Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox is rederecting to ask.com , search-result.com etc.


  • Please log in to reply
7 replies to this topic

#1 emboars

emboars

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 25 February 2011 - 09:30 AM

Im using windows vista and moilla firefox 3.6.13.recently when i search something it automatically redect to ask.com and something like qbyrd.com , search-result.com etc. i tried the things like "about:config" but no luck any help you can give .it is annoying.
please help.

thank you.

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:29 PM

Posted 25 February 2011 - 09:44 AM

Hello,

And welcome to BleepingComputer.com, before we can assist you with your question of: Am I infected? You will need to perform the following tasks and post the logs of each if you can.

Malwarebytes Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.


SUPERAntiSpyware:

Please download and scan with SUPERAntiSpyware Free

  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen and exit the program.
  • Do not run a scan just yet.
Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Scan with SUPERAntiSpyware as follows:
  • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.

Instructions:

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now GMER

GMER does not work in 64bit Mode!!!!!!

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.



#3 emboars

emboars
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 25 February 2011 - 10:50 AM

do i need to do all 3 above or just 1? im doing the first one and still scanning and 27 infected till now

Edited by emboars, 25 February 2011 - 10:52 AM.


#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:29 PM

Posted 25 February 2011 - 02:39 PM

Do all of them, and post the logs.

#5 emboars

emboars
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 26 February 2011 - 01:16 AM

this is the results of MBAM.yesterday i scanned part of the system and found 27 infected and removed.today did a full scan and found 5 and removed here are the 2 logs.doing the second program.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5875

Windows 6.0.6000
Internet Explorer 8.0.6001.18702

2/25/2011 10:42:01 PM
mbam-log-2011-02-25 (22-42-01).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)
Objects scanned: 235151
Time elapsed: 2 hour(s), 18 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 27
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{39fc2065-c9c7-49cd-8942-44cc2dedc844} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{b360243e-09e8-402f-8721-00b6798089ad} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4B66E1DF-4DE3-4CDA-83B5-11673EADAB0B} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WinInetApp.WinInet.1 (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WinInetApp.WinInet (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{39FC2065-C9C7-49CD-8942-44CC2DEDC844} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{39FC2065-C9C7-49CD-8942-44CC2DEDC844} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\User\documents\my downloads\auslogics.registry.defrag.v5.5.20.515.incl.keygen-noy\auslogics.registry.defrag.v5.5.20.515.incl.keygen-noy\auslogics.registry.defrag.v5.5.20.515.incl.keygen-noy\ny003101\Setup\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\User\documents\downloads\compressed\fk.all.reporter.crk.asc-ii_2\SKIDROW\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\program files\windows live\messenger\msimg32.dll (PUP.FunWebProducts) -> Not selected for removal.
c:\program files\windows live\messenger\riched20.dll (PUP.FunWebProducts) -> Not selected for removal.
c:\program files\relevantknowledge\rlls.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.

------------------------------------
2nd log

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5875

Windows 6.0.6000
Internet Explorer 8.0.6001.18702

2/26/2011 11:37:26 AM
mbam-log-2011-02-26 (11-37-26).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)
Objects scanned: 490927
Time elapsed: 2 hour(s), 47 minute(s), 13 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 8
Registry Values Infected: 2
Registry Data Items Infected: 3
Folders Infected: 17
Files Infected: 13

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\Control Panel\don't load\scui.cpl (Hijack.SecurityCenter) -> Value: scui.cpl -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\don't load\wscui.cpl (Hijack.SecurityCenter) -> Value: wscui.cpl -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
c:\program files\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr\2.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr\3.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr\4.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr\5.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr\6.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr\7.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.

Files Infected:
c:\program files\windows live\messenger\msimg32.dll (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\program files\windows live\messenger\riched20.dll (PUP.FunWebProducts) -> Quarantined and deleted successfully.
d:\documents and settings\User\local settings\Temp\htmlcontrol.dll (Trojan.Agent) -> Quarantined and deleted successfully.
d:\program files\puppy stylin'\uninstall.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
e:\photoshop cs2\CRACK\keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
e:\to be copied\Desktop\desk\pen\vista_activation.exe (Worm.VB) -> Quarantined and deleted successfully.
f:\new folder\vista_activation.exe (Worm.VB) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rloci.bin (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\about relevantknowledge.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\privacy policy and user license agreement.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\Support.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\uninstall instructions.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.

#6 emboars

emboars
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 26 February 2011 - 05:11 AM

sas log

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 02/26/2011 at 02:33 PM

Application Version : 4.49.1000

Core Rules Database Version : 6488
Trace Rules Database Version: 4300

Scan type : Complete Scan
Total Scan Time : 02:16:48

Memory items scanned : 301
Memory threats detected : 0
Registry items scanned : 12261
Registry threats detected : 16
File items scanned : 285631
File threats detected : 572

Adware.Tracking Cookie
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@legolas-media[2].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@mediafire[1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@invitemedia[2].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@www.w-advertise[1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@www.3dstats[1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@adxpose[1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@ads.bettertheworld[1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@collective-media[1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@tacoda[2].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@dmtracker[1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@user.lucidmedia[1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@s04.flagcounter[1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@countrywatch[2].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@chitika[2].txt
.adbrite.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.doubleclick.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.apmebf.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adsrevenue.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adsrevenue.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adsrevenue.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adsrevenue.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adsrevenue.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adsrevenue.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.statcounter.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.gostats.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.gostats.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.server.cpmstar.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.server.cpmstar.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
counter.w3open.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.divx.112.2o7.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.havamedia.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.havamedia.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.www.burstnet.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.burstnet.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.havamedia.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.havamedia.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.burstnet.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
www.burstnet.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.kontera.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.bs.serving-sys.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ehg-linksys.hitbox.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.hitbox.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.hitbox.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.simplymedia.tv [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adtech.de [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.warez-bb.org [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
www.warez-bb.org [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
statse.webtrendslive.com [ C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
acvs.mediaonenetwork.net [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
bc.youporn.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
cdn.insights.gravity.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
cdn4.specificclick.net [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
cdn5.specificclick.net [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
content.oddcast.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
ds.serving-sys.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
googleads.g.doubleclick.net [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
ia.media-imdb.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
input.insights.gravity.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
m1.2mdn.net [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
macromedia.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
media.easy2.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
media.filb.de [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
media.ign.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
media.mtvnservices.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
media.nintendo.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
media.scanscout.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
media1.break.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
media1.clubpenguin.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
media1.gameinformer.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
naiadsystems.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
objects.tremormedia.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
oddcast.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
piximedia.fr [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
rarefilmfinder.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
s0.2mdn.net [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
s1.media.howtospendit.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
secure-us.imrworldwide.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
vidii.hardsextube.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
widget.adnet.vn [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
www.mofosex.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
www.pornhub.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
www.porntube.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
www.youngporn.net [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
wwwstatic.megaporn.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PS4LESX5 ]
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@ads.cnn[1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@ads.gamesbannernet[2].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@amlocalhost.trymedia[2].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@atdmt[1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@clicksor[1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@counter.w3open[1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@forum.usenext[2].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@iacas.adbureau[1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@mywebsearch[1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@mywebsearch[2].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@stats.gamestop[2].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@warez-bb[1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@www.warez-bb[2].txt
.doubleclick.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
static.freewebs.getclicky.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.revsci.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.revsci.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.revsci.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.lfstmedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.specificclick.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.specificclick.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.e-2dj6wjkoqgdzcgq.stats.esomniture.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.chitika.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.friendfinder.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.friendfinder.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.friendfinder.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.friendfinder.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.friendfinder.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.friendfinder.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.friendfinder.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.adbrite.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.adbrite.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.adbrite.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.clicksor.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.clicksor.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.clicksor.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.myroitracking.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.adbrite.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.clicksor.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.clicksor.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.trafficrevenue.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.adbrite.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.zedo.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.zedo.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.burstnet.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.burstnet.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.yadro.ru [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.mediafire.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.mediafire.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.mediafire.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.havamedia.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.harrenmedianetwork.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.fastclick.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.fastclick.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.fastclick.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.adfarm1.adition.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
ad3.adfarm1.adition.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.collective-media.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.collective-media.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.adtech.de [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.tribalfusion.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.apmebf.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.fastclick.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.atdmt.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.atdmt.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.advertising.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.advertising.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.advertising.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.advertising.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.weborama.fr [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.weborama.fr [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.weborama.fr [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.imrworldwide.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.imrworldwide.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.metacafe.122.2o7.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.statcounter.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
optimize.indieclick.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.findmysoft.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.findmysoft.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.zedo.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.eyewonder.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.eyewonder.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.eyewonder.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.revsci.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
uk.sitestat.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
uk.sitestat.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.mediaplex.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.clickbank.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.dmtracker.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.revsci.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.e-2dj6wjnycicpsdo.stats.esomniture.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
counter.liverotator.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.paypal.112.2o7.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.revsci.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.at.atwola.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.at.atwola.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.advertising.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.advertising.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.fastclick.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
gotacha.rotator.hadj7.adjuggler.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.e-2dj6wjnysoajsfp.stats.esomniture.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.kontera.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.microsoftsto.112.2o7.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.e-2dj6wnmygpdpocq.stats.esomniture.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.e-2dj6wflowjajoao.stats.esomniture.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.bwired.122.2o7.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.mediaplex.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.2o7.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.advertising.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.yieldmanager.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
ads2.mixrmedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.interclick.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.interclick.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
ie-stat.bmmetrix.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
ie-stat.bmmetrix.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.shinystat.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.shinystat.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.2o7.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.2o7.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.pointroll.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.pointroll.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.e-2dj6wjlowkdziep.stats.esomniture.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.ru4.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.statcounter.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.web-stat.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.web-stat.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.web-stat.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.atdmt.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.atdmt.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.mediabrandsww.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.adecn.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
us.sitestat.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
us.sitestat.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.pro-market.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.pro-market.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.revsci.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.tribalfusion.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.tribalfusion.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.tribalfusion.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.tribalfusion.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.tribalfusion.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.legolas-media.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.legolas-media.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.legolas-media.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.linksynergy.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.linksynergy.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.linksynergy.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.walmart.112.2o7.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.hearstugo.112.2o7.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.2o7.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
uk.sitestat.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.bizrate.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.bizrate.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.bizrate.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.bizrate.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.bizrate.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.linksynergy.walmart.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.linksynergy.walmart.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.linksynergy.walmart.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
www6.addfreestats.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
in.getclicky.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
wstat.wibiya.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
adserver.twitpic.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.revsci.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.adserver.adtechus.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.liveperson.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
www.3dstats.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.liveperson.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.adserver.adtechus.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.game-advertising-online.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
login.tracking101.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.mediaplex.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.e-2dj6wnlysmajcbo.stats.esomniture.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
s07.flagcounter.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.warnerbros.112.2o7.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
media.ds.ign.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
media.ds.ign.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
media.ds.ign.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.www.burstnet.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.lgelectronics.122.2o7.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
stat.dealtime.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.revsci.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.revsci.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.collective-media.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
click.mediadome.ru [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.zedo.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
stats.rustedlogic.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
ad2.adfarm1.adition.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.timeinc.122.2o7.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.revsci.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.technoratimedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.technoratimedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.technoratimedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.technoratimedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.revsci.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.toplist.sk [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
cperspective.rotator.hadj7.adjuggler.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
dawn16939.eliteweightloss.package.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.dawn16939.eliteweightloss.package.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.dawn16939.eliteweightloss.package.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.technoratimedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.technoratimedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.smartadserver.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.smartadserver.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.smartadserver.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.smartadserver.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.xiti.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
uk.sitestat.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.legolas-media.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.eaeacom.112.2o7.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
statse.webtrendslive.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.qnsr.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
www.qsstats.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
www.warez-bb.org [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.warez-bb.org [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.warez-bb.org [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.interclick.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.adbrite.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.adbrite.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.adxpose.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.smartadserver.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.adbrite.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.revsci.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.collective-media.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.collective-media.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
counters.gigya.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
www.burstnet.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.revsci.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.revsci.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
.revsci.net [ C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9x8398hp.default\cookies.sqlite ]
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\user@atdmt[2].txt
www.warez-bb.org [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.warez-bb.org [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.warez-bb.org [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.warez-bb.org [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.fastclick.net [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.fastclick.net [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.fastclick.net [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.fastclick.net [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.doubleclick.net [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.atdmt.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.atdmt.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.downloadwarez.org [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.downloadwarez.org [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.downloadwarez.org [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
downloadwarez.org [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
downloadwarez.org [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
www.downloadwarez.org [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
www.downloadwarez.org [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.warez-bb.org [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.myroitracking.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.clicksor.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.clicksor.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.doubleclick.net [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.statcounter.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
.doubleclick.net [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\8azli1d7.default\cookies.sqlite ]
googleads.g.doubleclick.net [ D:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\GCT2EZRW ]
interclick.com [ D:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\GCT2EZRW ]
media.scanscout.com [ D:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\GCT2EZRW ]
D:\Documents and Settings\User\Cookies\user@247realmedia[1].txt
D:\Documents and Settings\User\Cookies\user@2o7[2].txt
D:\Documents and Settings\User\Cookies\user@a1.interclick[1].txt
D:\Documents and Settings\User\Cookies\user@ad.ad-srv[2].txt
D:\Documents and Settings\User\Cookies\user@ad.associatedcontent[1].txt
D:\Documents and Settings\User\Cookies\user@ad.yieldmanager[2].txt
D:\Documents and Settings\User\Cookies\user@ad.yieldmanager[3].txt
D:\Documents and Settings\User\Cookies\user@ad.yieldmanager[4].txt
D:\Documents and Settings\User\Cookies\user@ad.yieldmanager[5].txt
D:\Documents and Settings\User\Cookies\user@adbrite[2].txt
D:\Documents and Settings\User\Cookies\user@adinterax[1].txt
D:\Documents and Settings\User\Cookies\user@adrevolver[2].txt
D:\Documents and Settings\User\Cookies\user@ads.associatedcontent[1].txt
D:\Documents and Settings\User\Cookies\user@ads.pointroll[1].txt
D:\Documents and Settings\User\Cookies\user@ads.telegraph.co[1].txt
D:\Documents and Settings\User\Cookies\user@ads.telegraph.co[2].txt
D:\Documents and Settings\User\Cookies\user@adserver.adreactor[1].txt
D:\Documents and Settings\User\Cookies\user@adstat.4u[1].txt
D:\Documents and Settings\User\Cookies\user@adtech[1].txt
D:\Documents and Settings\User\Cookies\user@advertising[1].txt
D:\Documents and Settings\User\Cookies\user@adviva[1].txt
D:\Documents and Settings\User\Cookies\user@apmebf[2].txt
D:\Documents and Settings\User\Cookies\user@associatedcontent.112.2o7[1].txt
D:\Documents and Settings\User\Cookies\user@at.atwola[2].txt
D:\Documents and Settings\User\Cookies\user@atdmt[2].txt
D:\Documents and Settings\User\Cookies\user@bs.serving-sys[1].txt
D:\Documents and Settings\User\Cookies\user@burstnet[2].txt
D:\Documents and Settings\User\Cookies\user@c7.zedo[2].txt
D:\Documents and Settings\User\Cookies\user@casalemedia[2].txt
D:\Documents and Settings\User\Cookies\user@cdn5.specificclick[2].txt
D:\Documents and Settings\User\Cookies\user@cgm.adbureau[2].txt
D:\Documents and Settings\User\Cookies\user@chitika[1].txt
D:\Documents and Settings\User\Cookies\user@chitika[2].txt
D:\Documents and Settings\User\Cookies\user@clickbank[1].txt
D:\Documents and Settings\User\Cookies\user@collective-media[1].txt
D:\Documents and Settings\User\Cookies\user@content.yieldmanager[1].txt
D:\Documents and Settings\User\Cookies\user@content.yieldmanager[2].txt
D:\Documents and Settings\User\Cookies\user@content.yieldmanager[4].txt
D:\Documents and Settings\User\Cookies\user@dealtime[1].txt
D:\Documents and Settings\User\Cookies\user@decho.122.2o7[1].txt
D:\Documents and Settings\User\Cookies\user@dmtracker[1].txt
D:\Documents and Settings\User\Cookies\user@doubleclick[1].txt
D:\Documents and Settings\User\Cookies\user@earthlink.122.2o7[1].txt
D:\Documents and Settings\User\Cookies\user@eas.apm.emediate[1].txt
D:\Documents and Settings\User\Cookies\user@eb.adbureau[2].txt
D:\Documents and Settings\User\Cookies\user@ehg-newscientist.hitbox[2].txt
D:\Documents and Settings\User\Cookies\user@fastclick[1].txt
D:\Documents and Settings\User\Cookies\user@hitbox[1].txt
D:\Documents and Settings\User\Cookies\user@hookedmediagroup[1].txt
D:\Documents and Settings\User\Cookies\user@hypertracker[1].txt
D:\Documents and Settings\User\Cookies\user@iacas.adbureau[2].txt
D:\Documents and Settings\User\Cookies\user@imrworldwide[2].txt
D:\Documents and Settings\User\Cookies\user@insightexpressai[1].txt
D:\Documents and Settings\User\Cookies\user@interclick[2].txt
D:\Documents and Settings\User\Cookies\user@kontera[2].txt
D:\Documents and Settings\User\Cookies\user@link.mercent[1].txt
D:\Documents and Settings\User\Cookies\user@m1.webstats.motigo[2].txt
D:\Documents and Settings\User\Cookies\user@media.adrevolver[1].txt
D:\Documents and Settings\User\Cookies\user@mediaplex[2].txt
D:\Documents and Settings\User\Cookies\user@metacafe.122.2o7[1].txt
D:\Documents and Settings\User\Cookies\user@microsoftwindows.112.2o7[1].txt
D:\Documents and Settings\User\Cookies\user@msnportal.112.2o7[1].txt
D:\Documents and Settings\User\Cookies\user@newmediacampaigns[2].txt
D:\Documents and Settings\User\Cookies\user@overture[2].txt
D:\Documents and Settings\User\Cookies\user@questionmarket[1].txt
D:\Documents and Settings\User\Cookies\user@realmedia[1].txt
D:\Documents and Settings\User\Cookies\user@revsci[1].txt
D:\Documents and Settings\User\Cookies\user@revsci[2].txt
D:\Documents and Settings\User\Cookies\user@revsci[4].txt
D:\Documents and Settings\User\Cookies\user@richmedia.yahoo[1].txt
D:\Documents and Settings\User\Cookies\user@roiservice[1].txt
D:\Documents and Settings\User\Cookies\user@server.iad.liveperson[2].txt
D:\Documents and Settings\User\Cookies\user@server.iad.liveperson[3].txt
D:\Documents and Settings\User\Cookies\user@server.iad.liveperson[4].txt
D:\Documents and Settings\User\Cookies\user@serving-sys[1].txt
D:\Documents and Settings\User\Cookies\user@skype.122.2o7[1].txt
D:\Documents and Settings\User\Cookies\user@specificclick[2].txt
D:\Documents and Settings\User\Cookies\user@spylog[1].txt
D:\Documents and Settings\User\Cookies\user@stat.dealtime[1].txt
D:\Documents and Settings\User\Cookies\user@statcounter[1].txt
D:\Documents and Settings\User\Cookies\user@statcounter[3].txt
D:\Documents and Settings\User\Cookies\user@sussex.ac[2].txt
D:\Documents and Settings\User\Cookies\user@tacoda[1].txt
D:\Documents and Settings\User\Cookies\user@tacoda[3].txt
D:\Documents and Settings\User\Cookies\user@track.asus[1].txt
D:\Documents and Settings\User\Cookies\user@tradedoubler[2].txt
D:\Documents and Settings\User\Cookies\user@trafficmp[1].txt
D:\Documents and Settings\User\Cookies\user@tribalfusion[1].txt
D:\Documents and Settings\User\Cookies\user@tribalfusion[2].txt
D:\Documents and Settings\User\Cookies\user@warez-bb[2].txt
D:\Documents and Settings\User\Cookies\user@www.burstnet[1].txt
D:\Documents and Settings\User\Cookies\user@www.googleadservices[1].txt
D:\Documents and Settings\User\Cookies\user@www.googleadservices[2].txt
D:\Documents and Settings\User\Cookies\user@www.googleadservices[3].txt
D:\Documents and Settings\User\Cookies\user@www.googleadservices[4].txt
D:\Documents and Settings\User\Cookies\user@www.googleadservices[5].txt
D:\Documents and Settings\User\Cookies\user@www.googleadservices[7].txt
D:\Documents and Settings\User\Cookies\user@www.newmediacampaigns[1].txt
D:\Documents and Settings\User\Cookies\user@www.warez-bb[2].txt
D:\Documents and Settings\User\Cookies\user@zedo[2].txt

Adware.MyWebSearch/FunWebProducts
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib#Version

Trojan.VideoCach/Gen
HKCR\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}
HKCR\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}\ProxyStubClsid
HKCR\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}\ProxyStubClsid32
HKCR\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}\TypeLib
HKCR\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}\TypeLib#Version

Rogue.WinPCDefender
HKU\S-1-5-21-3551052786-2972405085-912911702-1000\Software\WinPC Defender

Adware.SelectRebates
C:\Program Files\SELECTREBATES

#7 emboars

emboars
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 26 February 2011 - 05:52 AM

gmer

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-02-26 16:00:51
Windows 6.0.6000 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-5 SAMSUNG_HD252KJ rev.CM100-12
Running: 6lwr8bxd.exe; Driver: C:\Users\User\AppData\Local\Temp\kxtdapob.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcConnectPort [0x8EE34E06]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcCreatePort [0x8EE34F84]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcSendWaitReceivePort [0x8EE35014]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwClose [0x8EE33DF8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwConnectPort [0x8EE344EA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateEvent [0x8EE34816]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateFile [0x8EE33F66]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateMutant [0x8EE346EE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0x8EE339D2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreatePort [0x8EE345AA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSection [0x8EE33B8C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSemaphore [0x8EE34948]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateWaitablePort [0x8EE3464C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwFsControlFile [0x8EE340C4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenEvent [0x8EE348B8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenFile [0x8EE33E34]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenMutant [0x8EE34786]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSection [0x8EE3545C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSemaphore [0x8EE349EA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryDirectoryObject [0x8EE35214]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyPort [0x8EE34D74]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0x8EE34C3A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSecureConnectPort [0x8EE341F0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetInformationToken [0x8EE352C8]
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS ZwTerminateProcess [0x8FE26620]

INT 0x06 \??\C:\Windows\system32\drivers\Haspnt.sys 8D0FF16D
INT 0x0E \??\C:\Windows\system32\drivers\Haspnt.sys 8D0FEFC2
INT 0x52 ? 850D4BF8
INT 0x52 ? 850D4BF8
INT 0x52 ? 850D4BF8
INT 0x52 ? 850D4BF8
INT 0x52 ? 86105BF8
INT 0x52 ? 850D4BF8
INT 0x62 ? 86105BF8
INT 0x72 ? 86105BF8
INT 0x82 ? 850D4BF8
INT 0x82 ? 850D4BF8
INT 0x82 ? 86105BF8
INT 0x82 ? 86105BF8
INT 0x82 ? 850D4BF8
INT 0xA3 ? 86105BF8

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 380 8248088C 4 Bytes JMP 388EE344
? System32\Drivers\sphh.sys The system cannot find the path specified. !
.text USBPORT.SYS!DllUnload 8B84BACF 5 Bytes JMP 861051D8
.text ayq17z3t.SYS 8E28E000 22 Bytes [8E, 71, 7A, 82, 78, 70, 7A, ...]
.text ayq17z3t.SYS 8E28E017 95 Bytes [00, 99, F7, 67, 80, A4, F5, ...]
.text ayq17z3t.SYS 8E28E077 85 Bytes [82, C6, 2E, 48, 82, E4, 85, ...]
.text ayq17z3t.SYS 8E28E0CE 73 Bytes [00, 00, 00, 00, 01, C2, 03, ...]
.text ayq17z3t.SYS 8E28E118 185 Bytes [3F, 48, 3E, 8A, 3C, CC, 3D, ...]
.text ...
.text C:\Windows\system32\drivers\hardlock.sys section is writeable [0xA7156400, 0x87EE2, 0xE8000020]
.protect˙˙˙˙hardlockentry point in ".protect˙˙˙˙hardlockentry point in ".protect˙˙˙˙hardlockentry point in ".p" section [0xA71FA620] C:\Windows\system32\drivers\hardlock.sys entry point in ".protect˙˙˙˙hardlockentry point in ".protect˙˙˙˙hardlockentry point in ".p" section [0xA71FA620]
.protect˙˙˙˙hardlockunknown last code section [0xA71FA400, 0x5126, 0xE0000020] C:\Windows\system32\drivers\hardlock.sys unknown last code section [0xA71FA400, 0x5126, 0xE0000020]

---- User code sections - GMER 1.0.15 ----

? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] C:\Windows\system32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] C:\Windows\system32\kernel32.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] USER32.dll!DispatchMessageA + 4ED 767B4168 4 Bytes [70, 11, 32, 6D]
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] C:\Windows\system32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] C:\Windows\system32\kernel32.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] USER32.dll!DispatchMessageA + 4ED 767B4168 4 Bytes [70, 11, 32, 6D]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [82D016D6] \SystemRoot\System32\Drivers\sphh.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [82D01042] \SystemRoot\System32\Drivers\sphh.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [82D01800] \SystemRoot\System32\Drivers\sphh.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [82D010C0] \SystemRoot\System32\Drivers\sphh.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [82D0113E] \SystemRoot\System32\Drivers\sphh.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [82D10E9C] \SystemRoot\System32\Drivers\sphh.sys
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortNotification] 000000DC
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortWritePortUchar] 000000A2
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortWritePortUlong] 00000333
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortGetPhysicalAddress] 000003D8
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] 0000024D
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortGetScatterGatherList] 00000201
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortReadPortUchar] 000001EF
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortStallExecution] 0000031F
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortGetParentBusType] 000000A1
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortRequestCallback] 0000025C
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortWritePortBufferUshort] 000003BE
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortGetUnCachedExtension] 00000215
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortCompleteRequest] 000000DD
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 00000190
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 00000182
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortMoveMemory] 00000363
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortReadPortUshort] 00000258
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortReadPortBufferUshort] 0000030E
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 0000017E
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortInitialize] 00000254
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortGetDeviceBase] 0000019E
IAT \SystemRoot\System32\Drivers\ayq17z3t.SYS[ataport.SYS!AtaPortDeviceStateChange] 000000AB

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[1204] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74BDFD78] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16683_none_9ea0f08ac96e2537\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1204] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [74BABBF1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16683_none_9ea0f08ac96e2537\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1204] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [74B9A31F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16683_none_9ea0f08ac96e2537\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1204] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74B9CBFF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16683_none_9ea0f08ac96e2537\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1204] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [74B98AB2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16683_none_9ea0f08ac96e2537\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1204] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [74BAD168] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16683_none_9ea0f08ac96e2537\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1204] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [74B97D98] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16683_none_9ea0f08ac96e2537\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1204] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [74B97CFF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16683_none_9ea0f08ac96e2537\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1204] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74B96A54] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16683_none_9ea0f08ac96e2537\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1204] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [74C2C1BA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16683_none_9ea0f08ac96e2537\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1204] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [74BB80FE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16683_none_9ea0f08ac96e2537\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1204] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74B990CD] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16683_none_9ea0f08ac96e2537\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1204] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74BA223C] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16683_none_9ea0f08ac96e2537\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1204] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74BA2267] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16683_none_9ea0f08ac96e2537\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1204] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74BA771C] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16683_none_9ea0f08ac96e2537\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1204] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74BA753E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16683_none_9ea0f08ac96e2537\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1204] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74BD8585] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16683_none_9ea0f08ac96e2537\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 001701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 00170240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 001702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 00170320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 00170470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 001704E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 003F0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 003F08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 003F0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 003F09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 003F0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 003F0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 001705C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 00170630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!HeapFree] 00170710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 00170780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 001707F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 003F0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 003F0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!HeapFree] 00170860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 003F0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 003F0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 003F0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 003F0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 001709B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 003F0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 003F0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlSizeHeap] 00170A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlReAllocateHeap] 00170B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 00170B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 00170BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 003F0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 003F0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 003F0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 76B40550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76B405C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 76B40630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 76B406A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 76B40710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 76B40780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 00170C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 00170CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76B407F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 76B40860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 76B408D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 76B40940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 76B409B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 76B40A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 76B40F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 00D30010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] 00D30080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 00D300F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] 00D30160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] 00D301D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 77DE0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 77DE04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapFree] 77DE0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 77DE0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA] 00D30240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW] 00D302B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D30320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] 00D30390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 77DE07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 77DE0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D304E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00D30550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 77DE08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 00D305C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameA] 00D30630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 00D306A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 00D30710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00D30780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00D307F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00D30860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapFree] 77DE0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00D308D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 77DE0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00D30940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00D309B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!HeapFree] 77DE0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00D30A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D30A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00D30B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00D30B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00D30BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00D30C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00D30CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapFree] 77DE0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00D30D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapDestroy] 77DE0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00D30DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 77DE0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D30E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00D30E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 00D30EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00D30F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00D40010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00D40080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameA] 00D400F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 77DE0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap] 77DE0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap] 77DE0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 77DE0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 77DE0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D40F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 00D50010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 00D50080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW] 00D500F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 00D50160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 00D501D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00D50780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 77DE0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!HeapFree] 77DE0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 00D50B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 00D50BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 00D50C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 00D50CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D50D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 00D50DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\iphlpapi.dll [ntdll.dll!RtlFreeHeap] 77DE0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\iphlpapi.dll [ntdll.dll!RtlAllocateHeap] 77DE0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!HeapFree] 77DE0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76B404E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] 76B402B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] 76B400F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] 76B40240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 76B40160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76B404E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 76B400F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 76B40240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 76B402B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 76B40390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 77DE01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameW] 76B401D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryW] 76B40400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapFree] 77DE0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76B404E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!VirtualAlloc] 77DE02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 76B400F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 76B40240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 76B402B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 76B40390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 76B401D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlFreeHeap] 77DE0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlAllocateHeap] 77DE0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 77DE0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 77DE0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 76B40400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 76B402B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 76B400F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 76B40240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76B404E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 76B40160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!HeapFree] 77DE0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SAMLIB.dll [ntdll.dll!RtlFreeHeap] 77DE0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!LoadLibraryA] 76B402B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!FreeLibrary] 76B400F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] 76B40240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76B404E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] 76B40400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!SetErrorMode] 76B40470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameA] 76B40160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!HeapFree] 77DE0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76B404E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 76B40390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] 76B40240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] 76B402B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!FreeLibrary] 76B400F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2956] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameW] 76B401D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 001701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 00170240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 001702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 00170320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 00170470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 001704E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B80860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 00B808D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 00B80940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 00B809B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 00B80A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 00B80A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 001705C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 00170630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!HeapFree] 00170710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 00170780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 001707F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 00B80B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 00B80B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!HeapFree] 00170860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 00B80BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 00B80C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 00B80CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 00B80D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 001709B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B80DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 00B80E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlSizeHeap] 00170A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlReAllocateHeap] 00170B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 00170B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 00170BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 00B80E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 00B80EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 00B80F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 76B40550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76B405C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 76B40630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 76B406A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 76B40710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 76B40780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 00170C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 00170CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76B407F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 76B40860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 76B408D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 76B40940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 76B409B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 76B40A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 76B40F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 00B90010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] 00B90080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 00B900F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] 00B90160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] 00B901D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 77DE0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 77DE04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapFree] 77DE0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 77DE0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA] 00B90240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW] 00B902B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B90320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] 00B90390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 77DE07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 77DE0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B904E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00B90550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 77DE08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 00B905C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameA] 00B90630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 00B906A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 00B90710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00B90780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00B907F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00B90860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapFree] 77DE0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00B908D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 77DE0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00B90940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00B909B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!HeapFree] 77DE0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00B90A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B90A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00B90B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00B90B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00B90BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00B90C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00B90CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapFree] 77DE0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00B90D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapDestroy] 77DE0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00B90DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 77DE0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B90E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00B90E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 00B90EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00B90F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00BA0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00BA0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameA] 00BA00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 77DE0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap] 77DE0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap] 77DE0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 77DE0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 77DE0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BA0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 00BF0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 00BF0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW] 00BF00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 00BF0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 00BF01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00BF0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 77DE0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!HeapFree] 77DE0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 00BF0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 00BF0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 00BF0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 00C00010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00C00080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 00C000F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 77DE0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 77DE0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 76B40400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 76B402B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 76B400F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 76B40240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76B404E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 76B40160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!HeapFree] 77DE0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 76B40160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76B404E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 76B400F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 76B40240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 76B402B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 76B40390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 77DE01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameW] 76B401D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryW] 76B40400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapFree] 77DE0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] 76B40400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!SetErrorMode] 76B40470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameA] 76B40160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!HeapFree] 77DE0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76B404E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 76B40390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] 76B40240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] 76B402B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!FreeLibrary] 76B400F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameW] 76B401D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76B404E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!VirtualAlloc] 77DE02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 76B400F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 76B40240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 76B402B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 76B40390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 76B401D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlFreeHeap] 77DE0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3168] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlAllocateHeap] 77DE0010

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 850DA1F8
Device \FileSystem\fastfat \FatCdrom 8777A500
Device \Driver\volmgr \Device\VolMgrControl 850D61F8
Device \Driver\usbuhci \Device\USBPDO-0 861061F8
Device \Driver\usbuhci \Device\USBPDO-1 861061F8
Device \Driver\usbuhci \Device\USBPDO-2 861061F8
Device \Driver\sptd \Device\3240650608 sphh.sys
Device \Driver\usbehci \Device\USBPDO-3 860F3500
Device \Driver\usbuhci \Device\USBPDO-4 861061F8

AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

Device \Driver\usbuhci \Device\USBPDO-5 861061F8
Device \Driver\usbuhci \Device\USBPDO-6 861061F8
Device \Driver\volmgr \Device\HarddiskVolume1 850D61F8
Device \Driver\usbehci \Device\USBPDO-7 860F3500
Device \Driver\volmgr \Device\HarddiskVolume2 850D61F8
Device \Driver\cdrom \Device\CdRom0 860BB1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-2 850D81F8
Device \Driver\atapi \Device\Ide\IdePort0 850D81F8
Device \Driver\atapi \Device\Ide\IdePort1 850D81F8
Device \Driver\atapi \Device\Ide\IdePort2 850D81F8
Device \Driver\atapi \Device\Ide\IdePort3 850D81F8
Device \Driver\atapi \Device\Ide\IdePort4 850D81F8
Device \Driver\atapi \Device\Ide\IdePort5 850D81F8
Device \Driver\atapi \Device\Ide\IdeDeviceP4T0L0-5 850D81F8
Device \Driver\volmgr \Device\HarddiskVolume3 850D61F8
Device \Driver\cdrom \Device\CdRom1 860BB1F8
Device \Driver\volmgr \Device\HarddiskVolume4 850D61F8
Device \Driver\netbt \Device\NetBt_Wins_Export 86C7B500
Device \Driver\Smb \Device\NetbiosSmb 86C751F8
Device \Driver\PCI_PNP8581 \Device\0000004e sphh.sys
Device \Driver\iScsiPrt \Device\RaidPort0 861DC1F8

AttachedDevice \Driver\tdx \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
AttachedDevice \Driver\tdx \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

Device \Driver\usbuhci \Device\USBFDO-0 861061F8
Device \Driver\usbuhci \Device\USBFDO-1 861061F8
Device \Driver\usbuhci \Device\USBFDO-2 861061F8
Device \Driver\netbt \Device\NetBT_Tcpip_{FD052012-39F1-4F62-93EB-CC4F6EF8BF5E} 86C7B500
Device \Driver\usbehci \Device\USBFDO-3 860F3500
Device \Driver\usbuhci \Device\USBFDO-4 861061F8
Device \Driver\usbuhci \Device\USBFDO-5 861061F8
Device \Driver\netbt \Device\NetBT_Tcpip_{FE9267FF-6160-469E-961C-823A7F0B5975} 86C7B500
Device \Driver\usbuhci \Device\USBFDO-6 861061F8
Device \Driver\usbehci \Device\USBFDO-7 860F3500
Device \Driver\ayq17z3t \Device\Scsi\ayq17z3t1Port7Path0Target0Lun0 861D91F8
Device \Driver\ayq17z3t \Device\Scsi\ayq17z3t1 861D91F8
Device \FileSystem\fastfat \Fat 8777A500

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\cdfs \Cdfs 86E951F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x38 0x0F 0x98 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x37 0x91 0xEE 0xE9 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 f:\DAEMON Tools Pro\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x93 0x0C 0x9D 0x76 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xE3 0x21 0x2B 0x87 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x53 0x00 0xE5 0x2C ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 f:\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xBD 0xDE 0x29 0xC4 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xDD 0x16 0xE1 0xFA ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x38 0x0F 0x98 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x37 0x91 0xEE 0xE9 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 f:\DAEMON Tools Pro\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x93 0x0C 0x9D 0x76 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xE3 0x21 0x2B 0x87 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x53 0x00 0xE5 0x2C ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 f:\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xBD 0xDE 0x29 0xC4 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xDD 0x16 0xE1 0xFA ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B4EB3E8F-9D7C-97D1-579C-91BF4683A9FF}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B4EB3E8F-9D7C-97D1-579C-91BF4683A9FF}@macpegknaggjkmfppppeiinoke 0x61 0x61 0x00 0x76
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B4EB3E8F-9D7C-97D1-579C-91BF4683A9FF}@abdpjdiadjabciboijaeadflpeobglgdca 0x61 0x61 0x00 0x76

---- EOF - GMER 1.0.15 ----

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:29 PM

Posted 26 February 2011 - 06:17 AM

I see three issues that indicate the use of pirated software:

IMPORTANT NOTE: Your scan log results indicate you are using keygens/crack tools.

The practice of using cracking tools, keygens, warez or any pirated software is not only considered illegal activity but it is a serious security risk.

Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

trendmicro.com/vinfo

...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV

...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

University of Washington spyware study

...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.

Bad Web Sites: Malware

When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

I strongly recommend that you remove all cracks and keygens immediately to reduce the risk of infection/reinfection. If not, then we are just wasting time trying to clean your system. Further, other tools used during the disinfection process may detect crack and keygens so we need to ensure they have been removed.

Using these types of programs or the websites visited to get them is almost a guaranteed way to get yourself infected!!


The "Objects scanned" above says 481k files - but Norton scanned 935k files, and took 3.5 hours.


The speed and ability to complete an anti-virus or anti-malware scan depends on a variety of factors.
  • The program itself and how its scanning engine is designed to scan: using a signature database vs heuristic scanning or a combination of both.
  • Options to scan for spyware, adware, riskware and potentially unwanted programs (PUPS).
  • Options to scan memory, boot sectors, registry and alternate data streams (ADS).
  • Type of scan performed: Deep, Quick or Custom scanning.
  • What action has to be performed when malware is detected.
  • A computer's hard drive size.
  • Disk used capacity (number of files to include temporary files) that have to be scanned.
  • Types of files (.exe, .dll, .sys, .cab, archived, compressed, packed, email, etc) that are scanned.
  • Whether external drives are included in the scan.
  • Competition for and utilization of system resources by the scanner.
  • Other running processes and programs in the background.
  • Interference from malware.
  • Interference from the user.
-- Using two security scanning engines at the same time can cause each to interfere with the other, cause systems hangs, false detections, unreliable results and other unpredictable behavior.

-- If the screensaver, hibernation or Sleep Mode are not turned off before scanning, those features can sometimes have odd effects when attempting to resume normal mode.


Note: It is not unusual for an anti-virus or anti-malware scanner to be suspicious of some compressed, archived, .cab .jar and packed files because they have difficulty reading what is inside them. These kind of files often trigger alerts by security software using heuristic detection because they are resistant to scanning (difficult to read). This resistance may also result in some scanners to stall (hang) on these particular types of files or just ignore (skip) them. Certain files in the System Volume Information Folder like the Tracking.log (created by the Distributed Link Tracking Service to store maintenance information) have also been reported as a source causing some scanners to hang.


Complements of Quietman7



With that said, I think these requires a deeper look at the issues:

Please follow the instructions in ==>This Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

Edited by cryptodan, 26 February 2011 - 06:19 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users