Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SVChost.exe Memory Leak


  • Please log in to reply
9 replies to this topic

#1 ChapterOmega

ChapterOmega

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 13 January 2012 - 12:40 PM

Soon after I start up my computer svchost.exe's memory usage starts climbing until my CPU Usage is at 100%.

I have run Malwarebytes (full scan and quick scan) and it did not detect any problems.

I also tried doing this : http://www.technibble.com/how-to-fix-svchost-using-100-cpu-memory-leak/
but had no luck.

I used Process Explorer to see what services this svchost.exe is running and these are the results that I received:

BITS
EventSystem
Nla
SENS
TapiSrv
winmgmt

I am running Windows XP Home Edition Service Pack 3.

Intel® Pentium® Dual CPU
E2140 @1.60GHz
1.60 GHz 1.00GB of RAM

Thank you for any help you can give.

Edited by hamluis, 13 January 2012 - 01:49 PM.
Moved from XP to Am I Infected.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:39 PM

Posted 13 January 2012 - 05:07 PM

Hello and welcome.
I need to ask if you updated MBAM [rior to scanning?

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.


Finally

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 ChapterOmega

ChapterOmega
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 16 January 2012 - 04:45 PM

Yes, I updated Malwarebytes before I ran it, but still no infected results.

Here is the rest of the info you requested. TDSSkiller found one infected file and required a reboot.

MiniToolBox by Farbar
Ran by User (administrator) on 16-01-2012 at 13:12:01
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® 82562V-2 10/100 Network Connection = Local Area Connection 2 (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : user-14781e6657

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® 82562V-2 10/100 Network Connection #2

Physical Address. . . . . . . . . : 00-1A-A0-9E-F5-26

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.104

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 167.206.254.2

167.206.254.1

Lease Obtained. . . . . . . . . . : Monday, January 16, 2012 8:36:19 AM

Lease Expires . . . . . . . . . . : Tuesday, January 17, 2012 8:36:19 AM

Server: vdns2.srv.hcvlny.cv.net
Address: 167.206.254.2

Name: google.com
Addresses: 74.125.115.104, 74.125.115.147, 74.125.115.105, 74.125.115.103
74.125.115.99, 74.125.115.106



Pinging google.com [74.125.115.104] with 32 bytes of data:



Reply from 74.125.115.104: bytes=32 time=107ms TTL=51

Reply from 74.125.115.104: bytes=32 time=26ms TTL=51



Ping statistics for 74.125.115.104:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 26ms, Maximum = 107ms, Average = 66ms

Server: vdns2.srv.hcvlny.cv.net
Address: 167.206.254.2

Name: yahoo.com
Addresses: 98.137.149.56, 98.139.180.149, 209.191.122.70, 72.30.2.43



Pinging yahoo.com [98.137.149.56] with 32 bytes of data:



Reply from 98.137.149.56: bytes=32 time=119ms TTL=50

Reply from 98.137.149.56: bytes=32 time=125ms TTL=50



Ping statistics for 98.137.149.56:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 119ms, Maximum = 125ms, Average = 122ms

Server: vdns2.srv.hcvlny.cv.net
Address: 167.206.254.2

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1a a0 9e f5 26 ...... Intel® 82562V-2 10/100 Network Connection #2 - Teefer2 Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.104 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.104 192.168.1.104 30
192.168.1.0 255.255.255.0 192.168.1.104 192.168.1.104 20
192.168.1.104 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.104 192.168.1.104 20
224.0.0.0 240.0.0.0 192.168.1.104 192.168.1.104 20
255.255.255.255 255.255.255.255 192.168.1.104 192.168.1.104 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/13/2012 02:29:29 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.FakeAV in File: C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\APQ113.tmp by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (01/13/2012 02:05:01 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.FakeAV in File: c:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\APQ1B3.tmp by: Manual scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (01/13/2012 02:00:39 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.FakeAV in File: C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\APQ112.tmp by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (01/13/2012 01:46:45 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.FakeAV in File: c:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\APQ1B2.tmp by: Manual scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (01/13/2012 01:20:37 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.FakeAV in File: C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\sor.exe by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (01/13/2012 01:03:30 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.FakeAV in File: C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\sgg.exe by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (01/13/2012 00:54:50 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.60.0.59, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000108f3.
Processing media-specific event for [mbam.exe!ws!]

Error: (01/13/2012 00:43:00 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.FakeAV in File: C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\nqi.exe by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (01/13/2012 00:27:02 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.FakeAV in File: C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\jqo.exe by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (01/13/2012 00:07:30 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.FakeAV in File: C:\Documents and Settings\LocalService\Local Settings\Application Data\tuf.exe by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.


System errors:
=============
Error: (01/13/2012 00:40:37 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:
%%1056

Error: (01/13/2012 10:51:05 AM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:
%%1056

Error: (01/13/2012 08:40:34 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{587E9740-C556-44DF-8092-8EB2A4ED8B4A} because another computer on the network has the same name. The server could not start.

Error: (01/13/2012 08:40:34 AM) (Source: 0) (User: )
Description: USER-14781E6657:20192.168.1.104192.168.1.237

Error: (01/13/2012 08:40:20 AM) (Source: 0) (User: )
Description: USER-14781E6657:0192.168.1.104192.168.1.237

Error: (01/12/2012 00:44:16 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:
%%1056

Error: (01/12/2012 08:51:52 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{587E9740-C556-44DF-8092-8EB2A4ED8B4A} because another computer on the network has the same name. The server could not start.

Error: (01/12/2012 08:51:52 AM) (Source: 0) (User: )
Description: USER-14781E6657:20192.168.1.104192.168.1.237

Error: (01/12/2012 08:51:29 AM) (Source: 0) (User: )
Description: USER-14781E6657:0192.168.1.104192.168.1.237

Error: (01/11/2012 02:24:33 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{587E9740-C556-44DF-8092-8EB2A4ED8B4A} because another computer on the network has the same name. The server could not start.


Microsoft Office Sessions:
=========================
Error: (01/13/2012 02:29:29 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.FakeAV in File: C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\APQ113.tmp by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (01/13/2012 02:05:01 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.FakeAV in File: c:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\APQ1B3.tmp by: Manual scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (01/13/2012 02:00:39 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.FakeAV in File: C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\APQ112.tmp by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (01/13/2012 01:46:45 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.FakeAV in File: c:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\APQ1B2.tmp by: Manual scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (01/13/2012 01:20:37 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.FakeAV in File: C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\sor.exe by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (01/13/2012 01:03:30 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.FakeAV in File: C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\sgg.exe by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (01/13/2012 00:54:50 PM) (Source: Application Error)(User: )
Description: mbam.exe1.60.0.59ntdll.dll5.1.2600.6055000108f3

Error: (01/13/2012 00:43:00 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.FakeAV in File: C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\nqi.exe by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (01/13/2012 00:27:02 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.FakeAV in File: C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\jqo.exe by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (01/13/2012 00:07:30 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.FakeAV in File: C:\Documents and Settings\LocalService\Local Settings\Application Data\tuf.exe by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.


=========================== Installed Programs ============================

µTorrent (Version: 2.2.1)
Add or Remove Adobe Creative Suite 3 Master Collection (Version: 1.0)
Adobe Acrobat 8 Professional (Version: 8.1.0)
Adobe After Effects CS3 (Version: 8)
Adobe After Effects CS3 Presets (Version: 8)
Adobe AIR (Version: 2.6.0.19120)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe BridgeTalk Plugin CS3 (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Dreamweaver CS3 (Version: 9)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Extension Manager CS3 (Version: 1.8)
Adobe Flash CS3 (Version: 9.0)
Adobe Flash Player 10 ActiveX (Version: 10.2.153.1)
Adobe Flash Player 10 Plugin (Version: 10.2.153.1)
Adobe Flash Player 9 ActiveX (Version: 9.0.45.0)
Adobe Flash Video Encoder (Version: 2.0)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Illustrator CS3 (Version: 13.0)
Adobe InDesign CS3 (Version: 5.0)
Adobe InDesign CS3 Icon Handler (Version: 5.0)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe MotionPicture Color Files (Version: 1.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Setup (Version: 1.0)
Adobe SING CS3 (Version: 0.1)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe Video Profiles (Version: 1.0)
Adobe WAS CS3 (Version: 1.0)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP DVA Panels CS3 (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
AHV content for Acrobat and Flash (Version: 1)
AOL Uninstaller (Choose which Products to Remove)
CanoScan LiDE 90
Facemoods Toolbar
Intel® PRO Network Connections Drivers
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
JDownloader 0.9 (Version: 0.9)
LiveUpdate 3.3 (Symantec Corporation) (Version: 3.3.0.83)
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
MessagePal (Version: 1.8.0)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Office Professional Edition 2003 (Version: 11.0.5614.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Mozilla Firefox 8.0 (x86 en-US) (Version: 8.0)
Nero OEM
OKI Color Swatch Utility (Version: 2.11.0000)
OKI Network Extension (Version: 1.00.000)
PDF Settings (Version: 1.0)
Perfect Photo Suite 5.5.3 (Version: 5.5.3)
Photodex Presenter
PowerDVD
PowerISO (Version: 4.7)
ProShow Gold
Realtek High Definition Audio Driver (Version: 5.10.0.5408)
SJA-Mount-small (Version: 1)
SJA-Mount-small (Version: v1)
Spyder2PRO
Symantec Endpoint Protection Small Business Edition (Version: 12.0.122.192)
System Requirements Lab
Uninstall AOL Emergency Connect Utility 1.0
Viewpoint Media Player
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Search 4.0 (Version: 04.00.6001.503)
WinRAR 4.00 (32-bit) (Version: 4.00.0)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 76%
Total physical RAM: 1022.1 MB
Available physical RAM: 240.11 MB
Total Pagefile: 2969.31 MB
Available Pagefile: 1666.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.57 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:149.05 GB) (Free:72.65 GB) NTFS
4 Drive f: () (Removable) (Total:3.69 GB) (Free:3.21 GB) FAT32
5 Drive w: (DATA) (Network) (Total:1863.01 GB) (Free:87.11 GB) NTFS

========================= Users: ========================================

User accounts for \\

Acronis Agent User Administrator ASPNET
Guest HelpAssistant SUPPORT_388945a0
User

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

TDSS----

13:13:52.0451 0364 TDSS rootkit removing tool 2.7.2.0 Jan 14 2012 20:07:30
13:13:52.0669 0364 ============================================================
13:13:52.0669 0364 Current date / time: 2012/01/16 13:13:52.0669
13:13:52.0669 0364 SystemInfo:
13:13:52.0669 0364
13:13:52.0669 0364 OS Version: 5.1.2600 ServicePack: 3.0
13:13:52.0669 0364 Product type: Workstation
13:13:52.0669 0364 ComputerName: USER-14781E6657
13:13:52.0669 0364 UserName: User
13:13:52.0669 0364 Windows directory: C:\WINDOWS
13:13:52.0669 0364 System windows directory: C:\WINDOWS
13:13:52.0669 0364 Processor architecture: Intel x86
13:13:52.0669 0364 Number of processors: 2
13:13:52.0669 0364 Page size: 0x1000
13:13:52.0669 0364 Boot type: Normal boot
13:13:52.0669 0364 ============================================================
13:13:58.0576 0364 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000, SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000054
13:13:58.0576 0364 Drive \Device\Harddisk1\DR2 - Size: 0xEC580000, SectorSize: 0x200, Cylinders: 0x1E2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:13:58.0638 0364 Initialize success
13:14:03.0873 3636 ============================================================
13:14:03.0873 3636 Scan started
13:14:03.0873 3636 Mode: Manual;
13:14:03.0873 3636 ============================================================
13:14:12.0185 3636 .mrxsmb - ok
13:14:12.0732 3636 Abiosdsk - ok
13:14:12.0779 3636 abp480n5 - ok
13:14:12.0919 3636 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\drivers\ACPI.sys
13:14:12.0935 3636 ACPI - ok
13:14:12.0998 3636 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
13:14:13.0013 3636 ACPIEC - ok
13:14:13.0029 3636 adpu160m - ok
13:14:13.0091 3636 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:14:13.0154 3636 aec - ok
13:14:13.0326 3636 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
13:14:13.0357 3636 AFD - ok
13:14:13.0373 3636 Aha154x - ok
13:14:13.0419 3636 aic78u2 - ok
13:14:13.0435 3636 aic78xx - ok
13:14:13.0451 3636 AliIde - ok
13:14:13.0482 3636 amsint - ok
13:14:13.0513 3636 asc - ok
13:14:13.0529 3636 asc3350p - ok
13:14:13.0607 3636 asc3550 - ok
13:14:13.0716 3636 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:14:13.0732 3636 AsyncMac - ok
13:14:13.0888 3636 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\drivers\atapi.sys
13:14:13.0888 3636 atapi - ok
13:14:13.0919 3636 Atdisk - ok
13:14:13.0982 3636 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:14:14.0013 3636 Atmarpc - ok
13:14:14.0060 3636 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:14:14.0076 3636 audstub - ok
13:14:14.0263 3636 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:14:14.0279 3636 Beep - ok
13:14:14.0576 3636 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:14:14.0623 3636 cbidf2k - ok
13:14:14.0873 3636 cd20xrnt - ok
13:14:15.0123 3636 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:14:15.0185 3636 Cdaudio - ok
13:14:16.0763 3636 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:14:16.0779 3636 Cdfs - ok
13:14:17.0107 3636 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:14:17.0107 3636 Cdrom - ok
13:14:17.0998 3636 Changer - ok
13:14:19.0529 3636 CmdIde - ok
13:14:20.0232 3636 COH_Mon (86a22dff16e8ca67601044efe6825537) C:\WINDOWS\system32\Drivers\COH_Mon.sys
13:14:20.0310 3636 COH_Mon - ok
13:14:20.0419 3636 Cpqarray - ok
13:14:20.0466 3636 cvspydr2 (c6644d1a70c050fdd7ecbe8c3ac05313) C:\WINDOWS\system32\DRIVERS\cvspydr2.sys
13:14:20.0466 3636 cvspydr2 - ok
13:14:20.0544 3636 dac2w2k - ok
13:14:20.0935 3636 dac960nt - ok
13:14:21.0123 3636 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:14:21.0123 3636 Disk - ok
13:14:21.0248 3636 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
13:14:21.0388 3636 dmboot - ok
13:14:21.0513 3636 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
13:14:21.0513 3636 dmio - ok
13:14:21.0544 3636 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:14:21.0560 3636 dmload - ok
13:14:21.0607 3636 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:14:21.0607 3636 DMusic - ok
13:14:21.0623 3636 dpti2o - ok
13:14:21.0654 3636 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:14:21.0669 3636 drmkaud - ok
13:14:21.0701 3636 e1express (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
13:14:21.0716 3636 e1express - ok
13:14:21.0826 3636 eeCtrl (75e8b69f28c813675b16db357f20720f) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
13:14:22.0748 3636 eeCtrl - ok
13:14:22.0841 3636 EraserUtilRebootDrv (720b18d76de9e603b626dfcd6f1fca7c) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:14:22.0904 3636 EraserUtilRebootDrv - ok
13:14:23.0013 3636 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:14:23.0013 3636 Fastfat - ok
13:14:23.0044 3636 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
13:14:23.0044 3636 Fdc - ok
13:14:23.0060 3636 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
13:14:23.0060 3636 Fips - ok
13:14:23.0107 3636 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
13:14:23.0107 3636 Flpydisk - ok
13:14:23.0138 3636 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
13:14:23.0154 3636 FltMgr - ok
13:14:23.0591 3636 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:14:23.0591 3636 Fs_Rec - ok
13:14:23.0654 3636 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:14:23.0685 3636 Ftdisk - ok
13:14:23.0716 3636 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:14:23.0748 3636 Gpc - ok
13:14:23.0779 3636 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:14:23.0794 3636 HDAudBus - ok
13:14:23.0857 3636 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:14:23.0873 3636 hidusb - ok
13:14:23.0919 3636 hpn - ok
13:14:24.0013 3636 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
13:14:24.0044 3636 HTTP - ok
13:14:24.0060 3636 i2omgmt - ok
13:14:24.0076 3636 i2omp - ok
13:14:24.0107 3636 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
13:14:24.0123 3636 i8042prt - ok
13:14:24.0169 3636 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
13:14:24.0169 3636 Imapi - ok
13:14:24.0185 3636 ini910u - ok
13:14:24.0388 3636 IntcAzAudAddService (17bbbabb21f86b650b2626045a9d016c) C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:14:24.0482 3636 IntcAzAudAddService - ok
13:14:24.0498 3636 IntelIde - ok
13:14:24.0529 3636 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\drivers\intelppm.sys
13:14:24.0529 3636 intelppm - ok
13:14:24.0544 3636 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
13:14:24.0560 3636 Ip6Fw - ok
13:14:24.0591 3636 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:14:24.0591 3636 IpFilterDriver - ok
13:14:24.0623 3636 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:14:24.0638 3636 IpInIp - ok
13:14:24.0669 3636 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:14:24.0810 3636 IpNat - ok
13:14:24.0841 3636 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:14:24.0841 3636 IPSec - ok
13:14:24.0888 3636 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:14:24.0888 3636 IRENUM - ok
13:14:24.0935 3636 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\drivers\isapnp.sys
13:14:24.0935 3636 isapnp - ok
13:14:24.0951 3636 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:14:24.0966 3636 Kbdclass - ok
13:14:24.0982 3636 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:14:24.0982 3636 kbdhid - ok
13:14:25.0029 3636 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:14:25.0029 3636 kmixer - ok
13:14:25.0060 3636 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
13:14:25.0060 3636 KSecDD - ok
13:14:25.0076 3636 lbrtfdc - ok
13:14:25.0138 3636 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
13:14:25.0185 3636 MBAMSwissArmy - ok
13:14:25.0373 3636 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:14:25.0373 3636 mnmdd - ok
13:14:25.0419 3636 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
13:14:25.0435 3636 Modem - ok
13:14:25.0482 3636 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:14:25.0482 3636 Mouclass - ok
13:14:25.0529 3636 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:14:25.0529 3636 mouhid - ok
13:14:25.0560 3636 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:14:25.0560 3636 MountMgr - ok
13:14:25.0576 3636 mraid35x - ok
13:14:25.0576 3636 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:14:25.0591 3636 MRxDAV - ok
13:14:25.0623 3636 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:14:25.0654 3636 MRxSmb - ok
13:14:25.0669 3636 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:14:25.0669 3636 Msfs - ok
13:14:25.0716 3636 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:14:25.0716 3636 MSKSSRV - ok
13:14:25.0748 3636 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:14:25.0763 3636 MSPCLOCK - ok
13:14:25.0779 3636 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
13:14:25.0779 3636 MSPQM - ok
13:14:25.0826 3636 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:14:25.0826 3636 mssmbios - ok
13:14:25.0841 3636 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
13:14:25.0841 3636 Mup - ok
13:14:26.0013 3636 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120115.009\NAVENG.SYS
13:14:26.0091 3636 NAVENG - ok
13:14:26.0529 3636 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120115.009\NAVEX15.SYS
13:14:27.0060 3636 NAVEX15 - ok
13:14:27.0232 3636 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
13:14:27.0248 3636 NDIS - ok
13:14:27.0607 3636 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:14:27.0607 3636 NdisTapi - ok
13:14:27.0716 3636 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:14:27.0732 3636 Ndisuio - ok
13:14:27.0841 3636 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:14:27.0841 3636 NdisWan - ok
13:14:28.0248 3636 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
13:14:28.0263 3636 NDProxy - ok
13:14:28.0341 3636 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
13:14:28.0341 3636 NetBIOS - ok
13:14:28.0373 3636 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:14:28.0373 3636 NetBT - ok
13:14:28.0529 3636 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:14:28.0529 3636 Npfs - ok
13:14:28.0576 3636 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:14:28.0591 3636 Ntfs - ok
13:14:28.0623 3636 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:14:28.0623 3636 Null - ok
13:14:29.0044 3636 nv (5e640f37801f2d4152d11595218915cd) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:14:29.0591 3636 nv - ok
13:14:29.0732 3636 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:14:29.0732 3636 NwlnkFlt - ok
13:14:29.0763 3636 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:14:29.0779 3636 NwlnkFwd - ok
13:14:29.0826 3636 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
13:14:29.0826 3636 Parport - ok
13:14:29.0873 3636 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:14:29.0873 3636 PartMgr - ok
13:14:29.0904 3636 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
13:14:29.0904 3636 ParVdm - ok
13:14:30.0404 3636 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\drivers\pci.sys
13:14:30.0435 3636 PCI - ok
13:14:30.0638 3636 PCIDump - ok
13:14:30.0998 3636 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\pciide.sys
13:14:30.0998 3636 PCIIde - ok
13:14:32.0779 3636 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:14:32.0779 3636 Pcmcia - ok
13:14:32.0982 3636 PDCOMP - ok
13:14:33.0060 3636 PDFRAME - ok
13:14:33.0607 3636 PDRELI - ok
13:14:33.0685 3636 PDRFRAME - ok
13:14:33.0794 3636 perc2 - ok
13:14:34.0185 3636 perc2hib - ok
13:14:34.0513 3636 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:14:34.0560 3636 PptpMiniport - ok
13:14:34.0701 3636 PROCEXP151 - ok
13:14:34.0857 3636 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
13:14:34.0873 3636 PSched - ok
13:14:35.0154 3636 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:14:35.0185 3636 Ptilink - ok
13:14:35.0310 3636 ql1080 - ok
13:14:35.0466 3636 Ql10wnt - ok
13:14:35.0529 3636 ql12160 - ok
13:14:35.0763 3636 ql1240 - ok
13:14:35.0826 3636 ql1280 - ok
13:14:35.0888 3636 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:14:35.0888 3636 RasAcd - ok
13:14:36.0435 3636 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:14:36.0435 3636 Rasl2tp - ok
13:14:36.0560 3636 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:14:36.0560 3636 RasPppoe - ok
13:14:36.0591 3636 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:14:36.0591 3636 Raspti - ok
13:14:36.0638 3636 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:14:36.0638 3636 Rdbss - ok
13:14:36.0701 3636 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:14:36.0716 3636 RDPCDD - ok
13:14:36.0748 3636 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
13:14:36.0810 3636 RDPWD - ok
13:14:37.0013 3636 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:14:37.0013 3636 redbook - ok
13:14:37.0185 3636 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\WINDOWS\system32\drivers\SCDEmu.sys
13:14:37.0185 3636 SCDEmu - ok
13:14:37.0326 3636 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:14:37.0341 3636 Secdrv - ok
13:14:37.0466 3636 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
13:14:37.0466 3636 Serial - ok
13:14:37.0607 3636 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:14:37.0607 3636 Sfloppy - ok
13:14:37.0701 3636 Simbad - ok
13:14:38.0060 3636 Sparrow - ok
13:14:38.0138 3636 SPBBCDrv (d7bb213566e16bca372e2cb517eda907) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
13:14:38.0263 3636 SPBBCDrv - ok
13:14:38.0373 3636 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:14:38.0373 3636 splitter - ok
13:14:38.0419 3636 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
13:14:38.0435 3636 sr - ok
13:14:38.0513 3636 SRTSP (4d61a5c45f82e02e73019cd4b31ba6e0) C:\WINDOWS\system32\Drivers\SRTSP.SYS
13:14:38.0513 3636 SRTSP - ok
13:14:38.0544 3636 SRTSPL (932381c43c212901b38f30d6b1b54bf6) C:\WINDOWS\system32\Drivers\SRTSPL.SYS
13:14:38.0623 3636 SRTSPL - ok
13:14:38.0841 3636 SRTSPX (0fbda1995a1389ee36e5c9335c4ea3eb) C:\WINDOWS\system32\Drivers\SRTSPX.SYS
13:14:38.0841 3636 SRTSPX - ok
13:14:39.0091 3636 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
13:14:39.0091 3636 Srv - ok
13:14:39.0185 3636 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:14:39.0185 3636 swenum - ok
13:14:39.0419 3636 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:14:39.0419 3636 swmidi - ok
13:14:39.0607 3636 symc810 - ok
13:14:39.0623 3636 symc8xx - ok
13:14:39.0669 3636 SymEvent (c5eafb6a8c73fb26b73ee613c1a5aef6) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
13:14:39.0716 3636 SymEvent - ok
13:14:39.0732 3636 SYMREDRV (be3c117150c055e50a4caf23e548c856) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
13:14:39.0732 3636 SYMREDRV - ok
13:14:39.0763 3636 SYMTDI (7b0af4e22b32f8c5bfba5a5d53522160) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
13:14:39.0763 3636 SYMTDI - ok
13:14:39.0763 3636 sym_hi - ok
13:14:39.0779 3636 sym_u3 - ok
13:14:39.0810 3636 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:14:39.0810 3636 sysaudio - ok
13:14:39.0888 3636 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:14:39.0888 3636 Tcpip - ok
13:14:39.0919 3636 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:14:39.0966 3636 TDPIPE - ok
13:14:39.0998 3636 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:14:40.0029 3636 TDTCP - ok
13:14:40.0123 3636 Teefer2 (0dc098cc18a974e7c1e96e6846bd06e4) C:\WINDOWS\system32\DRIVERS\teefer2.sys
13:14:40.0123 3636 Teefer2 - ok
13:14:40.0169 3636 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:14:40.0169 3636 TermDD - ok
13:14:40.0185 3636 TosIde - ok
13:14:40.0263 3636 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:14:40.0263 3636 Udfs - ok
13:14:40.0279 3636 ultra - ok
13:14:40.0326 3636 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
13:14:40.0341 3636 Update - ok
13:14:40.0388 3636 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:14:40.0388 3636 usbehci - ok
13:14:40.0529 3636 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:14:40.0529 3636 usbhub - ok
13:14:40.0623 3636 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:14:40.0638 3636 usbscan - ok
13:14:40.0669 3636 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:14:40.0685 3636 usbstor - ok
13:14:40.0701 3636 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:14:40.0701 3636 usbuhci - ok
13:14:40.0732 3636 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:14:40.0732 3636 VgaSave - ok
13:14:40.0732 3636 ViaIde - ok
13:14:40.0763 3636 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
13:14:40.0763 3636 VolSnap - ok
13:14:40.0779 3636 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:14:40.0779 3636 Wanarp - ok
13:14:40.0810 3636 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
13:14:40.0810 3636 wanatw - ok
13:14:40.0826 3636 WDICA - ok
13:14:40.0873 3636 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:14:40.0873 3636 wdmaud - ok
13:14:41.0091 3636 WPS (e52098e11a66288106d1ff4951c681e5) C:\WINDOWS\system32\drivers\wpsdrvnt.sys
13:14:41.0091 3636 WPS - ok
13:14:41.0107 3636 WpsHelper (ff983a25ae6f7d3f87f26bf51f02a201) C:\WINDOWS\system32\drivers\WpsHelper.sys
13:14:41.0107 3636 WpsHelper - ok
13:14:41.0169 3636 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:14:41.0185 3636 WudfPf - ok
13:14:41.0201 3636 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:14:41.0216 3636 WudfRd - ok
13:14:41.0263 3636 MBR (0x1B8) (1f753b395539269a3484aecd505b79bd) \Device\Harddisk0\DR0
13:14:41.0294 3636 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
13:14:41.0294 3636 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
13:14:41.0326 3636 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR2
13:14:41.0341 3636 \Device\Harddisk1\DR2 - ok
13:14:41.0341 3636 Boot (0x1200) (40e05d4faad69ed8e81d1e88f8ceebb5) \Device\Harddisk0\DR0\Partition0
13:14:41.0341 3636 \Device\Harddisk0\DR0\Partition0 - ok
13:14:41.0357 3636 Boot (0x1200) (b8fa847d3da01391c9c55a229a0a7e10) \Device\Harddisk1\DR2\Partition0
13:14:41.0357 3636 \Device\Harddisk1\DR2\Partition0 - ok
13:14:41.0357 3636 ============================================================
13:14:41.0357 3636 Scan finished
13:14:41.0357 3636 ============================================================
13:14:41.0373 2352 Detected object count: 1
13:14:41.0373 2352 Actual detected object count: 1
13:15:04.0185 2352 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
13:15:04.0185 2352 \Device\Harddisk0\DR0 - ok
13:15:04.0185 2352 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
13:15:41.0763 1592 Deinitialize success


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-01-16 16:37:30
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD1600AAJS-00M0A0 rev.01.03E01
Running: cse949qd.exe; Driver: C:\DOCUME~1\User\LOCALS~1\Temp\kwdcqpog.sys


---- System - GMER 1.0.15 ----

SSDT 86D328E0 ZwAlertResumeThread
SSDT 86C6C3F8 ZwAlertThread
SSDT 865F45D0 ZwAllocateVirtualMemory
SSDT 86D3C570 ZwConnectPort
SSDT 866026E0 ZwCreateMutant
SSDT 86D725A0 ZwCreateThread
SSDT 860442D0 ZwFreeVirtualMemory
SSDT 86C7B658 ZwImpersonateAnonymousToken
SSDT 86CA2550 ZwImpersonateThread
SSDT 86044E60 ZwMapViewOfSection
SSDT 86045218 ZwOpenEvent
SSDT 86CBA410 ZwOpenProcessToken
SSDT 865E6690 ZwOpenThreadToken
SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (Symantec CMC Firewall WPS/Symantec Corporation) ZwProtectVirtualMemory [0xF78476B0]
SSDT 86056B20 ZwResumeThread
SSDT 862D6988 ZwSetContextThread
SSDT 862D5C20 ZwSetInformationProcess
SSDT 862CC998 ZwSetInformationThread
SSDT 86D3E8E0 ZwSuspendProcess
SSDT 86C845B8 ZwSuspendThread
SSDT 86C853E0 ZwTerminateProcess
SSDT 86D3E810 ZwTerminateThread
SSDT 85F2B2D0 ZwUnmapViewOfSection
SSDT 86CB8848 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2DE8 80504684 2 Bytes [90, 66]
.text ntkrnlpa.exe!ZwCallbackReturn + 2FD8 80504874 8 Bytes CALL C608CF4C
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF6A073A0, 0x5FDFF2, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\SearchIndexer.exe[388] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9E78] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9F05] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D64] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CDD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CDD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D64] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9F05] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9F05] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CDD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D64] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9E78] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CDD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9F05] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D64] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9F05] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9E78] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CDD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D64] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9F05] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CDD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D64] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9E78] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9DEB] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9F05] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CDD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9F05] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9DEB] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9E78] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D64] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CDD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CDD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D64] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9E78] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9DEB] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\aol\1260462639\ee\aolsoftware.exe[3180] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9F05] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9E78] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9F05] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D64] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CDD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CDD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D64] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9F05] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9F05] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CDD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D64] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9E78] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CDD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9F05] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D64] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9F05] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9E78] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CDD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D64] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9F05] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CDD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D64] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9E78] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9DEB] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9F05] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CDD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9F05] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9DEB] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9E78] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D64] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CDD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CDD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D64] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9E78] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9DEB] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1260462639\ee\AOLSoftware.exe[3732] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9F05] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip wpsdrvnt.sys (Symantec CMC Firewall WPS/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp wpsdrvnt.sys (Symantec CMC Firewall WPS/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp wpsdrvnt.sys (Symantec CMC Firewall WPS/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp wpsdrvnt.sys (Symantec CMC Firewall WPS/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device \Driver\SYMTDI \Device\SymTDI wpsdrvnt.sys (Symantec CMC Firewall WPS/Symantec Corporation)

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Files - GMER 1.0.15 ----

File C:\WINDOWS\$NtUninstallKB22755$\1849964199 0 bytes
File C:\WINDOWS\$NtUninstallKB22755$\1849964199\L 0 bytes
File C:\WINDOWS\$NtUninstallKB22755$\1849964199\U 0 bytes
File C:\WINDOWS\$NtUninstallKB22755$\2836409042 0 bytes

---- EOF - GMER 1.0.15 ----

Thank you!

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:39 PM

Posted 16 January 2012 - 05:14 PM

Hello, TDSS found and removed a serious threat. Is it running better now?
I see Symantec removed a Fake AV. Lets be sure they are gone.

Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.



Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 ChapterOmega

ChapterOmega
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 17 January 2012 - 02:53 PM

The pc is running a lot faster now. Thank you very much for all your help!

Here are the results from Spyware doctor and Malwarebytes Full Scan (nothing was found on the quick scan)


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/17/2012 at 10:48 AM

Application Version : 5.0.1142

Core Rules Database Version : 8134
Trace Rules Database Version: 5946

Scan type : Complete Scan
Total Scan Time : 01:46:38

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 609
Memory threats detected : 0
Registry items scanned : 36707
Registry threats detected : 0
File items scanned : 146256
File threats detected : 551

Adware.Tracking Cookie
C:\Documents and Settings\User\Cookies\user@adinterax[2].txt [ /adinterax ]
C:\Documents and Settings\User\Cookies\user@in.getclicky[1].txt [ /in.getclicky ]
C:\Documents and Settings\User\Cookies\user@interclick[2].txt [ /interclick ]
C:\Documents and Settings\User\Cookies\user@t.invitemedia[1].txt [ /t.invitemedia ]
C:\Documents and Settings\User\Cookies\user@www.windowsmedia[2].txt [ /www.windowsmedia ]
C:\Documents and Settings\User\Cookies\9P62JQIL.txt [ /pfa.rotator.hadj7.adjuggler.net ]
C:\Documents and Settings\User\Cookies\RQGCBD3T.txt [ /legolas-media.com ]
C:\Documents and Settings\User\Cookies\XAGESFGO.txt [ /insightexpressai.com ]
C:\Documents and Settings\User\Cookies\FQQCS12P.txt [ /imrworldwide.com ]
C:\Documents and Settings\User\Cookies\D8DNIKLK.txt [ /serving-sys.com ]
C:\Documents and Settings\User\Cookies\643BED0O.txt [ /pointroll.com ]
C:\Documents and Settings\User\Cookies\RT0H0OUZ.txt [ /invitemedia.com ]
C:\Documents and Settings\User\Cookies\HVD6PV9D.txt [ /adbrite.com ]
C:\Documents and Settings\User\Cookies\5YUSS3XN.txt [ /fastclick.net ]
C:\Documents and Settings\User\Cookies\FN51M0YV.txt [ /yieldmanager.net ]
C:\Documents and Settings\User\Cookies\NY22P0GQ.txt [ /www.burstnet.com ]
C:\Documents and Settings\User\Cookies\5OR33CTK.txt [ /pro-market.net ]
C:\Documents and Settings\User\Cookies\O925RQMB.txt [ /ru4.com ]
C:\Documents and Settings\User\Cookies\CCK524J7.txt [ /apmebf.com ]
C:\Documents and Settings\User\Cookies\0TJR51MI.txt [ /ad.yieldmanager.com ]
C:\Documents and Settings\User\Cookies\4M2H1GDK.txt [ /adxpose.com ]
C:\Documents and Settings\User\Cookies\0HO5WK5M.txt [ /revsci.net ]
C:\Documents and Settings\User\Cookies\LO29941T.txt [ /tribalfusion.com ]
C:\Documents and Settings\User\Cookies\RVAJ9QA5.txt [ /burstnet.com ]
C:\Documents and Settings\User\Cookies\VDGNL8YP.txt [ /media6degrees.com ]
C:\Documents and Settings\User\Cookies\GYYQJWG2.txt [ /adserver.adtechus.com ]
C:\Documents and Settings\User\Cookies\IEK288YB.txt [ /dc.tremormedia.com ]
C:\Documents and Settings\User\Cookies\FHXT05U8.txt [ /questionmarket.com ]
C:\Documents and Settings\User\Cookies\RSW8I7RA.txt [ /t.pointroll.com ]
C:\Documents and Settings\User\Cookies\ZN9419NP.txt [ /atdmt.com ]
C:\Documents and Settings\User\Cookies\97GVINQ9.txt [ /collective-media.net ]
C:\Documents and Settings\User\Cookies\CZVC3AHS.txt [ /intermundomedia.com ]
C:\Documents and Settings\User\Cookies\D2NAGS3C.txt [ /realmedia.com ]
C:\Documents and Settings\User\Cookies\KOQ6I9PW.txt [ /ads.pointroll.com ]
C:\Documents and Settings\User\Cookies\03EXG6NJ.txt [ /lucidmedia.com ]
C:\Documents and Settings\User\Cookies\ED0AMZ0Q.txt [ /ad.wsod.com ]
C:\Documents and Settings\User\Cookies\0YC6SCNU.txt [ /network.realmedia.com ]
C:\Documents and Settings\User\Cookies\5IUZOR5A.txt [ /at.atwola.com ]
C:\Documents and Settings\User\Cookies\TCJR6ZVA.txt [ /zedo.com ]
C:\Documents and Settings\User\Cookies\FYFI4KNQ.txt [ /doubleclick.net ]
C:\Documents and Settings\User\Cookies\5N50CWTB.txt [ /mediaplex.com ]
C:\Documents and Settings\User\Cookies\IOYFS09Q.txt [ /msnportal.112.2o7.net ]
C:\Documents and Settings\User\Cookies\SR82OKPV.txt [ /r1-ads.ace.advertising.com ]
C:\Documents and Settings\User\Cookies\PUY8GHGD.txt [ /c.atdmt.com ]
C:\Documents and Settings\User\Cookies\KIAHDE1L.txt [ /advertising.com ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\NL7FXOXQ.txt [ Cookie:system@ru4.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\1QY52WQE.txt [ Cookie:system@imrworldwide.com/cgi-bin ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\ISY7DCWR.txt [ Cookie:system@www.burstnet.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\AJGHWPK0.txt [ Cookie:system@fastclick.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\78HABSES.txt [ Cookie:system@dc.tremormedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\49RQQ1IN.txt [ Cookie:system@google.com/intl/en/ads/affiliatenetwork/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\GDKXYSUO.txt [ Cookie:system@media6degrees.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\9B42T8J0.txt [ Cookie:system@revsci.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\88S1UF8N.txt [ Cookie:system@atdmt.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\X2VM9LQR.txt [ Cookie:system@doubleclick.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\G40DDRJL.txt [ Cookie:system@eyeviewads.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\HGDIGS2M.txt [ Cookie:system@lucidmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\XZX1IX0K.txt [ Cookie:system@adinterax.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\4V0NS1DJ.txt [ Cookie:system@accounts.google.com/accounts/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\JC9ZUR2F.txt [ Cookie:system@collective-media.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\62L9KQ91.txt [ Cookie:system@realmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\BVP3RQNC.txt [ Cookie:system@burstnet.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\E6GHG9OZ.txt [ Cookie:system@adbrite.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\QILAREJC.txt [ Cookie:system@ggpublishing.rotator.hadj7.adjuggler.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\BTC4EZCD.txt [ Cookie:system@yieldmanager.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\Y1IT8NFN.txt [ Cookie:system@apmebf.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\NU435BI9.txt [ Cookie:system@adxpose.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\K9GL36UI.txt [ Cookie:system@pro-market.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\YJEI2X0S.txt [ Cookie:system@casalemedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\72MAXVYK.txt [ Cookie:system@bizzclick.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\40LLSO0H.txt [ Cookie:system@tag.2bluemedia.hiro.tv/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\TFNNI6HJ.txt [ Cookie:system@questionmarket.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\5TZCX05V.txt [ Cookie:system@r1-ads.ace.advertising.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\HPPA3V36.txt [ Cookie:system@network.realmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\0DYB1PN6.txt [ Cookie:system@tribalfusion.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\K4I3WWDJ.txt [ Cookie:system@adtech.de/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\C7DXLM17.txt [ Cookie:system@advertising.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\VGITWTPW.txt [ Cookie:system@citi.bridgetrack.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\B3UA4KW5.txt [ Cookie:system@ru4.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\1FSHN44C.txt [ Cookie:system@imrworldwide.com/cgi-bin ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\PGO8Q1WR.txt [ Cookie:system@www.burstnet.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\5QFL2E5Y.txt [ Cookie:system@media6degrees.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\L6E5DAO1.txt [ Cookie:system@revsci.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\H5WR00PM.txt [ Cookie:system@atdmt.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\EIE25GG7.txt [ Cookie:system@doubleclick.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\D32D6E4P.txt [ Cookie:system@lucidmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\GZ007RE7.txt [ Cookie:system@collective-media.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\DD830MSL.txt [ Cookie:system@littlegreenfind.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\5TR44067.txt [ Cookie:system@realmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\ZIY2XLMY.txt [ Cookie:system@burstnet.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\IJA7SC77.txt [ Cookie:system@adbrite.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\F3QRQ5O2.txt [ Cookie:system@apmebf.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\QQSS9H7Q.txt [ Cookie:system@adxpose.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\8XB3VPWS.txt [ Cookie:system@ad2.adfarm1.adition.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\DKVT6L8X.txt [ Cookie:system@pro-market.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\TBDC6DDX.txt [ Cookie:system@casalemedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\WBWZ50HW.txt [ Cookie:system@bizzclick.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\K3VWWH3H.txt [ Cookie:system@tag.2bluemedia.hiro.tv/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\35U81RYQ.txt [ Cookie:system@filter.plusfind.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\HIRPH27B.txt [ Cookie:system@r1-ads.ace.advertising.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\X21X79UC.txt [ Cookie:system@tribalfusion.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\EN2PTG16.txt [ Cookie:system@statcounter.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\EA4DHLWF.txt [ Cookie:system@mediaservices-d.openxenterprise.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\RZI942FV.txt [ Cookie:system@cdn.jemamedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\BJKP6RBL.txt [ Cookie:system@advertising.com/ ]
ad.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
art.aim4media.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
cdn.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
cdn.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
content.yieldmanager.edgesuite.net [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
convoad.technoratimedia.net [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
crackle.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
media.heavy.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
media.mtvnservices.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
media.oprah.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
media1.break.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
mediacast.realgravity.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
msnbcmedia.msn.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
objects.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
s0.2mdn.net [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
secure-uk.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
secure-us.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
sftrack.searchforce.net [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
tag.2bluemedia.hiro.tv [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
www.goodcholesterolcount.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\E22R259N ]
ad.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HKRS4Q8M ]
cdn.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HKRS4Q8M ]
cdn.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HKRS4Q8M ]
media.mtvnservices.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HKRS4Q8M ]
media1.break.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HKRS4Q8M ]
objects.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HKRS4Q8M ]
secure-uk.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HKRS4Q8M ]
secure-us.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HKRS4Q8M ]
sftrack.searchforce.net [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HKRS4Q8M ]
tag.2bluemedia.hiro.tv [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HKRS4Q8M ]
ad.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\C6YZAN9P ]
adserv6.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\C6YZAN9P ]
cdn.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\C6YZAN9P ]
cdn.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\C6YZAN9P ]
content.yieldmanager.edgesuite.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\C6YZAN9P ]
countdownpage.createyourcountdown.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\C6YZAN9P ]
ia.media-imdb.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\C6YZAN9P ]
macromedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\C6YZAN9P ]
objects.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\C6YZAN9P ]
s0.2mdn.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\C6YZAN9P ]
speed.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\C6YZAN9P ]
user.lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
auslieferung.commindo-media-ressourcen.de [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.edgeadx.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.supermediastore.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.supermediastore.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.supermediastore.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
www.supermediastore.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
ads.react2media.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
s08.flagcounter.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.laminateclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.laminateclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
counters.gigya.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
adserv.rotator.hadj7.adjuggler.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.adtechus.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.specificmedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
track.vipgamesnetwork.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
adserv.rotator.hadj7.adjuggler.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.edgeadx.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.indieclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
trafficmack.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
optimize.indieclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
optimize.indieclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.adcentriconline.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.track.supercoolprizes.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.track.supercoolprizes.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.mediaforge.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.xm.xtendmedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.amtk-media.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.amtk-media.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.mm.chitika.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.media2.legacy.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.intermundomedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.intermundomedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.chimeraadvertising.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.stats.ilivid.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.andomedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.mediabrandsww.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
hhm.rotator.hadj7.adjuggler.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
hhm.rotator.hadj7.adjuggler.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.akamai.interclickproxy.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.bizfind.us [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.bizfind.us [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.bizfind.us [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
ads.react2media.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
hhm.rotator.hadj7.adjuggler.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.megaclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
cdn.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
cdn.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
cdn.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
adup.rotator.hadj7.adjuggler.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
adup.rotator.hadj7.adjuggler.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
adup.rotator.hadj7.adjuggler.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.artcitymedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
adserv6.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
adserv6.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
mediaservices-d.openxenterprise.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.f.megaclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.f.megaclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.f.megaclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.click.payperclick.co.il [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.mediaarmor.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
copilot.mediaarmor.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
web-traffic-analysis.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.orange-advertising.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.r1-ads.ace.advertising.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
track.prd1.netshelter.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.microsoftsto.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S0BEVDXW.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c1.atdmt.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.getclicky.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.static.getclicky.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.timeinc.122.2o7.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.r1-ads.ace.advertising.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hearstugo.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.akamai.interclickproxy.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dmtracker.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.saymedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.saymedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.w3counter.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cbs.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.iad.liveperson.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 344376
Time elapsed: 1 hour(s), 21 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 6
C:\System Volume Information\_restore{0F4F3E1C-9D76-4C57-8CF3-51CB7E35519C}\RP181\A0027328.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0F4F3E1C-9D76-4C57-8CF3-51CB7E35519C}\RP181\A0027325.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0F4F3E1C-9D76-4C57-8CF3-51CB7E35519C}\RP181\A0027326.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0F4F3E1C-9D76-4C57-8CF3-51CB7E35519C}\RP181\A0027327.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0F4F3E1C-9D76-4C57-8CF3-51CB7E35519C}\RP181\A0027329.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0F4F3E1C-9D76-4C57-8CF3-51CB7E35519C}\RP181\A0027330.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.

(end)

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:39 PM

Posted 17 January 2012 - 03:21 PM

Nice!! Looks good to me and you're welcome.

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 ChapterOmega

ChapterOmega
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 18 January 2012 - 09:57 AM

I made a new restore point and cleaned up the old ones. Thank you again for your help, and thank you for posting the preventative links as well, hopefully they will help in stopping this from happening again.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:39 PM

Posted 18 January 2012 - 04:58 PM

You're welcome... I forgot one item. You need to remove this and update Java,,,OLD -->> Java™ 6 Update 24 (Version: 6.0.240)

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u2-windows-i586.exe (or jre-7u2-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 ChapterOmega

ChapterOmega
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 20 January 2012 - 09:10 AM

I fixed Java as well. Thanks again, the computer is running almost as good as new!

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:39 PM

Posted 20 January 2012 - 09:52 PM

You're welcome.. Create another point so you know all is good at this one.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users