windows\system32\DRIVERS\NBVol.sys [?]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\system32\DRIVERS\NBVolUp.sys --> C:\Windows\system32\DRIVERS\NBVolUp.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1305000.091\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1305000.091\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1305000.091\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1305000.091\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20120215.001\BHDrvx64.sys [2012-2-16 1157240]
R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\system32\drivers\NISx64\1305000.091\ccSetx64.sys --> C:\Windows\system32\drivers\NISx64\1305000.091\ccSetx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120224.002\IDSviA64.sys [2012-2-24 488568]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1305000.091\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1305000.091\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1305000.091\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1305000.091\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2010-6-30 89600]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\system32\svchost.exe -k netsvcs [2009-7-13 20992]
R2 Giraffic;Veoh Giraffic Video Accelerator;C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe --service --> C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe --service [?]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-5-4 652360]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-9-23 641832]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\ccsvchst.exe [2012-1-31 138248]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2011-10-12 4700824]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-11-7 227896]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-7 138360]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-31 136176]
S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-31 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
.
=============== Created Last 30 ================
.
2012-02-26 17:00:58   --------   d-----w-   C:\Users\marina\AppData\Local\{D99E6408-6589-41E0-BA0D-B098D5082C64}
2012-02-26 17:00:30   --------   d-----w-   C:\Users\marina\AppData\Local\{017CAE32-ABCB-4464-B7BD-71CF6398EBC9}
2012-02-26 06:42:25   --------   d-----w-   C:\Users\marina\AppData\Roaming\SUPERAntiSpyware.com
2012-02-26 06:41:56   --------   d-----w-   C:\Program Files\SUPERAntiSpyware
2012-02-26 06:41:55   --------   d-----w-   C:\ProgramData\SUPERAntiSpyware.com
2012-02-26 00:32:43   --------   d-----w-   C:\Users\marina\AppData\Local\{7B3394B8-F42F-43EC-B37C-0808475E0F16}
2012-02-26 00:32:16   --------   d-----w-   C:\Users\marina\AppData\Local\{9A0DD797-9B50-4819-A68C-C6B440A483E8}
2012-02-23 08:39:58   --------   d-----w-   C:\Users\marina\AppData\Local\{B43DA613-BCA4-40B9-AD3B-188ABD753A68}
2012-02-23 08:39:42   --------   d-----w-   C:\Users\marina\AppData\Local\{D4045162-63B9-4EE8-B67B-8A5461CFD840}
2012-02-22 12:39:28   --------   d-----w-   C:\Users\marina\AppData\Local\{97F142C7-5B8D-4A3E-A2A5-F3E075451A80}
2012-02-22 12:39:12   --------   d-----w-   C:\Users\marina\AppData\Local\{BA3EEA9B-68BC-4BF4-9CF2-5A6ACEE01010}
2012-02-21 22:08:25   --------   d-----w-   C:\Users\marina\AppData\Local\{1AB97308-BA12-4912-B470-90ACD4BF5D01}
2012-02-21 22:08:24   --------   d-----w-   C:\Users\marina\AppData\Local\{C5C365A5-EFDF-4565-B8BC-CC390EF098B3}
2012-02-21 10:07:54   --------   d-----w-   C:\Users\marina\AppData\Local\{12C36157-1412-492B-B45A-CE97FC6F213D}
2012-02-20 22:07:14   --------   d-----w-   C:\Users\marina\AppData\Local\{4E76EBDC-2BA3-485B-ADA7-9850A2986377}
2012-02-20 10:06:37   --------   d-----w-   C:\Users\marina\AppData\Local\{D2663F44-A3B5-49E7-A18C-4584E6E55E7C}
2012-02-20 10:06:26   --------   d-----w-   C:\Users\marina\AppData\Local\{8E61D92A-2012-4E61-92B0-36ED0DD0551B}
2012-02-20 10:06:14   --------   d-----w-   C:\Users\marina\AppData\Local\{C41EBCCA-1024-4F31-A7DE-4182EA5AEE21}
2012-02-19 22:05:36   --------   d-----w-   C:\Users\marina\AppData\Local\{D596DBB8-6166-4F26-A3CC-97BA84205D87}
2012-02-19 10:04:58   --------   d-----w-   C:\Users\marina\AppData\Local\{CE09F457-4120-4A65-A4CA-1330AD011899}
2012-02-19 10:04:35   --------   d-----w-   C:\Users\marina\AppData\Local\{587E0FB2-D6A6-4338-A830-DA39D588B73A}
2012-02-18 22:04:06   --------   d-----w-   C:\Users\marina\AppData\Local\{BD466FBC-807A-4DD3-9FEE-011813B72995}
2012-02-18 22:03:43   --------   d-----w-   C:\Users\marina\AppData\Local\{2618F9A5-29EA-4A4D-84C0-E1567B27660E}
2012-02-18 10:02:48   --------   d-----w-   C:\Users\marina\AppData\Local\{126B6BC5-CA38-4B1B-93A4-963E230286A2}
2012-02-18 10:02:33   --------   d-----w-   C:\Users\marina\AppData\Local\{AC00071A-AF7F-4B73-9953-97B1F8E36CDF}
2012-02-17 20:43:15   --------   d-----w-   C:\Users\marina\AppData\Local\{C3ECA418-0C05-4FF2-8E0D-B129A50FC09B}
2012-02-17 08:42:38   --------   d-----w-   C:\Users\marina\AppData\Local\{C3ADA18E-767E-43C9-A061-A2358AEE4C9E}
2012-02-16 20:36:22   --------   d-----w-   C:\Users\marina\AppData\Local\{924BA057-6F9B-4A3A-A8B1-4D8C90EE447B}
2012-02-16 20:35:59   --------   d-----w-   C:\Users\marina\AppData\Local\{4F9BB7C1-12ED-44B3-B6F0-DE4000F0CB80}
2012-02-16 08:35:11   --------   d-----w-   C:\Users\marina\AppData\Local\{77C03757-398F-4C92-944D-7A8BE2F52026}
2012-02-16 08:34:57   --------   d-----w-   C:\Users\marina\AppData\Local\{052B150C-50F3-4941-B5FE-72B1518C4B10}
2012-02-15 12:20:37   --------   d-----w-   C:\Users\marina\AppData\Local\{74F3AED9-B0F5-4602-B279-BCDAD2BC8E48}
2012-02-15 08:30:29   509952   ----a-w-   C:\Windows\System32\ntshrui.dll
2012-02-15 08:30:29   442880   ----a-w-   C:\Windows\SysWow64\ntshrui.dll
2012-02-15 08:30:28   515584   ----a-w-   C:\Windows\System32\timedate.cpl
2012-02-15 08:30:28   478720   ----a-w-   C:\Windows\SysWow64\timedate.cpl
2012-02-15 08:30:27   3145728   ----a-w-   C:\Windows\System32\win32k.sys
2012-02-15 08:30:25   498688   ----a-w-   C:\Windows\System32\drivers\afd.sys
2012-02-15 08:30:21   690688   ----a-w-   C:\Windows\SysWow64\msvcrt.dll
2012-02-15 08:30:21   634880   ----a-w-   C:\Windows\System32\msvcrt.dll
2012-02-15 00:19:59   --------   d-----w-   C:\Users\marina\AppData\Local\{3BB23024-0975-41F4-984D-02144E1C502E}
2012-02-14 12:19:20   --------   d-----w-   C:\Users\marina\AppData\Local\{B724E541-12D0-4293-9234-3F8811FA1436}
2012-02-14 07:24:00   --------   d-----w-   C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2012-02-14 00:18:20   --------   d-----w-   C:\Users\marina\AppData\Local\{D70CBE41-0C86-4C65-B9B0-90EBB3656462}
2012-02-14 00:17:51   --------   d-----w-   C:\Users\marina\AppData\Local\{2DF0ACF9-7C36-4BFC-AB1A-F50144FD263A}
2012-02-13 18:22:30   476904   ----a-w-   C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2012-02-13 12:17:20   --------   d-----w-   C:\Users\marina\AppData\Local\{78709EDC-D9DF-4FAA-B978-4F0C8EECA182}
2012-02-12 23:46:13   --------   d-----w-   C:\Users\marina\AppData\Local\{01E5DAFD-20A9-41A8-8CEB-39D71ADEB301}
2012-02-12 11:45:25   --------   d-----w-   C:\Users\marina\AppData\Local\{0DBEC31D-3AD8-4ACF-9125-35026BEEA5FF}
2012-02-11 23:44:44   --------   d-----w-   C:\Users\marina\AppData\Local\{03A3DD3A-381D-4766-B47F-963AC65A6073}
2012-02-11 11:44:06   --------   d-----w-   C:\Users\marina\AppData\Local\{05DAA6DF-7F93-4CFF-9738-2CA0C9D0F4F1}
2012-02-10 23:43:28   --------   d-----w-   C:\Users\marina\AppData\Local\{995C33D3-81ED-4CE6-BDD1-808493D106FE}
2012-02-10 11:42:50   --------   d-----w-   C:\Users\marina\AppData\Local\{4AE3DEC7-9062-4007-A279-B66B3E8730FF}
2012-02-10 11:42:27   --------   d-----w-   C:\Users\marina\AppData\Local\{3A212164-740A-4E05-917B-A7911CB7F5B3}
2012-02-09 23:41:58   --------   d-----w-   C:\Users\marina\AppData\Local\{D0F2561A-ABB6-49FE-AD44-CCFEE1776D1E}
2012-02-09 23:41:35   --------   d-----w-   C:\Users\marina\AppData\Local\{820FF5C9-CAD9-4878-916E-9A9693222499}
2012-02-09 11:41:03   --------   d-----w-   C:\Users\marina\AppData\Local\{46BB1FD4-FA32-4874-8611-9F03C8ADD4B1}
2012-02-09 11:40:48   --------   d-----w-   C:\Users\marina\AppData\Local\{522FD6FD-35B5-4EFA-8956-3EDBF4FC889B}
2012-02-08 23:20:59   --------   d-----w-   C:\Users\marina\AppData\Local\{A1515CB7-60EC-4EBE-B810-ACDC8335B1C4}
2012-02-08 11:20:20   --------   d-----w-   C:\Users\marina\AppData\Local\{F5B578C9-5CD3-4634-BD10-1748A17622E3}
2012-02-08 11:19:57   --------   d-----w-   C:\Users\marina\AppData\Local\{844A91F3-4EAC-4F93-AB07-90FD02E213DC}
2012-02-07 23:19:39   --------   d-----w-   C:\Users\marina\AppData\Local\{E311FC56-9106-431B-ABBF-541F55441850}
2012-02-07 23:19:38   --------   d-----w-   C:\Users\marina\AppData\Local\{ED473BA8-D36B-4CC6-AF40-E7E825D5E9E0}
2012-02-07 11:14:57   --------   d-----w-   C:\Users\marina\AppData\Local\{2F574A1E-401A-4DC7-8152-AFCB215E36BE}
2012-02-06 23:14:21   --------   d-----w-   C:\Users\marina\AppData\Local\{F11D66AB-3D23-4C4F-AAE6-2CDE923A2BB4}
2012-02-06 11:13:56   --------   d-----w-   C:\Users\marina\AppData\Local\{413950EE-612C-4232-9FE2-54DAD651D1BC}
2012-02-05 23:04:19   --------   d-----w-   C:\Users\marina\AppData\Local\{EC815D95-A1D6-4FB4-8621-5720BC3965F3}
2012-02-05 11:03:53   --------   d-----w-   C:\Users\marina\AppData\Local\{B4A3F3B2-0DEB-429E-A68B-21657163FA17}
2012-02-04 23:03:17   --------   d-----w-   C:\Users\marina\AppData\Local\{72C8D4C3-737F-48F8-BBC9-C124517ABFEC}
2012-02-04 11:02:40   --------   d-----w-   C:\Users\marina\AppData\Local\{21DED89F-1A40-4A58-A0E2-3C12C91921A8}
2012-02-03 23:02:02   --------   d-----w-   C:\Users\marina\AppData\Local\{D9BB0D6C-88D8-4667-A835-8B12002AB044}
2012-02-03 11:01:25   --------   d-----w-   C:\Users\marina\AppData\Local\{DAE1B859-76F7-49A2-B171-7F77C912D2DC}
2012-02-02 22:15:39   --------   d-----w-   C:\Users\marina\AppData\Local\{A08348E7-39C5-4B5A-83F3-FE03786D12A3}
2012-02-02 10:17:37   --------   d-----w-   C:\Program Files\iTunes
2012-02-02 10:14:57   --------   d-----w-   C:\Users\marina\AppData\Local\{38D86300-CED2-4D9E-B700-48EE7B230496}
2012-02-02 10:14:31   --------   d-----w-   C:\Users\marina\AppData\Local\{7ADF098C-749A-4355-BBB2-89940D6641E5}
2012-02-02 10:08:43   --------   d-----w-   C:\Program Files\Bonjour
2012-02-02 10:08:43   --------   d-----w-   C:\Program Files (x86)\Bonjour
2012-02-02 02:37:00   120368   ----a-w-   C:\Windows\SysWow64\ezuninst.exe
2012-02-02 02:37:00   117808   ----a-w-   C:\Windows\SysWow64\ezshellstart.exe
2012-02-01 22:14:01   --------   d-----w-   C:\Users\marina\AppData\Local\{960D9650-F51E-4D72-BEFC-87632EED221A}
2012-02-01 10:13:20   --------   d-----w-   C:\Users\marina\AppData\Local\{9DE140E0-297F-4FBD-A374-A23F604D51D3}
2012-02-01 10:12:56   --------   d-----w-   C:\Users\marina\AppData\Local\{7B3F2776-4D10-4B94-A3A7-A66F73565F63}
2012-01-31 22:13:17   --------   d-----w-   C:\Users\marina\AppData\Local\WiredRed
2012-01-31 22:12:37   --------   d-----w-   C:\Users\marina\AppData\Local\{1C8565F4-D7F5-45C3-A854-ADBD047AF93D}
2012-01-31 22:12:36   --------   d-----w-   C:\Users\marina\AppData\Local\{45514A8E-1666-445B-AB59-B94A6B1EEB21}
2012-01-31 12:52:20   738936   ----a-w-   C:\Windows\System32\drivers\NISx64\1305000.091\srtsp64.sys
2012-01-31 12:52:20   451192   ----a-r-   C:\Windows\System32\drivers\NISx64\1305000.091\symds64.sys
2012-01-31 12:52:20   405624   ----a-w-   C:\Windows\System32\drivers\NISx64\1305000.091\symnets.sys
2012-01-31 12:52:20   37496   ----a-w-   C:\Windows\System32\drivers\NISx64\1305000.091\srtspx64.sys
2012-01-31 12:52:20   190072   ----a-w-   C:\Windows\System32\drivers\NISx64\1305000.091\ironx64.sys
2012-01-31 12:52:20   1092728   ----a-w-   C:\Windows\System32\drivers\NISx64\1305000.091\symefa64.sys
2012-01-31 12:52:19   167048   ----a-w-   C:\Windows\System32\drivers\NISx64\1305000.091\ccsetx64.sys
2012-01-31 12:52:04   --------   d-----w-   C:\Windows\System32\drivers\NISx64\1305000.091
2012-01-31 10:12:09   --------   d-----w-   C:\Users\marina\AppData\Local\{CE0C35F1-DC5D-4FA3-A1F5-2F652B6631D9}
2012-01-30 22:11:30   --------   d-----w-   C:\Users\marina\AppData\Local\{DB1F1FBB-08BB-483D-BA17-96358785683C}
2012-01-30 10:10:54   --------   d-----w-   C:\Users\marina\AppData\Local\{55263DC9-BDC6-40F4-9C9B-6B4998AF84A2}
2012-01-29 22:10:17   --------   d-----w-   C:\Users\marina\AppData\Local\{2EF1D81D-ADE2-469F-84EC-EE9BD5A71825}
2012-01-29 10:09:41   --------   d-----w-   C:\Users\marina\AppData\Local\{A1EB882C-65CE-403B-BB40-45048E796CB6}
2012-01-28 21:26:45   --------   d-----w-   C:\Users\marina\AppData\Local\{E4CC6B2D-86DD-4570-9292-89EAB488CFFD}
2012-01-28 09:26:09   --------   d-----w-   C:\Users\marina\AppData\Local\{66588035-62A9-4C49-970B-F5D68FD54D62}
.
==================== Find3M ====================
.
2012-02-25 21:15:15   472808   ----a-w-   C:\Windows\SysWow64\deployJava1.dll
2012-02-07 11:43:54   60   ----a-w-   C:\Windows\wpd99.drv
2012-01-31 12:52:30   175736   ----a-w-   C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-01-22 21:13:10   414368   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-14 07:11:03   2308096   ----a-w-   C:\Windows\System32\jscript9.dll
2011-12-14 07:04:30   1390080   ----a-w-   C:\Windows\System32\wininet.dll
2011-12-14 07:03:38   1493504   ----a-w-   C:\Windows\System32\inetcpl.cpl
2011-12-14 06:57:28   2382848   ----a-w-   C:\Windows\System32\mshtml.tlb
2011-12-14 03:04:54   1798656   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2011-12-14 02:57:18   1127424   ----a-w-   C:\Windows\SysWow64\wininet.dll
2011-12-14 02:56:58   1427456   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04   2382848   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2011-12-10 15:24:08   23152   ----a-w-   C:\Windows\System32\drivers\mbam.sys
2011-12-01 08:18:06   499712   ----a-w-   C:\Windows\SysWow64\msvcp71.dll
2011-12-01 08:18:06   348160   ----a-w-   C:\Windows\SysWow64\msvcr71.dll
.
============= FINISH: 3:50:48.48 ===============
And the attach

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 01/04/2010 11:52:49
System Uptime: 27/02/2012 00:17:23 (3 hours ago)
.
Motherboard: Hewlett-Packard | | 3069
Processor: Pentium(R) Dual-Core CPU T4300 2.10GHz | CPU | 2100/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 285 GiB total, 161.411 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 2.048 GiB free.
E: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP229: 13/02/2012 18:20:55 - Installed Java(TM) 6 Update 30
RP230: 14/02/2012 07:24:16 - Installed HP Support Assistant
RP231: 14/02/2012 07:28:34 - Windows Modules Installer
RP232: 14/02/2012 07:29:44 - Windows Modules Installer
RP233: 14/02/2012 18:08:47 - HPSF Applying updates
RP234: 16/02/2012 08:35:27 - Windows Update
RP235: 16/02/2012 16:30:43 - Windows Update
RP236: 18/02/2012 16:48:22 - Windows Update
RP237: 25/02/2012 21:02:52 - Installed Java(TM) 6 Update 31
.
==== Installed Programs ======================
.
7-Zip 9.20
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.2)
Adobe Shockwave Player
Akamai NetSession Interface
Akamai NetSession Interface Service
Apple Application Support
Apple Software Update
Babylon toolbar on IE
BBC iPlayer Desktop
Bing Bar
Bing Bar Platform
Camera Access Library
Camera Support Core Library
Camera Window DS
Camera Window DVC
Camera Window MC
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window DSLR 5 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
CANON iMAGE GATEWAY Task
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon MovieEdit Task for ZoomBrowser EX
Canon PhotoRecord
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities PhotoStitch 3.1
Canon ZoomBrowser EX (E)
Compatibility Pack for the 2007 Office system
CyberLink DVD Suite
CyberLink MediaShow
CyberLink PowerDVD 8
CyberLink YouCam
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dropbox
Dudeism.com Relaxer
Easy Burner
EndNote
ERUNT 1.1j
ESET Online Scanner v3
Facemoods Toolbar
FreeMind
FYZip 1.00
GamePlayLabs Plugin
Google Chrome
Google Update Helper
Hewlett-Packard ACLM.NET v1.1.2.0
High-Definition Video Playback
HP Advisor
HP Customer Experience Enhancements
HP Games
HP Quick Launch Buttons
HP Setup
HP Support Assistant
HP Update
HP User Guides 0148
HP Wireless Assistant
Huawei modem
IDT Audio
Internet Library
ISI ResearchSoft - Export Helper
Java Auto Updater
Java(TM) 6 Update 31
Junk Mail filter update
KeePass Password Safe 1.19b
LabelPrint
LightScribe System Software
ListenArabic Toolbar
Magic Desktop
Malwarebytes Anti-Malware version 1.60.1.1000
McAfee Security Scan Plus
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Business 2010 - English
Microsoft Office Home and Student 2010
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2010
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Moozy
Move Media Player
MovieEdit Task
Mozilla Firefox 10.0.2 (x86 en-US)
MSVCRT
MSVCRT_amd64
muvee Reveal
Nero 11
Nero 11 Disc Menus Basic
Nero 11 Effects Basic
Nero 11 Image Samples
Nero 11 Kwik Themes Basic
Nero 11 PiP Effects Basic
Nero Audio Pack 1
Nero BackItUp 11
Nero BackItUp 11 Help (CHM)
Nero Burning ROM 11
Nero Burning ROM 11 Help (CHM)
Nero ControlCenter 11
Nero ControlCenter 11 Help (CHM)
Nero Core Components 11
Nero CoverDesigner 11
Nero CoverDesigner 11 Help (CHM)
Nero Express 11
Nero Express 11 Help (CHM)
Nero Kwik Media
Nero Kwik Media Help (CHM)
Nero Recode 11
Nero Recode 11 Help (CHM)
Nero RescueAgent 11
Nero RescueAgent 11 Help (CHM)
Nero SoundTrax 11
Nero SoundTrax 11 Help (CHM)
Nero Update
Nero Video 11
Nero Video 11 Help (CHM)
Nero WaveEditor 11
Nero WaveEditor 11 Help (CHM)
nero.prerequisites.msi
Norton Internet Security
Norton Online Backup
Pdf995
PhotoStitch
Power2Go
PowerDirector
PriceGong 2.5.2
QLBCASL
QuickTime
RAW Image Task 2.2
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek 8136 8168 8169 Ethernet Driver
Realtek USB 2.0 Card Reader
RealUpgrade 1.1
Recovery Manager
Safari
SecureW2 Enterprise Client 3.4.6
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition
Signature995
Skype™ 5.5
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
Veoh Giraffic Video Accelerator
Veoh Web Player
welcome
Windows iLivid Toolbar
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WOT for Internet Explorer
.
==== Event Viewer Messages From Past Week ========
.
27/02/2012 03:44:51, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.
26/02/2012 23:18:35, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
26/02/2012 23:13:58, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect.
26/02/2012 23:13:58, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
26/02/2012 06:05:24, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
26/02/2012 06:04:54, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RasMan service.
26/02/2012 00:31:37, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
26/02/2012 00:31:37, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
26/02/2012 00:27:43, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
26/02/2012 00:27:40, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Application Virtualization Client service to connect.
26/02/2012 00:27:40, Error: Service Control Manager [7000] - The Application Virtualization Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
24/02/2012 09:46:38, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
24/02/2012 04:25:31, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Browser service.
24/02/2012 04:25:31, Error: Service Control Manager [7000] - The Computer Browser service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
One thing that might be of significance is that I did not disable Norton Internet security while I was running the DDSs. If you think this will affect the result please let me know and I will do it again with the Norton disabled Download OTL to your desktop.

* Open OTL
* Copy and Paste the following text in the codebox into the Custom Scans/Fixes window.

Code: [Select]:OTL

BHO: Shopping Assistant Plugin: {1631550f-191d-4826-b069-d9439253d926} - C:\Program Files (x86)\PriceGong\2.5.2\PriceGongIE.dll
BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll
BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll
TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
mRun: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
BHO-X64: PriceGong - No File
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll
BHO-X64: Babylon toolbar helper - No File
BHO-X64: CescrtHlpr Object: {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
BHO-X64: facemoods Helper - No File
BHO-X64: Search Helper - No File
BHO-X64: URLRedirectionBHO - No File
BHO-X64: TBLA06779 - No File
TB-X64: facemoods Toolbar: {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
mRun-x64: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I

:folders
C:\Program Files (x86)\PriceGong
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar
C:\Program Files (x86)\facemoods.com\facemoods

:COMMANDS
[resethosts]
[purity]
[start explorer]

* Click Run Fix
* OTLI2 may ask to reboot the machine. Please do so if asked.
* Click OK
* A report will open. Copy and Paste that report in your next reply.
************************************************************
Download Combofix from any of the links below, and save it to your desktop.

Link 1
Link 2
Link 3

To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.

Close any open windows and double click ComboFix.exe to run it.

You will see the following image:

Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.Still problem with the script. While I was trying to talk on Skype the following appeared

A script on this page may be busy, or it may have stopped responding. You can stop the script now, or you can continue to see if the script will complete.

Script: http://mail.yimg.com/zz/combo?nq/3909/yui/yui-min.js&nq/3909/oop/oop-min.js&nq/3909/dom/dom-min.js&nq/3909/event/event-min.js&nq/3909/event-custom/event-custom-min.js&nq/3909/base/base-base-min.js&nq/3909/plugin/plugin-min.js&nq/3909/pluginhost/pluginhost-min.js&nq/3909/node/node-min.js&nq/3909/attribute/attribute-min.js&nq/3909/json/json-min.js&nq/3909/intl/intl-min.js&nq/3909/datatype/lang/datatype-date.js&nq/3909/datatype/datatype-date-min.js&nq/3909/datatype/datatype-xml-min.js&nq/3909/cookie/cookie-min.js&nq/3909/async-queue/async-queue-min.js&nq/3909/collection/array-extras-min.js&nq/3909/querystring/querystring-parse-simple-min.js&nq/3909/querystring/querystring-stringify-simple-min.js&nq/3909/loader/loader-min.js:13OTL did not ask me to reboot. This is the log. Is there something wrong? I will try to do it once again

========== OTL ==========
Error: Unable to interpret <:folders> in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.33.2 log created on 02272012_224127
I tried again. Same message. Hope is fineThat's ok. Please uninstall these programs
Babylon toolbar on IE
Facemoods Toolbar
PriceGong 2.5.2
They are malicious.
Then, please proceed with ComboFix.
Thanks. I deleted the programs you told me and run ComboFix (it took several attempts, quite some time and a reboot)

When I tried to open any of the different browsers so that I could send you the log the following message appeared

"c:\Program Files (x86) Mozilla Firefox/firefox.exe
Illegal Operation attempted on a registry item that has been marked to delete"

The same with IE and Google Chrone

Fortunately it worked OK after another reboot but I just thought I will tell you anyway

Also: while I have been trying to write this the following message appeared

"A script on this page may be busy, or it may have stopped responding. You can stop the script now, or you can continue to see if the script will complete.

Script: http://d3lvr7yuk4uaui.cloudfront.net/items/it/js/itn.js:46"

I get those messages daily sometimes several times. I am tired of them. Any suggestions as to what to do?And the Combo Fix log

ComboFix 12-02-27.02 - marina 28/02/2012 20:50:35.10.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3999.1950 [GMT 0:00]
Running from: c:\users\marina\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\boost_interprocess\20120228140443.359599
c:\programdata\boost_interprocess\20120228140443.359599\Nobu64AgentService
c:\programdata\boost_interprocess\20120228140443.359599\Nobu64TrayIcon
.
.
((((((((((((((((((((((((( Files Created from 2012-01-28 to 2012-02-28 )))))))))))))))))))))))))))))))
.
.
2012-02-28 21:18 . 2012-02-28 21:18   --------   d-----w-   c:\users\Public\AppData\Local\temp
2012-02-28 21:18 . 2012-02-28 21:18   --------   d-----w-   c:\users\Default\AppData\Local\temp
2012-02-27 22:41 . 2012-02-27 22:41   --------   d-----w-   C:\_OTL
2012-02-26 06:42 . 2012-02-26 06:42   --------   d-----w-   c:\users\marina\AppData\Roaming\SUPERAntiSpyware.com
2012-02-26 06:41 . 2012-02-26 06:44   --------   d-----w-   c:\program files\SUPERAntiSpyware
2012-02-26 06:41 . 2012-02-26 06:41   --------   d-----w-   c:\programdata\SUPERAntiSpyware.com
2012-02-25 21:17 . 2012-02-25 21:17   --------   d-----w-   c:\program files (x86)\Common Files\Java
2012-02-15 08:30 . 2012-01-04 10:44   509952   ----a-w-   c:\windows\system32\ntshrui.dll
2012-02-15 08:30 . 2012-01-04 08:58   442880   ----a-w-   c:\windows\SysWow64\ntshrui.dll
2012-02-15 08:30 . 2011-12-30 06:26   515584   ----a-w-   c:\windows\system32\timedate.cpl
2012-02-15 08:30 . 2011-12-30 05:27   478720   ----a-w-   c:\windows\SysWow64\timedate.cpl
2012-02-15 08:30 . 2012-01-14 04:06   3145728   ----a-w-   c:\windows\system32\win32k.sys
2012-02-15 08:30 . 2011-12-28 03:59   498688   ----a-w-   c:\windows\system32\drivers\afd.sys
2012-02-15 08:30 . 2011-12-16 08:46   634880   ----a-w-   c:\windows\system32\msvcrt.dll
2012-02-15 08:30 . 2011-12-16 07:52   690688   ----a-w-   c:\windows\SysWow64\msvcrt.dll
2012-02-14 07:24 . 2012-02-14 07:24   --------   d-----w-   c:\programdata\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2012-02-13 18:22 . 2012-02-25 21:15   476904   ----a-w-   c:\program files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2012-02-02 10:12 . 2012-02-02 10:12   159744   ----a-w-   c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
2012-02-02 10:08 . 2012-02-02 10:08   --------   d-----w-   c:\program files\Bonjour
2012-02-02 10:08 . 2012-02-02 10:08   --------   d-----w-   c:\program files (x86)\Bonjour
2012-02-02 02:37 . 2012-02-02 02:37   120368   ----a-w-   c:\windows\SysWow64\ezuninst.exe
2012-02-02 02:37 . 2012-02-02 02:37   117808   ----a-w-   c:\windows\SysWow64\ezshellstart.exe
2012-01-31 22:13 . 2012-02-22 20:20   --------   d-----w-   c:\users\marina\AppData\Local\WiredRed
2012-01-31 12:52 . 2012-02-01 00:44   --------   d-----w-   c:\windows\system32\drivers\NISx64\1305000.091
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-25 21:15 . 2010-05-02 11:55   472808   ----a-w-   c:\windows\SysWow64\deployJava1.dll
2012-01-31 12:52 . 2011-05-12 15:12   175736   ----a-w-   c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-01-22 21:13 . 2011-06-12 05:22   414368   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-10 15:24 . 2011-05-04 13:55   23152   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-12-01 08:18 . 2011-12-01 08:18   499712   ----a-w-   c:\windows\SysWow64\msvcp71.dll
2011-12-01 08:18 . 2011-12-01 08:18   348160   ----a-w-   c:\windows\SysWow64\msvcr71.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{F569CF08-EDF6-4FAB-8C8A-EEC184358372}"= "c:\program files (x86)\ListenArabic\ListenArabic Toolbar\tbcore3.dll" [2009-06-02 2695168]
.
[HKEY_CLASSES_ROOT\clsid\{f569cf08-edf6-4fab-8c8a-eec184358372}]
[HKEY_CLASSES_ROOT\TBLA06779.TBLA06779.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\TBLA06779.TBLA06779]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ----a-w-   c:\users\marina\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ----a-w-   c:\users\marina\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ----a-w-   c:\users\marina\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ----a-w-   c:\users\marina\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 2741616]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2010-06-30 1689144]
"VeohPlugin"="c:\program files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2011-08-25 2816328]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"Akamai NetSession Interface"="c:\users\marina\AppData\Local\Akamai\netsession_win.exe" [2012-02-02 3329824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 323640]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-09-02 60464]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-03-23 500792]
"SecureW2 Tray"="c:\program files (x86)\SecureW2\sw2_tray.exe" [2010-07-28 200584]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"NBAgent"="c:\program files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-09-20 1493288]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2011-10-12 3151000]
"TkBellExe"="c:\program files (x86)\real\realplayer\update\realsched.exe" [2011-12-01 296056]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-31 460872]
.
c:\users\marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
BBC iPlayer Desktop.lnk - [N/A]
Dropbox.lnk - c:\users\marina\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
fliptoast.lnk - c:\program files (x86)\Fliptoast\fliptoast.exe [N/A]
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE [2012-1-4 3208032]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages   REG_MULTI_SZ     kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-31 136176]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-31 136176]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys

S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys

S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1305000.091\SYMDS64.SYS

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1305000.091\SYMEFA64.SYS

S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20120215.001\BHDrvx64.sys [2012-02-07 1157240]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1305000.091\ccSetx64.sys

S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120225.004\IDSvia64.sys [2011-12-15 488568]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1305000.091\Ironx64.SYS

S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1305000.091\SYMNETS.SYS

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2010-06-30 89600]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 Giraffic;Veoh Giraffic Video Accelerator;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2012-01-22 2230416]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-31 652360]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-09-23 641832]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.5.0.145\ccSvcHst.exe [2011-11-30 138248]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-07 138360]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys

.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai   REG_MULTI_SZ     Akamai
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 11:29   451872   ----a-w-   c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-31 15:52]
.
2012-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-31 15:52]
.
2012-02-26 c:\windows\Tasks\HPCeeScheduleFormarina.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 22:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   97792   ----a-w-   c:\users\marina\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   97792   ----a-w-   c:\users\marina\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   97792   ----a-w-   c:\users\marina\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   97792   ----a-w-   c:\users\marina\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-10 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-10 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-10 365592]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-30 487424]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.alwaraq.net/Core/index.jsp?option=1
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1:9421;*.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {{F569CF08-EDF6-4FAB-8C8A-EEC184358372} - {F569CF08-EDF6-4FAB-8C8A-EEC184358372} - c:\program files (x86)\ListenArabic\ListenArabic Toolbar\tbcore3.dll
TCP: DhcpNameServer = 193.63.73.32
FF - ProfilePath - c:\users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\2y9b2iki.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.soas.ac.uk/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&SearchSource=2&q=
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.type - 4
FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Toolbar-10 - (no file)
WebBrowser-{F569CF08-EDF6-4FAB-8C8A-EEC184358372} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-Searchqu 406 MediaBar - c:\program files (x86)\Windows iLivid Toolbar\uninstall.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.5.0.145\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.5.0.145\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
Denied: (A 2) (Everyone)
="FlashBroker"
"LocalizedString"="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
Denied: (A 2) (Everyone)
="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
Denied: (A 2) (Everyone)
="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
Denied: (A 2) (Everyone)
="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Giraffic\Veoh_Giraffic.exe
c:\program files (x86)\Canon\CAL\CALMAIN.exe
.
**************************************************************************
.
Completion time: 2012-02-28 21:33:45 - machine was rebooted
ComboFix-quarantined-files.txt 2012-02-28 21:33
.
Pre-Run: 174,577,553,408 bytes free
Post-Run: 177,564,450,816 bytes free
.
- - End Of File - - FE017AF54B38363089461AA075AD570E

Solve : resource:///components/nsSessionStore.js:402?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment