Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Computer / Hotmail got hacked. Can you have a look at the results?

  • 03-04-2014 5:51pm
    #1
    Dgriff
    Registered Users, Registered Users 2 Posts: 56 ✭✭


    Hi
    Everyone in my hotmail contacts got a bogus email from me. My 24 hour online banking people told me to get my laptop "professionally" cleaned. My banking account wasn't compromised but the bank have disabled it until I clean my computer.

    I have pasted the following into this post:
    MBAM log
    super anti spyware log
    Hijack This log
    DDS.txt contents

    and I have attached the zipped attach.txt

    1. Malware Bites Anti Malware Log:

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 03/04/2014
    Scan Time: 13:53:42
    Logfile:
    Administrator: Yes

    Version: 2.00.0.1000
    Malware Database: v2014.04.03.03
    Rootkit Database: v2014.03.27.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Chameleon: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: maire

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 269021
    Time Elapsed: 15 min, 57 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Shuriken: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 3
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\AppIntegrator64.exe, 1600, Delete-on-Reboot, [06e972b38dee8caa8cd247170bf730d0]
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrchMn.exe, 3080, Delete-on-Reboot, [43ac58cdb9c28caa441ba8b6659d39c7]
    PUP.Optional.MindSpark, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe, 3092, Delete-on-Reboot, [6c83c3620e6dd16598fb236cf211649c]

    Modules: 8
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll, Delete-on-Reboot, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll, Delete-on-Reboot, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll, Delete-on-Reboot, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39hkstub.dll, Delete-on-Reboot, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39hkstub.dll, Delete-on-Reboot, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39hkstub.dll, Delete-on-Reboot, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39hkstub.dll, Delete-on-Reboot, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39hkstub.dll, Delete-on-Reboot, [c12e36ef770470c61379d08a6c961ce4],

    Registry Keys: 192
    PUP.Optional.AudioToAudioToolBar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MapsGalaxy_39Service, Quarantined, [28c7da4b0b70f2442e84e253619f817f],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{1e91a655-bb4b-4693-a05e-2edebc4c9d89}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{364ea597-e728-4ce4-bb4a-ed846ef47970}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKU\S-1-5-21-3702757108-713438533-105078165-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{364EA597-E728-4CE4-BB4A-ED846EF47970}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKU\S-1-5-21-3702757108-713438533-105078165-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{364EA597-E728-4CE4-BB4A-ED846EF47970}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4b7d0b0c-cff3-49c5-9bc3-ffabc031c822}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{a549a4f7-fa70-421c-b0f2-8f6c0b4b85a8}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{05F5414D-DCD6-4EE6-8C46-20A3F1209E0F}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4F55EE37-30D9-45D6-870F-3EEA6CB9BE9F}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{50ADA3A9-20B4-4EE0-8AFA-DE0BCAB94A25}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6818868A-1B3D-4E35-A561-FA964A96CD3B}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9193E23B-4182-493F-A38E-682307A7C463}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9D2A3081-70F2-4877-A06D-9BF697A35518}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{05F5414D-DCD6-4EE6-8C46-20A3F1209E0F}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4F55EE37-30D9-45D6-870F-3EEA6CB9BE9F}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{50ADA3A9-20B4-4EE0-8AFA-DE0BCAB94A25}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6818868A-1B3D-4E35-A561-FA964A96CD3B}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9193E23B-4182-493F-A38E-682307A7C463}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9D2A3081-70F2-4877-A06D-9BF697A35518}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{a549a4f7-fa70-421c-b0f2-8f6c0b4b85a8}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.SettingsPlugin.1, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.SettingsPlugin, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.SettingsPlugin, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.SettingsPlugin.1, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKU\S-1-5-21-3702757108-713438533-105078165-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{4B7D0B0C-CFF3-49C5-9BC3-FFABC031C822}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{4B7D0B0C-CFF3-49C5-9BC3-FFABC031C822}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MapsGalaxy_39bar Uninstall Firefox, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MapsGalaxy_39bar Uninstall Internet Explorer, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKU\S-1-5-21-3702757108-713438533-105078165-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKU\S-1-5-21-3702757108-713438533-105078165-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{33119133-0854-469d-807A-171568457991}, Quarantined, [7c73b66f2556dc5a4c9c0d342ed41be5],
    PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{13119113-0854-469d-807A-171568457991}, Quarantined, [7c73b66f2556dc5a4c9c0d342ed41be5],
    PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.SkinLauncher.1, Quarantined, [7c73b66f2556dc5a4c9c0d342ed41be5],
    PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.SkinLauncher, Quarantined, [7c73b66f2556dc5a4c9c0d342ed41be5],
    PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.SkinLauncher, Quarantined, [7c73b66f2556dc5a4c9c0d342ed41be5],
    PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.SkinLauncher.1, Quarantined, [7c73b66f2556dc5a4c9c0d342ed41be5],
    PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{03119103-0854-469d-807A-171568457991}, Quarantined, [7c73b66f2556dc5a4c9c0d342ed41be5],
    PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{23119123-0854-469D-807A-171568457991}, Quarantined, [7c73b66f2556dc5a4c9c0d342ed41be5],
    PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{23119123-0854-469D-807A-171568457991}, Quarantined, [7c73b66f2556dc5a4c9c0d342ed41be5],
    PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{03119103-0854-469d-807A-171568457991}, Quarantined, [7c73b66f2556dc5a4c9c0d342ed41be5],
    PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.SkinLauncherSettings.1, Quarantined, [7c73b66f2556dc5a4c9c0d342ed41be5],
    PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.SkinLauncherSettings, Quarantined, [7c73b66f2556dc5a4c9c0d342ed41be5],
    PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.SkinLauncherSettings, Quarantined, [7c73b66f2556dc5a4c9c0d342ed41be5],
    PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.SkinLauncherSettings.1, Quarantined, [7c73b66f2556dc5a4c9c0d342ed41be5],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{71c1d63a-c944-428a-a5bd-ba513190e5d2}, Quarantined, [cd22b570ef8c2b0b3c2a9f6b49b9b050],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{71C1D63A-C944-428A-A5BD-BA513190E5D2}, Quarantined, [cd22b570ef8c2b0b3c2a9f6b49b9b050],
    PUP.Optional.MindSpark.A, HKU\S-1-5-21-3702757108-713438533-105078165-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{71C1D63A-C944-428A-A5BD-BA513190E5D2}, Quarantined, [cd22b570ef8c2b0b3c2a9f6b49b9b050],
    PUP.Optional.MindSpark.A, HKU\S-1-5-21-3702757108-713438533-105078165-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{71C1D63A-C944-428A-A5BD-BA513190E5D2}, Quarantined, [cd22b570ef8c2b0b3c2a9f6b49b9b050],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4369f96e-4071-43e7-8fd2-4d8f96918ef3}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{69d0bac4-a1b1-45ce-944f-9eeb1479f059}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{269D72FF-8629-4DB6-AB4F-86AA3A92F8A9}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{797657A7-D3C7-4D7C-98E3-D0324DDFC4BA}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F8B71C28-069E-406D-8D61-4461B464E37F}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{269D72FF-8629-4DB6-AB4F-86AA3A92F8A9}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{797657A7-D3C7-4D7C-98E3-D0324DDFC4BA}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F8B71C28-069E-406D-8D61-4461B464E37F}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{69d0bac4-a1b1-45ce-944f-9eeb1479f059}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.ToolbarProtector.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.ToolbarProtector, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.ToolbarProtector, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.ToolbarProtector.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4f28fa5f-7d15-4753-b4fc-d548a0f02bfb}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{0396d01a-1323-4a15-bd0c-1bc7510f46c6}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A8168AFE-9F36-49DE-A80A-00D19FB50207}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B82A91D3-2A13-4BF6-981B-7D9ED152CCED}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B9D4AA93-F4C6-480B-8C06-0811F2446943}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A8168AFE-9F36-49DE-A80A-00D19FB50207}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B82A91D3-2A13-4BF6-981B-7D9ED152CCED}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B9D4AA93-F4C6-480B-8C06-0811F2446943}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{0396d01a-1323-4a15-bd0c-1bc7510f46c6}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{f3477e9d-d2f6-49f0-9b23-854d7958d07e}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{bf78452b-f168-4310-9ec0-4b9b66b845f0}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7A739956-FB82-4379-AF60-E38C48226AA7}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7A739956-FB82-4379-AF60-E38C48226AA7}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{bf78452b-f168-4310-9ec0-4b9b66b845f0}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{a083c35d-61a9-4625-bbb6-fb54e71b8527}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.DynamicBarButton.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.DynamicBarButton, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.DynamicBarButton, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.DynamicBarButton.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{c4a25b73-8ef5-4282-9d21-c8920dd577a1}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{15106ae4-6bdf-443e-80b0-3e38b59d26ec}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9EF88362-131D-48B0-8969-CCC96F897AB8}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EF8C6146-8009-4A3F-8CA3-9E932B017099}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9EF88362-131D-48B0-8969-CCC96F897AB8}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EF8C6146-8009-4A3F-8CA3-9E932B017099}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{15106ae4-6bdf-443e-80b0-3e38b59d26ec}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.FeedManager.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.FeedManager, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.FeedManager, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.FeedManager.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.HTMLMenu.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.HTMLMenu, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.HTMLMenu, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.HTMLMenu.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5e1bdcf6-dd5f-4dd3-8783-b1454aef1830}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{d833690c-6e56-46c2-a19f-cf5fd81c9c9a}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{200F1306-1316-473B-90CE-A777144BBDF5}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E26AE37-A628-496E-B410-5D432F38BD1A}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{200F1306-1316-473B-90CE-A777144BBDF5}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4E26AE37-A628-496E-B410-5D432F38BD1A}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{d833690c-6e56-46c2-a19f-cf5fd81c9c9a}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{cae88e60-cea5-4fcb-b611-54ea6305d8ab}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.MultipleButton.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.MultipleButton, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.MultipleButton, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.MultipleButton.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{1796ec91-d094-4a5f-b681-e16015d1ceac}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{3141fb47-2f0f-417d-a6fe-7047c5d2bbb4}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{16C7BB64-AC8D-4863-92ED-799D20F001DA}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AE0F4663-EAE3-437F-BE60-9EC9B745DBFA}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{BAD750C1-F04B-42E6-847F-4F4BA8A7EDE1}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{16C7BB64-AC8D-4863-92ED-799D20F001DA}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AE0F4663-EAE3-437F-BE60-9EC9B745DBFA}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BAD750C1-F04B-42E6-847F-4F4BA8A7EDE1}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{3141fb47-2f0f-417d-a6fe-7047c5d2bbb4}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.XMLSessionPlugin.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.XMLSessionPlugin, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.XMLSessionPlugin, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.XMLSessionPlugin.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{1796EC91-D094-4A5F-B681-E16015D1CEAC}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{37ed966d-4d0e-4d66-9633-bea542c92860}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{87792411-b73a-435e-86f3-ae633a690e84}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E2DAE1A4-09EE-4209-AD3B-1C96330EDCEF}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E2DAE1A4-09EE-4209-AD3B-1C96330EDCEF}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{87792411-b73a-435e-86f3-ae633a690e84}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.RadioSettings.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.RadioSettings, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.RadioSettings, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.RadioSettings.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7d4dfaf7-f2ce-4c91-91a4-514c9612914d}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.Radio.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.Radio, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.Radio, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.Radio.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{db1384d8-1bda-4c8d-a743-e9ca671feb00}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.ScriptButton.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.ScriptButton, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.ScriptButton, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.ScriptButton.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{1241cebd-9777-4bc6-aae5-2a77e25db246}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{64fbf8b6-c770-401a-8b84-f630edaf4448}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0D8734DB-7110-4CDB-833F-52BC93865AB2}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{41AE59EF-88EE-450B-B60A-F153679E6EE8}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4AEF0F25-D761-4EAA-AEB7-9E756C6BF11E}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{902E7D34-D421-4766-8191-15A1B52D0BA2}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0D8734DB-7110-4CDB-833F-52BC93865AB2}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{41AE59EF-88EE-450B-B60A-F153679E6EE8}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4AEF0F25-D761-4EAA-AEB7-9E756C6BF11E}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{902E7D34-D421-4766-8191-15A1B52D0BA2}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{64fbf8b6-c770-401a-8b84-f630edaf4448}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1241CEBD-9777-4BC6-AAE5-2A77E25DB246}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{173a5778-34bf-48a2-8a5e-6963ce922fed}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.PseudoTransparentPlugin.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.PseudoTransparentPlugin, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.PseudoTransparentPlugin, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.PseudoTransparentPlugin.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{173A5778-34BF-48A2-8A5E-6963CE922FED}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{9b58a6ce-b337-43d5-9c2f-8c6d92fba094}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{e045df14-bf1d-405c-a37b-a75c1551ad17}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{f9b90065-cd7a-4439-b311-b292299182a9}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{47A124BA-A6E2-4ED4-AA6F-84FF29E4D7DC}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{DE4CC811-10B7-41F0-AB0E-EC2CFC91A8AD}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{47A124BA-A6E2-4ED4-AA6F-84FF29E4D7DC}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{DE4CC811-10B7-41F0-AB0E-EC2CFC91A8AD}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{f9b90065-cd7a-4439-b311-b292299182a9}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.ThirdPartyInstaller.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.ThirdPartyInstaller, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.ThirdPartyInstaller, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.ThirdPartyInstaller.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{E045DF14-BF1D-405C-A37B-A75C1551AD17}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{b70e008c-967b-4104-bc7b-6f7c77dbc38d}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.UrlAlertButton.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.UrlAlertButton, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.UrlAlertButton, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.UrlAlertButton.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{a35ff019-6dbe-4044-b080-6f3fa78a947f}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{8feeda9e-8f71-45df-a797-468226d1d35b}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C285FFF4-DE32-402D-B8FD-6F34F1D5920C}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{CDDB17CD-7A6B-4887-8EE6-68A43F532197}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C285FFF4-DE32-402D-B8FD-6F34F1D5920C}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{CDDB17CD-7A6B-4887-8EE6-68A43F532197}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8feeda9e-8f71-45df-a797-468226d1d35b}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.HTMLPanel.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.HTMLPanel, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.HTMLPanel, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.HTMLPanel.1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKU\S-1-5-21-3702757108-713438533-105078165-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A35FF019-6DBE-4044-B080-6F3FA78A947F}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A35FF019-6DBE-4044-B080-6F3FA78A947F}, Quarantined, [c12e36ef770470c61379d08a6c961ce4],

    Registry Values: 7
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{364EA597-E728-4CE4-BB4A-ED846EF47970}, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.MindSpark.A, HKU\S-1-5-21-3702757108-713438533-105078165-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{26842a09-ffa8-4e2c-ae12-0c80f01c3295}, Quarantined, [36b92ff63645c175b1b1b951a1611be5],
    PUP.Optional.MindSpark.A, HKU\S-1-5-21-3702757108-713438533-105078165-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{26842A09-FFA8-4E2C-AE12-0C80F01C3295}, Quarantined, [36b92ff63645c175b1b1b951a1611be5],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{364ea597-e728-4ce4-bb4a-ed846ef47970}, Quarantined, [d81738ed671492a4e2819d6d5ca67e82],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MapsGalaxy Home Page Guard 64 bit, "C:\PROGRA~2\MAPSGA~2\bar\1.bin\AppIntegrator64.exe", Quarantined, [06e972b38dee8caa8cd247170bf730d0]
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MapsGalaxy Search Scope Monitor, "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h, Quarantined, [43ac58cdb9c28caa441ba8b6659d39c7]
    PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MapsGalaxy_39 Browser Plugin Loader, C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe, Quarantined, [6c83c3620e6dd16598fb236cf211649c]

    Registry Data: 1
    PUP.Optional.AskWebSearch, HKU\S-1-5-21-3702757108-713438533-105078165-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://home.tb.ask.com/index.jhtml?n=77DE8857&p2=^UX^xdm004^YYA^ie&ptb=AB5D138A-CC30-4F07-949D-B2014E3DF0AB&si=CIbC3L643LgCFUeV4Qod-lwAdA, Good: (http://www.google.com), Bad: (http://home.tb.ask.com/index.jhtml?n=77DE8857&p2=^UX^xdm004^YYA^ie&ptb=AB5D138A-CC30-4F07-949D-B2014E3DF0AB&si=CIbC3L643LgCFUeV4Qod-lwAdA),Replaced,[539c58cd92e9dd59faf5d140669e8a76]

    Folders: 9
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39, Delete-on-Reboot, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar, Delete-on-Reboot, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin, Delete-on-Reboot, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\chrome, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\ThirdPartyInstallers, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\gen1, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\IE9Mesg, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\Message, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\Settings, Quarantined, [c12e36ef770470c61379d08a6c961ce4],

    Files: 57
    PUP.Optional.AudioToAudioToolBar.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39barsvc.exe, Delete-on-Reboot, [28c7da4b0b70f2442e84e253619f817f],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll, Quarantined, [cb24d550a3d8ff3776ebeb1feb1750b0],
    PUP.Optional.FunWebProducts.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39sknlcr.dll, Quarantined, [7c73b66f2556dc5a4c9c0d342ed41be5],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll, Quarantined, [cd22b570ef8c2b0b3c2a9f6b49b9b050],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\AppIntegrator64.exe, Delete-on-Reboot, [06e972b38dee8caa8cd247170bf730d0],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrchMn.exe, Delete-on-Reboot, [43ac58cdb9c28caa441ba8b6659d39c7],
    PUP.Optional.MindSpark, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe, Delete-on-Reboot, [6c83c3620e6dd16598fb236cf211649c],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39auxstb.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bprtct.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll, Delete-on-Reboot, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39datact.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dlghk.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dyn.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39feedmg.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39highin.exe, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39hkstub.dll, Delete-on-Reboot, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39htmlmu.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39httpct.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39idle.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39ieovr.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39impipe.exe, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39medint.exe, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39mlbtn.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39msg.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39Plugin.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39radio.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regfft.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39reghk.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regiet.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39script.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skin.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skplay.exe, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39tpinst.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39uabtn.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\AppIntegratorStub64.dll, Delete-on-Reboot, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\BOOTSTRAP.JS, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\CHROME.MANIFEST, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\CREXT.DLL, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\CrExtP39.exe, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\DPNMNGR.DLL, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\EXEMANAGER.DLL, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\Hpg64.dll, Delete-on-Reboot, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\INSTALL.RDF, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\installKeys.js, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\LOGO.BMP, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\NP39Stub.dll, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\T8EXTEX.DLL, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\T8EXTPEX.DLL, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\T8HTML.DLL, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\T8RES.DLL, Delete-on-Reboot, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\T8TICKER.DLL, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\VERIFY.DLL, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\chrome\39ffxtbr.jar, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\gen1\COMMON.T8S, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\IE9Mesg\COMMON.T8S, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\Message\COMMON.T8S, Quarantined, [c12e36ef770470c61379d08a6c961ce4],
    PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\Settings\s_pid.dat, Quarantined, [c12e36ef770470c61379d08a6c961ce4],

    Physical Sectors: 0
    (No malicious items detected)


    (end)


    2. Super Anti Spyware Log:
    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 04/03/2014 at 06:07 PM

    Application Version : 5.7.1018

    Core Rules Database Version : 11141
    Trace Rules Database Version: 8953

    Scan type : Complete Scan
    Total Scan Time : 01:37:21

    Operating System Information
    Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 578
    Memory threats detected : 0
    Registry items scanned : 69886
    Registry threats detected : 0
    File items scanned : 97771
    File threats detected : 178

    Adware.Tracking Cookie
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\QBK51KM4.txt [ /insightexpressai.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\H2D7EL0C.txt [ /serving-sys.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\OLVFC8C7.txt [ /advertising.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\SQAV0XLZ.txt [ /atdmt.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\9GVD3MOO.txt [ /www.revenue.ie ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\3ADVOWFP.txt [ /adtech.de ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\QCRRPZO8.txt [ /weborama.fr ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\EH36T0HU.txt [ /media6degrees.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\U2ZXQHIT.txt [ /ads.p161.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\A5TP5OYN.txt [ /doubleclick.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\R6U6A2Y2.txt [ /ru4.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\F5I85XOZ.txt [ /lucidmedia.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\CPLDBWP0.txt [ /makinmediamobile.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\3RS5A8S2.txt [ /track.adform.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\PF19PJXW.txt [ /bs.serving-sys.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\CUQZNT7V.txt [ /c.atdmt.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\OZD3X744.txt [ /ads.yahoo.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\DVF9XH5W.txt [ /ads.creative-serving.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\COYHBB3F.txt [ /casalemedia.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\09QGH100.txt [ /insightexpressai.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\26G1IXS3.txt [ /c1.adform.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\IQSQA7CL.txt [ /revsci.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\2NQPJIA3.txt [ /ihg.db.advertising.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\RYVN7CXU.txt [ /stat.dealtime.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q48J353X.txt [ /serving-sys.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\NB5Z9XFE.txt [ /fastclick.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\5YHG0LLR.txt [ /2o7.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\AQSNF80L.txt [ /xiti.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\IBNU2ZHT.txt [ /interclick.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z7QUGI67.txt [ /in.getclicky.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\0NIR15R6.txt [ /advertising.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\56N2ZJYR.txt [ /ads.pubmatic.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\SMD4TBG6.txt [ /c1.atdmt.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\OTBA76H7.txt [ /smartadserver.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y679YEZJ.txt [ /ad.yieldmanager.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\40WYURVM.txt [ /legolas-media.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\TD9RBWD8.txt [ /atdmt.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\BI9W4KI3.txt [ /mediaforge.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\6AKULZIY.txt [ /amazon-adsystem.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\8A2I0T4G.txt [ /accounts.google.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\UP99SDSR.txt [ /stats.paypal.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\J7LFPCW7.txt [ /ad.360yield.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\K0OT5MTR.txt [ /elitesingles.ie ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\YGVSWC7J.txt [ /statcounter.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\XW80O1D2.txt [ /ads.betweendigital.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\2PZV8AJA.txt [ /www.adverts.ie ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\NIH7Y49A.txt [ /account.live.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\QBFHU2TZ.txt [ /ihg2.db.advertising.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\62O67LB8.txt [ /ads.ad4game.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\N3ANAWKD.txt [ /aerlingus.122.2o7.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\UWRIOA32.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\MCHV5IA5.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\SCY7MU1L.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\7LM9UBSV.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\31I4MDAG.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\20QH7XVB.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\OBQZP7FQ.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\0FYZ2JPJ.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\PVIRV7FM.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\DGMVNEMX.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\0R86J3XN.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\D0O0X9SI.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\RLMB55Y6.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\ARDD0ML8.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\E1I9TT6B.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y9KHXKE7.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\DIMDYF4G.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\281NPC9G.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\XK412AJD.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\4TXKOXWG.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\IX7K0MW8.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\6HVZRAMG.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\RIFPI8A1.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\FBYAOZ74.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\4O9EQY0H.txt [ /www.googleadservices.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\4CQ1WQVL.txt [ /rsa.122.2o7.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\T08LW70R.txt [ /clickfuse.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\YGS4KL05.txt [ /theadnetwork.com.au ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\G1BZWUKL.txt [ /www.dealtime.co.uk ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\RAO3U1VG.txt [ /www.skyscanner.ie ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\P1LN98LI.txt [ /realmedia.co.kr ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\DLCIMN0Q.txt [ /tribalfusion.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\MJ0IWTSV.txt [ /mediaplex.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\S91CB6QQ.txt [ /server.adformdsp.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\K9F1I9XS.txt [ /adtech.de ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\HAWZXYBW.txt [ /tradedoubler.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\TE3L6NFK.txt [ /liveperson.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\MA5GYKX8.txt [ /at.atwola.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\W3IHI5LF.txt [ /media6degrees.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\HGQF8ICD.txt [ /adformdsp.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\09J87WM3.txt [ /estat.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\YCAA13OT.txt [ /burstnet.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\1Z1L26CE.txt [ /apmebf.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\6HV0C1EM.txt [ /ads.undertone.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\QI0MTZ62.txt [ /h.atdmt.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\GH1OHKJK.txt [ /dealtime.co.uk ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\3OG5AMTS.txt [ /ads.p161.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\VIOKAN8Y.txt [ /traveladvertising.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\XDWBLFWL.txt [ /doubleclick.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\8ZWRD0SM.txt [ /ru4.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\LPCOPHTV.txt [ /imrworldwide.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\YSPFAQAG.txt [ /ar.atwola.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\BIP12WF7.txt [ /lucidmedia.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\K4HRH0OL.txt [ /ads.odeon.co.uk ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\I5D20BBB.txt [ /solvemedia.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q6OW8VPK.txt [ /adfarm1.adition.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\HNL3YZET.txt [ /aib.112.2o7.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZB0ZS4YV.txt [ /lego.112.2o7.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\VTK3TME9.txt [ /collective-media.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\D6ZETGXB.txt [ /liveperson.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\OH2KAGIK.txt [ /atrack.art.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\PHXD58OM.txt [ /liveperson.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\ICYPY75R.txt [ /track.adform.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\OV40LP6I.txt [ /atwola.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\JDXRYF7K.txt [ /ad3.adfarm1.adition.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\OS9LZH8O.txt [ /c.atdmt.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\9LXVD429.txt [ /skyscanner.ie ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\V1RON30Q.txt [ /atrack.allposters.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\UQ9XXZK9.txt [ /uk.at.atwola.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\OKVKHRIS.txt [ /adverts.ie ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\1PSK300Z.txt [ /ads.yahoo.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\NNIWTO72.txt [ /dating.elitesingles.ie ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\EFJGP5PC.txt [ /tacoda.at.atwola.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\10SMPT9C.txt [ /casalemedia.com ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\NPC6IQOV.txt [ /adform.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\BR3EKWQA.txt [ /media.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\MQWE1TBL.txt [ /liveperson.net ]
    C:\Users\maire\AppData\Roaming\Microsoft\Windows\Cookies\Low\039MN9TJ.txt [ /adtechus.com ]
    .doubleclick.net [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .makinmediamobile.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .oracle.112.2o7.net [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaforge.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .dublinsightseeing.ie [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .dublinsightseeing.ie [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .traveladvertising.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaforge.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaforge.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .2o7.net [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .apmebf.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaplex.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .aib.112.2o7.net [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .stats.paypal.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaplex.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .c1.atdmt.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .c1.atdmt.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .h.atdmt.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .h.atdmt.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .h.atdmt.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .h.atdmt.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .aerlingus.122.2o7.net [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .smartadserver.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .smartadserver.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .smartadserver.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adtech.de [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaplex.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .makinmediamobile.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .makinmediamobile.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .makinmediamobile.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    makinmediamobile.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ru4.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ru4.com [ C:\USERS\MAIRE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]


    3. HiJackThis Log:

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 18:24:51, on 03/04/2014
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v11.0 (11.00.9600.16521)


    Boot mode: Normal

    Running processes:
    C:\Windows\Philips\SPC610NC\Monitor.exe
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
    C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Users\maire\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPALL/27
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP


Comments

  • #2
    jsa112
    Registered Users, Registered Users 2 Posts: 840 ✭✭✭jsa112


    logs are clean

    chances are you got phished, nothing you can do but change your passwords


  • #3
    col.in.Cr
    Closed Accounts Posts: 511 ✭✭✭col.in.Cr


    Was it AIB by any chance? What virus did they say it was?


Advertisement