HJT logi

Logfile of HijackThis v1.99.1
Scan saved at 20:10:56, on 19.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Billionton\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Billionton\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\MSN Messenger\dw.exe
C:\Program Files\Microsoft Office\Office10\EXCEL.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Nikke\Desktop\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uwasa.fi/
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [*windows update] wuaruclt.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\RunServices: [*windows update] wuaruclt.exe
O4 - HKCU\..\Run: [*windows update] wuaruclt.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Lähetä &Bluetooth-laitteeseen - C:\Program Files\Billionton\Bluetooth-ohjelmisto\btsendto_ie_ctx.htm
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Billionton\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Billionton\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1104249563372
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Billionton\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

tänään alko ongelmat muutama tunti sitten. ei käynnisty resurssienhallinta eikä virustentorjuntaohjelma. just hikisesti nettiin pääsen.

 

Ja Rbottia tyrkkää

Siirrä HjT omaan hakemistoonsa -> c:\hjt

Fixaa HjT:llä (do a system scan only, merkkaa nämä ja paina fix checked):

R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [*windows update] wuaruclt.exe
O4 - HKLM\..\RunServices: [*windows update] wuaruclt.exe
O4 - HKCU\..\Run: [*windows update] wuaruclt.exe

Etsi Etsi-toiminnolla ja poista, jos löytyy (myös piilotiedostoista):

wuaruclt.exe

Hae ja asenna ewido noiden ohjeiden mukaan ja tallenna raportti ->http://keskustelu.afterdawn.com/thread_view.cfm/269186

Käynnistä uudelleen, lähetä uusi HjT-loki ja ewidon raportti.

 

noniin, pitkää listaa tulossa:



Logfile of HijackThis v1.99.1
Scan saved at 21:15:54, on 19.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Billionton\Bluetooth-ohjelmisto\BTTray.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Office\Office10\POWERPNT.EXE
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\Billionton\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Nikke\Desktop\HijackThis.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uwasa.fi/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Lähetä &Bluetooth-laitteeseen - C:\Program Files\Billionton\Bluetooth-ohjelmisto\btsendto_ie_ctx.htm
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Billionton\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Billionton\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1104249563372
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Billionton\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe





---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 21:10:20, 19.2.2006
+ Report-Checksum: 34C8174A

+ Scan result:

HKLM\SOFTWARE\Media Access -> Adware.WinAD : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup
HKLM\SOFTWARE\SearchRelevancy -> Adware.SearchRelevancy : Cleaned with backup
HKLM\SOFTWARE\SearchRelevancy\Update -> Adware.SearchRelevancy : Cleaned with backup
HKU\.DEFAULT\Software\salm -> Adware.180Solutions : Cleaned with backup
HKU\S-1-5-21-1757981266-1957994488-725345543-1003\Software\LAWGA -> Adware.Richfind : Cleaned with backup
HKU\S-1-5-21-1757981266-1957994488-725345543-1003\Software\LAWGA\Local -> Adware.Richfind : Cleaned with backup
HKU\S-1-5-18\Software\salm -> Adware.180Solutions : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Nikke\Application Data\Mozilla\Firefox\Profiles\hdmri81d.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Nikke\Application Data\Mozilla\Firefox\Profiles\hdmri81d.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Nikke\Application Data\Mozilla\Firefox\Profiles\hdmri81d.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Nikke\Application Data\Mozilla\Firefox\Profiles\hdmri81d.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Nikke\Application Data\Mozilla\Firefox\Profiles\hdmri81d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Nikke\Application Data\Mozilla\Firefox\Profiles\hdmri81d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Nikke\Application Data\Mozilla\Firefox\Profiles\hdmri81d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Nikke\Application Data\Mozilla\Firefox\Profiles\hdmri81d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Nikke\Application Data\Mozilla\Firefox\Profiles\hdmri81d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Nikke\Application Data\Mozilla\Firefox\Profiles\hdmri81d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Nikke\Application Data\Mozilla\Firefox\Profiles\hdmri81d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Nikke\Application Data\Mozilla\Firefox\Profiles\hdmri81d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Nikke\Application Data\Mozilla\Firefox\Profiles\hdmri81d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
C:\Documents and Settings\Nikke\Cookies\nikke@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Nikke\Cookies\nikke@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Nikke\Cookies\nikke@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Nikke\Cookies\nikke@estat[1].txt -> TrackingCookie.Estat : Cleaned with backup
C:\Documents and Settings\Nikke\Cookies\nikke@microsoftwga.112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Nikke\Cookies\nikke@paypopup[2].txt -> TrackingCookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Nikke\Cookies\nikke@popunder.paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Nikke\Cookies\nikke@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Nikke\Cookies\nikke@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Nikke\Cookies\nikke@z1.adserver[2].txt -> TrackingCookie.Adserver : Cleaned with backup
C:\Documents and Settings\Nikke\Local Settings\Temporary Internet Files\Content.IE5\UFUB212Z\loader2[1].htm -> Not-A-Virus.Exploit.VBS.Phel.n : Cleaned with backup
C:\Documents and Settings\Nikke\Start Menu\Programs\WhenU -> Adware.SaveNow : Cleaned with backup
C:\Documents and Settings\Nikke\Start Menu\Programs\WhenU\Uninstall.lnk -> Adware.SaveNow : Cleaned with backup
C:\Program Files\Canon\MP Navigator 1.1\mpn.exe -> Not-A-Virus.NetTool.Win32.CalcDNet.d : Cleaned with backup
:mozilla.33:C:\RECYCLER\NPROTECT\00032324.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.41:C:\RECYCLER\NPROTECT\00032324.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032324.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.9:C:\RECYCLER\NPROTECT\00032325.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.40:C:\RECYCLER\NPROTECT\00032325.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032325.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.15:C:\RECYCLER\NPROTECT\00032328.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.40:C:\RECYCLER\NPROTECT\00032328.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032328.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.7:C:\RECYCLER\NPROTECT\00032332.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.40:C:\RECYCLER\NPROTECT\00032332.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032332.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.7:C:\RECYCLER\NPROTECT\00032333.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.40:C:\RECYCLER\NPROTECT\00032333.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032333.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.7:C:\RECYCLER\NPROTECT\00032336.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.40:C:\RECYCLER\NPROTECT\00032336.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032336.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.7:C:\RECYCLER\NPROTECT\00032337.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.40:C:\RECYCLER\NPROTECT\00032337.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032337.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.7:C:\RECYCLER\NPROTECT\00032339.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.40:C:\RECYCLER\NPROTECT\00032339.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032339.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.7:C:\RECYCLER\NPROTECT\00032341.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.40:C:\RECYCLER\NPROTECT\00032341.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032341.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.7:C:\RECYCLER\NPROTECT\00032343.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.40:C:\RECYCLER\NPROTECT\00032343.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032343.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.7:C:\RECYCLER\NPROTECT\00032845.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.40:C:\RECYCLER\NPROTECT\00032845.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032845.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.8:C:\RECYCLER\NPROTECT\00032846.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.39:C:\RECYCLER\NPROTECT\00032846.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.40:C:\RECYCLER\NPROTECT\00032846.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.10:C:\RECYCLER\NPROTECT\00032847.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.41:C:\RECYCLER\NPROTECT\00032847.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.42:C:\RECYCLER\NPROTECT\00032847.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.10:C:\RECYCLER\NPROTECT\00032848.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.41:C:\RECYCLER\NPROTECT\00032848.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.42:C:\RECYCLER\NPROTECT\00032848.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.13:C:\RECYCLER\NPROTECT\00032849.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.44:C:\RECYCLER\NPROTECT\00032849.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.45:C:\RECYCLER\NPROTECT\00032849.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.13:C:\RECYCLER\NPROTECT\00032850.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.44:C:\RECYCLER\NPROTECT\00032850.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.45:C:\RECYCLER\NPROTECT\00032850.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.14:C:\RECYCLER\NPROTECT\00032852.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.45:C:\RECYCLER\NPROTECT\00032852.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032852.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.14:C:\RECYCLER\NPROTECT\00032853.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.45:C:\RECYCLER\NPROTECT\00032853.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032853.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.15:C:\RECYCLER\NPROTECT\00032854.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032854.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032854.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.15:C:\RECYCLER\NPROTECT\00032855.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032855.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032855.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.16:C:\RECYCLER\NPROTECT\00032856.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032856.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032856.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.16:C:\RECYCLER\NPROTECT\00032858.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032858.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032858.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.16:C:\RECYCLER\NPROTECT\00032859.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032859.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032859.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.16:C:\RECYCLER\NPROTECT\00032864.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032864.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032864.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00032865.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032865.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032865.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00032930.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032930.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032930.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00032931.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032931.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032931.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00032932.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032932.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032932.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00032934.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032934.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032934.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00032936.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032936.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032936.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00032937.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032937.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032937.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00032939.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032939.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032939.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.9:C:\RECYCLER\NPROTECT\00032941.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032941.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032941.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.9:C:\RECYCLER\NPROTECT\00032942.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032942.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032942.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.7:C:\RECYCLER\NPROTECT\00032943.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032943.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032943.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.7:C:\RECYCLER\NPROTECT\00032944.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032944.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032944.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.7:C:\RECYCLER\NPROTECT\00032947.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032947.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032947.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.8:C:\RECYCLER\NPROTECT\00032948.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032948.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032948.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.8:C:\RECYCLER\NPROTECT\00032949.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032949.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032949.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.8:C:\RECYCLER\NPROTECT\00032950.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032950.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032950.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.8:C:\RECYCLER\NPROTECT\00032954.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032954.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032954.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.8:C:\RECYCLER\NPROTECT\00032979.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032979.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032979.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.8:C:\RECYCLER\NPROTECT\00032980.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032980.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032980.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.8:C:\RECYCLER\NPROTECT\00032983.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00032983.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\RECYCLER\NPROTECT\00032983.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.11:C:\RECYCLER\NPROTECT\00032986.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.49:C:\RECYCLER\NPROTECT\00032986.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.50:C:\RECYCLER\NPROTECT\00032986.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.11:C:\RECYCLER\NPROTECT\00032990.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.49:C:\RECYCLER\NPROTECT\00032990.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.50:C:\RECYCLER\NPROTECT\00032990.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.12:C:\RECYCLER\NPROTECT\00032991.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.50:C:\RECYCLER\NPROTECT\00032991.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.51:C:\RECYCLER\NPROTECT\00032991.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.12:C:\RECYCLER\NPROTECT\00033039.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.50:C:\RECYCLER\NPROTECT\00033039.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.51:C:\RECYCLER\NPROTECT\00033039.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.13:C:\RECYCLER\NPROTECT\00033042.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.50:C:\RECYCLER\NPROTECT\00033042.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.51:C:\RECYCLER\NPROTECT\00033042.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.13:C:\RECYCLER\NPROTECT\00033045.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.50:C:\RECYCLER\NPROTECT\00033045.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.51:C:\RECYCLER\NPROTECT\00033045.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.13:C:\RECYCLER\NPROTECT\00033080.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.50:C:\RECYCLER\NPROTECT\00033080.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.51:C:\RECYCLER\NPROTECT\00033080.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.17:C:\RECYCLER\NPROTECT\00033083.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.50:C:\RECYCLER\NPROTECT\00033083.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.51:C:\RECYCLER\NPROTECT\00033083.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00033084.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.51:C:\RECYCLER\NPROTECT\00033084.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.52:C:\RECYCLER\NPROTECT\00033084.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00033085.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.51:C:\RECYCLER\NPROTECT\00033085.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.52:C:\RECYCLER\NPROTECT\00033085.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00033087.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.51:C:\RECYCLER\NPROTECT\00033087.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.52:C:\RECYCLER\NPROTECT\00033087.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00033089.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.51:C:\RECYCLER\NPROTECT\00033089.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.52:C:\RECYCLER\NPROTECT\00033089.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00033092.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.51:C:\RECYCLER\NPROTECT\00033092.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.52:C:\RECYCLER\NPROTECT\00033092.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00033098.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.51:C:\RECYCLER\NPROTECT\00033098.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.52:C:\RECYCLER\NPROTECT\00033098.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00033101.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.51:C:\RECYCLER\NPROTECT\00033101.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.52:C:\RECYCLER\NPROTECT\00033101.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00033102.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.51:C:\RECYCLER\NPROTECT\00033102.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.52:C:\RECYCLER\NPROTECT\00033102.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00033104.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.51:C:\RECYCLER\NPROTECT\00033104.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.52:C:\RECYCLER\NPROTECT\00033104.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00033105.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.51:C:\RECYCLER\NPROTECT\00033105.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.52:C:\RECYCLER\NPROTECT\00033105.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00033107.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.51:C:\RECYCLER\NPROTECT\00033107.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.52:C:\RECYCLER\NPROTECT\00033107.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00033117.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.51:C:\RECYCLER\NPROTECT\00033117.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.52:C:\RECYCLER\NPROTECT\00033117.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.20:C:\RECYCLER\NPROTECT\00033136.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.52:C:\RECYCLER\NPROTECT\00033136.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.53:C:\RECYCLER\NPROTECT\00033136.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\RECYCLER\NPROTECT\00033138.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00033138.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033138.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\RECYCLER\NPROTECT\00033141.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00033141.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033141.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\RECYCLER\NPROTECT\00033142.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00033142.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033142.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\RECYCLER\NPROTECT\00033143.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00033143.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033143.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\RECYCLER\NPROTECT\00033146.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00033146.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033146.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\RECYCLER\NPROTECT\00033147.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00033147.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033147.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\RECYCLER\NPROTECT\00033148.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00033148.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033148.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\RECYCLER\NPROTECT\00033150.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00033150.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033150.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\RECYCLER\NPROTECT\00033152.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00033152.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033152.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\RECYCLER\NPROTECT\00033153.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00033153.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033153.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\RECYCLER\NPROTECT\00033154.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00033154.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033154.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\RECYCLER\NPROTECT\00033156.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00033156.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033156.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\RECYCLER\NPROTECT\00033159.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00033159.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033159.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\RECYCLER\NPROTECT\00033160.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00033160.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033160.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\RECYCLER\NPROTECT\00033163.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00033163.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033163.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\RECYCLER\NPROTECT\00033164.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00033164.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033164.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\RECYCLER\NPROTECT\00033165.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00033165.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033165.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033167.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033167.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033167.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033169.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033169.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033169.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033170.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033170.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033170.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033171.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033171.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033171.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033172.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033172.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033172.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033175.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033175.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033175.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033176.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033176.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033176.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033177.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033177.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033177.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033178.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033178.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033178.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033181.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033181.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033181.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033182.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033182.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033182.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033183.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033183.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033183.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033184.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033184.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033184.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033191.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00033191.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033191.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.29:C:\RECYCLER\NPROTECT\00033206.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033206.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.57:C:\RECYCLER\NPROTECT\00033206.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.29:C:\RECYCLER\NPROTECT\00033208.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033208.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.57:C:\RECYCLER\NPROTECT\00033208.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.29:C:\RECYCLER\NPROTECT\00033210.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033210.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.57:C:\RECYCLER\NPROTECT\00033210.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.29:C:\RECYCLER\NPROTECT\00033231.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033231.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.57:C:\RECYCLER\NPROTECT\00033231.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.30:C:\RECYCLER\NPROTECT\00033232.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033232.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.57:C:\RECYCLER\NPROTECT\00033232.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.33:C:\RECYCLER\NPROTECT\00033233.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.59:C:\RECYCLER\NPROTECT\00033233.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.60:C:\RECYCLER\NPROTECT\00033233.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.33:C:\RECYCLER\NPROTECT\00033236.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.59:C:\RECYCLER\NPROTECT\00033236.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.60:C:\RECYCLER\NPROTECT\00033236.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.33:C:\RECYCLER\NPROTECT\00033239.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.59:C:\RECYCLER\NPROTECT\00033239.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.60:C:\RECYCLER\NPROTECT\00033239.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.33:C:\RECYCLER\NPROTECT\00033242.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.59:C:\RECYCLER\NPROTECT\00033242.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.60:C:\RECYCLER\NPROTECT\00033242.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.40:C:\RECYCLER\NPROTECT\00033243.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.63:C:\RECYCLER\NPROTECT\00033243.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.64:C:\RECYCLER\NPROTECT\00033243.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.40:C:\RECYCLER\NPROTECT\00033244.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.63:C:\RECYCLER\NPROTECT\00033244.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.64:C:\RECYCLER\NPROTECT\00033244.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.40:C:\RECYCLER\NPROTECT\00033247.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.63:C:\RECYCLER\NPROTECT\00033247.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.64:C:\RECYCLER\NPROTECT\00033247.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.40:C:\RECYCLER\NPROTECT\00033249.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.63:C:\RECYCLER\NPROTECT\00033249.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.64:C:\RECYCLER\NPROTECT\00033249.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.41:C:\RECYCLER\NPROTECT\00033263.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.64:C:\RECYCLER\NPROTECT\00033263.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.65:C:\RECYCLER\NPROTECT\00033263.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.42:C:\RECYCLER\NPROTECT\00033264.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.64:C:\RECYCLER\NPROTECT\00033264.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.65:C:\RECYCLER\NPROTECT\00033264.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.42:C:\RECYCLER\NPROTECT\00033267.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.64:C:\RECYCLER\NPROTECT\00033267.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.65:C:\RECYCLER\NPROTECT\00033267.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.42:C:\RECYCLER\NPROTECT\00033272.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.64:C:\RECYCLER\NPROTECT\00033272.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.65:C:\RECYCLER\NPROTECT\00033272.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.50:C:\RECYCLER\NPROTECT\00033273.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.65:C:\RECYCLER\NPROTECT\00033273.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.66:C:\RECYCLER\NPROTECT\00033273.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.50:C:\RECYCLER\NPROTECT\00033281.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.65:C:\RECYCLER\NPROTECT\00033281.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.66:C:\RECYCLER\NPROTECT\00033281.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.53:C:\RECYCLER\NPROTECT\00033293.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.68:C:\RECYCLER\NPROTECT\00033293.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.69:C:\RECYCLER\NPROTECT\00033293.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.53:C:\RECYCLER\NPROTECT\00033294.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.68:C:\RECYCLER\NPROTECT\00033294.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.69:C:\RECYCLER\NPROTECT\00033294.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033299.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.71:C:\RECYCLER\NPROTECT\00033299.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.72:C:\RECYCLER\NPROTECT\00033299.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033300.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.71:C:\RECYCLER\NPROTECT\00033300.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.72:C:\RECYCLER\NPROTECT\00033300.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033308.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.71:C:\RECYCLER\NPROTECT\00033308.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.72:C:\RECYCLER\NPROTECT\00033308.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033310.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.71:C:\RECYCLER\NPROTECT\00033310.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.72:C:\RECYCLER\NPROTECT\00033310.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00033312.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.71:C:\RECYCLER\NPROTECT\00033312.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.72:C:\RECYCLER\NPROTECT\00033312.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.58:C:\RECYCLER\NPROTECT\00033313.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.73:C:\RECYCLER\NPROTECT\00033313.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.74:C:\RECYCLER\NPROTECT\00033313.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.58:C:\RECYCLER\NPROTECT\00033316.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.73:C:\RECYCLER\NPROTECT\00033316.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.74:C:\RECYCLER\NPROTECT\00033316.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.58:C:\RECYCLER\NPROTECT\00033334.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.73:C:\RECYCLER\NPROTECT\00033334.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.74:C:\RECYCLER\NPROTECT\00033334.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.60:C:\RECYCLER\NPROTECT\00033335.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.75:C:\RECYCLER\NPROTECT\00033335.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.76:C:\RECYCLER\NPROTECT\00033335.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.60:C:\RECYCLER\NPROTECT\00033339.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.75:C:\RECYCLER\NPROTECT\00033339.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.76:C:\RECYCLER\NPROTECT\00033339.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.60:C:\RECYCLER\NPROTECT\00033340.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.75:C:\RECYCLER\NPROTECT\00033340.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.76:C:\RECYCLER\NPROTECT\00033340.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.60:C:\RECYCLER\NPROTECT\00033357.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.75:C:\RECYCLER\NPROTECT\00033357.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.76:C:\RECYCLER\NPROTECT\00033357.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.62:C:\RECYCLER\NPROTECT\00033359.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.77:C:\RECYCLER\NPROTECT\00033359.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.78:C:\RECYCLER\NPROTECT\00033359.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.62:C:\RECYCLER\NPROTECT\00033360.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.77:C:\RECYCLER\NPROTECT\00033360.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.78:C:\RECYCLER\NPROTECT\00033360.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.62:C:\RECYCLER\NPROTECT\00033361.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.77:C:\RECYCLER\NPROTECT\00033361.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.78:C:\RECYCLER\NPROTECT\00033361.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.62:C:\RECYCLER\NPROTECT\00033362.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.77:C:\RECYCLER\NPROTECT\00033362.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.78:C:\RECYCLER\NPROTECT\00033362.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.62:C:\RECYCLER\NPROTECT\00033368.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.77:C:\RECYCLER\NPROTECT\00033368.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.78:C:\RECYCLER\NPROTECT\00033368.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.62:C:\RECYCLER\NPROTECT\00033375.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.77:C:\RECYCLER\NPROTECT\00033375.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.78:C:\RECYCLER\NPROTECT\00033375.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.63:C:\RECYCLER\NPROTECT\00033376.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.78:C:\RECYCLER\NPROTECT\00033376.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.79:C:\RECYCLER\NPROTECT\00033376.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.63:C:\RECYCLER\NPROTECT\00033379.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.78:C:\RECYCLER\NPROTECT\00033379.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.79:C:\RECYCLER\NPROTECT\00033379.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.63:C:\RECYCLER\NPROTECT\00033380.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.78:C:\RECYCLER\NPROTECT\00033380.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.79:C:\RECYCLER\NPROTECT\00033380.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.64:C:\RECYCLER\NPROTECT\00033381.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.79:C:\RECYCLER\NPROTECT\00033381.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.80:C:\RECYCLER\NPROTECT\00033381.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.64:C:\RECYCLER\NPROTECT\00033385.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.79:C:\RECYCLER\NPROTECT\00033385.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.80:C:\RECYCLER\NPROTECT\00033385.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.66:C:\RECYCLER\NPROTECT\00033390.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.81:C:\RECYCLER\NPROTECT\00033390.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.82:C:\RECYCLER\NPROTECT\00033390.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.66:C:\RECYCLER\NPROTECT\00033393.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.81:C:\RECYCLER\NPROTECT\00033393.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.82:C:\RECYCLER\NPROTECT\00033393.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.66:C:\RECYCLER\NPROTECT\00033396.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.81:C:\RECYCLER\NPROTECT\00033396.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.82:C:\RECYCLER\NPROTECT\00033396.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.67:C:\RECYCLER\NPROTECT\00033397.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.82:C:\RECYCLER\NPROTECT\00033397.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.83:C:\RECYCLER\NPROTECT\00033397.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.67:C:\RECYCLER\NPROTECT\00033398.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.82:C:\RECYCLER\NPROTECT\00033398.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.83:C:\RECYCLER\NPROTECT\00033398.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.67:C:\RECYCLER\NPROTECT\00033400.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.82:C:\RECYCLER\NPROTECT\00033400.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.83:C:\RECYCLER\NPROTECT\00033400.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.67:C:\RECYCLER\NPROTECT\00033404.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.82:C:\RECYCLER\NPROTECT\00033404.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.83:C:\RECYCLER\NPROTECT\00033404.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.67:C:\RECYCLER\NPROTECT\00033409.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.82:C:\RECYCLER\NPROTECT\00033409.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.83:C:\RECYCLER\NPROTECT\00033409.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.69:C:\RECYCLER\NPROTECT\00033411.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.84:C:\RECYCLER\NPROTECT\00033411.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.85:C:\RECYCLER\NPROTECT\00033411.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.69:C:\RECYCLER\NPROTECT\00033421.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.84:C:\RECYCLER\NPROTECT\00033421.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.85:C:\RECYCLER\NPROTECT\00033421.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.69:C:\RECYCLER\NPROTECT\00033422.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.84:C:\RECYCLER\NPROTECT\00033422.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.85:C:\RECYCLER\NPROTECT\00033422.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.69:C:\RECYCLER\NPROTECT\00033423.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.84:C:\RECYCLER\NPROTECT\00033423.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.85:C:\RECYCLER\NPROTECT\00033423.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.69:C:\RECYCLER\NPROTECT\00033424.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.84:C:\RECYCLER\NPROTECT\00033424.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.85:C:\RECYCLER\NPROTECT\00033424.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.71:C:\RECYCLER\NPROTECT\00033425.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.86:C:\RECYCLER\NPROTECT\00033425.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.87:C:\RECYCLER\NPROTECT\00033425.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.71:C:\RECYCLER\NPROTECT\00033426.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.86:C:\RECYCLER\NPROTECT\00033426.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.87:C:\RECYCLER\NPROTECT\00033426.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.71:C:\RECYCLER\NPROTECT\00033427.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.86:C:\RECYCLER\NPROTECT\00033427.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.87:C:\RECYCLER\NPROTECT\00033427.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.71:C:\RECYCLER\NPROTECT\00033428.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.86:C:\RECYCLER\NPROTECT\00033428.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.87:C:\RECYCLER\NPROTECT\00033428.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.71:C:\RECYCLER\NPROTECT\00033429.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.86:C:\RECYCLER\NPROTECT\00033429.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.87:C:\RECYCLER\NPROTECT\00033429.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.71:C:\RECYCLER\NPROTECT\00033430.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.86:C:\RECYCLER\NPROTECT\00033430.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.87:C:\RECYCLER\NPROTECT\00033430.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.7:C:\RECYCLER\NPROTECT\00033431.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.8:C:\RECYCLER\NPROTECT\00033431.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.74:C:\RECYCLER\NPROTECT\00033431.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.89:C:\RECYCLER\NPROTECT\00033431.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.90:C:\RECYCLER\NPROTECT\00033431.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.8:C:\RECYCLER\NPROTECT\00033432.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.9:C:\RECYCLER\NPROTECT\00033432.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.75:C:\RECYCLER\NPROTECT\00033432.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.90:C:\RECYCLER\NPROTECT\00033432.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.91:C:\RECYCLER\NPROTECT\00033432.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.8:C:\RECYCLER\NPROTECT\00033433.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.9:C:\RECYCLER\NPROTECT\00033433.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.75:C:\RECYCLER\NPROTECT\00033433.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.90:C:\RECYCLER\NPROTECT\00033433.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.91:C:\RECYCLER\NPROTECT\00033433.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.8:C:\RECYCLER\NPROTECT\00033434.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.9:C:\RECYCLER\NPROTECT\00033434.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.75:C:\RECYCLER\NPROTECT\00033434.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.90:C:\RECYCLER\NPROTECT\00033434.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.91:C:\RECYCLER\NPROTECT\00033434.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.8:C:\RECYCLER\NPROTECT\00033435.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.9:C:\RECYCLER\NPROTECT\00033435.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.75:C:\RECYCLER\NPROTECT\00033435.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.90:C:\RECYCLER\NPROTECT\00033435.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.91:C:\RECYCLER\NPROTECT\00033435.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.8:C:\RECYCLER\NPROTECT\00033436.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.9:C:\RECYCLER\NPROTECT\00033436.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.75:C:\RECYCLER\NPROTECT\00033436.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.90:C:\RECYCLER\NPROTECT\00033436.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.91:C:\RECYCLER\NPROTECT\00033436.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.15:C:\RECYCLER\NPROTECT\00033437.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.16:C:\RECYCLER\NPROTECT\00033437.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.81:C:\RECYCLER\NPROTECT\00033437.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.96:C:\RECYCLER\NPROTECT\00033437.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.97:C:\RECYCLER\NPROTECT\00033437.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.15:C:\RECYCLER\NPROTECT\00033438.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.16:C:\RECYCLER\NPROTECT\00033438.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.81:C:\RECYCLER\NPROTECT\00033438.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.96:C:\RECYCLER\NPROTECT\00033438.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.97:C:\RECYCLER\NPROTECT\00033438.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.17:C:\RECYCLER\NPROTECT\00033439.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.18:C:\RECYCLER\NPROTECT\00033439.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.83:C:\RECYCLER\NPROTECT\00033439.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.98:C:\RECYCLER\NPROTECT\00033439.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.99:C:\RECYCLER\NPROTECT\00033439.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.17:C:\RECYCLER\NPROTECT\00033440.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.18:C:\RECYCLER\NPROTECT\00033440.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.83:C:\RECYCLER\NPROTECT\00033440.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.98:C:\RECYCLER\NPROTECT\00033440.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.99:C:\RECYCLER\NPROTECT\00033440.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.17:C:\RECYCLER\NPROTECT\00033441.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.18:C:\RECYCLER\NPROTECT\00033441.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.83:C:\RECYCLER\NPROTECT\00033441.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.98:C:\RECYCLER\NPROTECT\00033441.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.99:C:\RECYCLER\NPROTECT\00033441.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.17:C:\RECYCLER\NPROTECT\00033442.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.18:C:\RECYCLER\NPROTECT\00033442.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.83:C:\RECYCLER\NPROTECT\00033442.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.98:C:\RECYCLER\NPROTECT\00033442.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.99:C:\RECYCLER\NPROTECT\00033442.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.17:C:\RECYCLER\NPROTECT\00033443.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.18:C:\RECYCLER\NPROTECT\00033443.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.83:C:\RECYCLER\NPROTECT\00033443.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.98:C:\RECYCLER\NPROTECT\00033443.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.99:C:\RECYCLER\NPROTECT\00033443.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.17:C:\RECYCLER\NPROTECT\00033444.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.18:C:\RECYCLER\NPROTECT\00033444.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.83:C:\RECYCLER\NPROTECT\00033444.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.98:C:\RECYCLER\NPROTECT\00033444.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.99:C:\RECYCLER\NPROTECT\00033444.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.17:C:\RECYCLER\NPROTECT\00033445.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.18:C:\RECYCLER\NPROTECT\00033445.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.83:C:\RECYCLER\NPROTECT\00033445.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.98:C:\RECYCLER\NPROTECT\00033445.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.99:C:\RECYCLER\NPROTECT\00033445.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.17:C:\RECYCLER\NPROTECT\00033446.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.18:C:\RECYCLER\NPROTECT\00033446.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.83:C:\RECYCLER\NPROTECT\00033446.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.98:C:\RECYCLER\NPROTECT\00033446.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.99:C:\RECYCLER\NPROTECT\00033446.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.6:C:\RECYCLER\NPROTECT\00033447.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033447.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.29:C:\RECYCLER\NPROTECT\00033447.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.108:C:\RECYCLER\NPROTECT\00033447.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.109:C:\RECYCLER\NPROTECT\00033447.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.25:C:\RECYCLER\NPROTECT\00033448.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033448.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.29:C:\RECYCLER\NPROTECT\00033448.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.108:C:\RECYCLER\NPROTECT\00033448.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.109:C:\RECYCLER\NPROTECT\00033448.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.25:C:\RECYCLER\NPROTECT\00033449.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033449.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.29:C:\RECYCLER\NPROTECT\00033449.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.108:C:\RECYCLER\NPROTECT\00033449.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.109:C:\RECYCLER\NPROTECT\00033449.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.25:C:\RECYCLER\NPROTECT\00033450.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033450.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.29:C:\RECYCLER\NPROTECT\00033450.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.108:C:\RECYCLER\NPROTECT\00033450.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.109:C:\RECYCLER\NPROTECT\00033450.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.25:C:\RECYCLER\NPROTECT\00033451.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033451.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.29:C:\RECYCLER\NPROTECT\00033451.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.108:C:\RECYCLER\NPROTECT\00033451.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.109:C:\RECYCLER\NPROTECT\00033451.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.25:C:\RECYCLER\NPROTECT\00033452.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033452.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.29:C:\RECYCLER\NPROTECT\00033452.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.108:C:\RECYCLER\NPROTECT\00033452.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.109:C:\RECYCLER\NPROTECT\00033452.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.25:C:\RECYCLER\NPROTECT\00033453.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033453.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.29:C:\RECYCLER\NPROTECT\00033453.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.108:C:\RECYCLER\NPROTECT\00033453.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.109:C:\RECYCLER\NPROTECT\00033453.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.25:C:\RECYCLER\NPROTECT\00033454.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033454.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.29:C:\RECYCLER\NPROTECT\00033454.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.108:C:\RECYCLER\NPROTECT\00033454.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.109:C:\RECYCLER\NPROTECT\00033454.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.25:C:\RECYCLER\NPROTECT\00033455.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033455.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.29:C:\RECYCLER\NPROTECT\00033455.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.108:C:\RECYCLER\NPROTECT\00033455.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.109:C:\RECYCLER\NPROTECT\00033455.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.25:C:\RECYCLER\NPROTECT\00033462.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.28:C:\RECYCLER\NPROTECT\00033462.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.29:C:\RECYCLER\NPROTECT\00033462.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.108:C:\RECYCLER\NPROTECT\00033462.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.109:C:\RECYCLER\NPROTECT\00033462.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.26:C:\RECYCLER\NPROTECT\00033463.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.29:C:\RECYCLER\NPROTECT\00033463.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.30:C:\RECYCLER\NPROTECT\00033463.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.109:C:\RECYCLER\NPROTECT\00033463.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.110:C:\RECYCLER\NPROTECT\00033463.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\RECYCLER\NPROTECT\00033464.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.30:C:\RECYCLER\NPROTECT\00033464.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.31:C:\RECYCLER\NPROTECT\00033464.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.109:C:\RECYCLER\NPROTECT\00033464.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.110:C:\RECYCLER\NPROTECT\00033464.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.30:C:\RECYCLER\NPROTECT\00033473.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.33:C:\RECYCLER\NPROTECT\00033473.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.34:C:\RECYCLER\NPROTECT\00033473.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.112:C:\RECYCLER\NPROTECT\00033473.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.113:C:\RECYCLER\NPROTECT\00033473.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.30:C:\RECYCLER\NPROTECT\00033519.MOZ -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.33:C:\RECYCLER\NPROTECT\00033519.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.34:C:\RECYCLER\NPROTECT\00033519.MOZ -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.112:C:\RECYCLER\NPROTECT\00033519.MOZ -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.113:C:\RECYCLER\NPROTECT\00033519.MOZ -> TrackingCookie.Tribalfusion : Cleaned with backup


::Report End

 

eikä vieläkään mene resurssienhallinta päälle, eikä kyllä moni muukaan ohjelma. en saanut siirrettyä tota HJT:tä C:/ ku en saa mitään sovellusta auki, millä sen siirtäisin.

 

Kokeile hoitaa hommat vikasietotilassa:

Eli naputtele F8 käynnistyksessä ENNEN kuin Windows XP-latausruutu ilmestyy.

 

joo, sitä kokeilin heti ekana. ei toiminu silläkään tavalla.

 

HjT-loki ja ewidon loki ovat ok. Yritä palauttaa järjestelmä aikaisempaan tilaan. Naputtele se käynnistysvalikko esiin ja siitä "Viimeisin toimiva kokoonpano".

 

no nyt on näpytelty... ei kyllä vieläkään toimi. missäköhän nyt mättää? rautapuolella?

 

ja kun sammuttaa/käynnistää koneen uudelleen tulee seuraavat end programit: ccapp, msnunnamedwindow, excel.exe, msmsgs.exe.

 

Nuo on ihan ok. Nortonia ja exceliä ym. lopetetaan.

Sitten kokeillaan eScania:

Hae eScan -> http://koti.mbnet.fi/pattaya1/escanmwav.htm .
Asenna, päivitä, skannaa sivulla olevien ohjeiden mukaan. Lähetä sitten "örkkitulokset" tänne (ohje tuolla sivulla, alin kuva ja sen yläpuolella oleva teksti).

 

uutta listaa.....


File C:\Documents and Settings\Nikke\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv420.jar-32a202ff-3af8af0c.zip infected by "Trojan-Downloader.Java.OpenStream.c" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Nikke\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv514.jar-660bc3a5-1a652f14.zip infected by "Trojan-Downloader.Java.OpenStream.c" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Nikke\Desktop\bsplayer138.828.exe tagged as not-a-virus:AdWare.Win32.SaveNow.bo. No Action Taken.
File C:\Documents and Settings\Nikke\Desktop\mirc616.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
File C:\Program Files\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
File C:\Program Files\Norton AntiVirus\Quarantine\008C4221.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\00954016.class infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\00A26807.class infected by "Trojan.Java.ClassLoader.Dummy.a" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\00AC65FD.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\01416E90.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\06F90798.class infected by "Trojan.Java.ClassLoader.d" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\07A46824.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\07D97B47.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\07DF4F40.class infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\07E2793D.class infected by "Trojan.Java.ClassLoader.Dummy.a" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\07EF212E.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\089B6345.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\0E410B0D.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\0FE24E6F.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\0FE5786C.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\0FE82268.class infected by "Trojan.Java.ClassLoader.Dummy.d" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\0FEC4C65.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\17547FED.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\18A151B9.dctmp infected by "P2P-Worm.Win32.Krepper.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\1A6A49A3.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\1B475797.class infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\1B475797.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\1B547F88.class infected by "Trojan.Java.ClassLoader.Dummy.a" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\1B572985.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\1BCD1103.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\1BD03B00.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\1BD364FC.class infected by "Trojan.Java.ClassLoader.Dummy.d" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\1BD60EF9.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\1CC00F49.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\1CC33945.class infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\1CD06137.class infected by "Trojan.Java.ClassLoader.Dummy.a" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\1CD73530.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\206E7D9C.htm infected by "Exploit.HTML.Mht" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\22A74338.exe infected by "Backdoor.Win32.Rbot.et" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\29566487.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\2F9555D8.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\2F9B29D1.class infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\2FB579B4.class infected by "Trojan.Java.ClassLoader.Dummy.a" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\2FC9759E.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\314528C7.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\314D29B4.dctmp infected by "P2P-Worm.Win32.Tibick.d" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\315924B1.class infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\316D209C.class infected by "Trojan.Java.ClassLoader.Dummy.a" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\317D728A.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\3A08750D.htm infected by "Exploit.HTML.Mht" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\3B3C5AF6.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\3BC821CF.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\3C9F480B tagged as not-a-virus:AdWare.Win32.ActiveSearch.a. No Action Taken.
File C:\Program Files\Norton AntiVirus\Quarantine\3D4F12AC.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\3D523CA9.class infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\3D653893.class infected by "Trojan.Java.ClassLoader.Dummy.a" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\3D760A81.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\40F063CD.class infected by "Trojan.Java.ClassLoader.h" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\40F063CD.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\40FD194A infected by "Trojan.Java.ClassLoader.h" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\41190032.exe infected by "Backdoor.Win32.Rbot.gen" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\45EE3685.htm infected by "Exploit.VBS.Phel.a" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\466649C3.exe infected by "Backdoor.Win32.Rbot.gen" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\484549F0.htm infected by "Exploit.HTML.Mht" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\4A7E4E3C.htm infected by "Exploit.VBS.Phel.a" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\4BEB06ED.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\4BEF30E9.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\4BFF02D7.class infected by "Trojan.Java.ClassLoader.Dummy.d" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\4C0656D0.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\4CE12D0E.exe infected by "Backdoor.Win32.Rbot.gen" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\4F76395F.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\4F836151.class infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\4F975D3B.class infected by "Trojan.Java.ClassLoader.Dummy.a" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\4FA15B30.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\50AA09B4.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\50B15DAD.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\50BB5BA2.class infected by "Trojan.Java.ClassLoader.Dummy.d" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\50C45997.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\516577FD.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\526202D4 tagged as not-a-virus:AdWare.Win32.ActiveSearch.a. No Action Taken.
File C:\Program Files\Norton AntiVirus\Quarantine\52EA76A2 infected by "Trojan.Java.ClassLoader.d" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\5AA006BB.htm infected by "Exploit.VBS.Phel.a" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\5AB85481 infected by "Trojan.Java.ClassLoader.h" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\5BF04F3B.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\5C002129.class infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\5C2818FE.class infected by "Trojan.Java.ClassLoader.Dummy.a" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\5C4512DE.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\6080714A.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\60E25CDE.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\643A2545 infected by "Trojan.Java.ClassLoader.d" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\6C9361EE.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\6CCE151E tagged as not-a-virus:AdWare.Win32.ActiveSearch.a. No Action Taken.
File C:\Program Files\Norton AntiVirus\Quarantine\6D1A7598 infected by "Backdoor.Win32.Rbot.gen" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\70AE71A7.htm infected by "Exploit.HTML.Mht" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\78802A27.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\78867E20.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\78932612.class infected by "Trojan.Java.ClassLoader.Dummy.d" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\789A7A0A.class infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\79194FA6.htm infected by "Exploit.VBS.Phel.a" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton AntiVirus\Quarantine\79406D3A.htm infected by "Exploit.HTML.Mht" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\7DA85F59.dll tagged as not-a-virus:AdWare.Win32.WinAD.m. No Action Taken.
File C:\Program Files\Norton AntiVirus\Quarantine\7DAB0956.dll tagged as not-a-virus:AdWare.Win32.WinAD.n. No Action Taken.
File C:\Program Files\Norton AntiVirus\Quarantine\7DAB0956.exe tagged as not-a-virus:AdWare.Win32.Relevance.b. No Action Taken.
File C:\Program Files\Norton AntiVirus\Quarantine\7E043F3A.htm infected by "Exploit.HTML.Mht" Virus. Action Taken: File Renamed.
File C:\Program Files\Norton AntiVirus\Quarantine\7E1B6521.htm infected by "Exploit.VBS.Phel.a" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{284780DF-3F51-45A5-A680-32F21DAB01E3}\RP354\A0096507.dll tagged as not-a-virus:AdWare.Win32.WinAD.m. No Action Taken.
File C:\System Volume Information\_restore{284780DF-3F51-45A5-A680-32F21DAB01E3}\RP365\A0103759.exe tagged as not-a-virus:AdWare.Win32.SaveNow.bv. No Action Taken.
File C:\System Volume Information\_restore{284780DF-3F51-45A5-A680-32F21DAB01E3}\RP365\A0103761.exe tagged as not-a-virus:AdWare.Win32.SaveNow.bt. No Action Taken.
File C:\System Volume Information\_restore{284780DF-3F51-45A5-A680-32F21DAB01E3}\RP365\A0106791.exe tagged as not-a-virus:NetTool.Win32.Calc-DNet.d. No Action Taken.
File C:\System Volume Information\_restore{284780DF-3F51-45A5-A680-32F21DAB01E3}\RP366\A0112870.exe infected by "Backdoor.Win32.Rbot.et" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{284780DF-3F51-45A5-A680-32F21DAB01E3}\RP366\A0112871.exe infected by "Backdoor.Win32.Rbot.gen" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{284780DF-3F51-45A5-A680-32F21DAB01E3}\RP366\A0112872.exe infected by "Backdoor.Win32.Rbot.gen" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{284780DF-3F51-45A5-A680-32F21DAB01E3}\RP366\A0112873.exe infected by "Backdoor.Win32.Rbot.gen" Virus. Action Taken: File Renamed.

 

ei kyllä vieläkään mitään ihmeellistä ole tapahtunut....

 

Kyllähän se löysi sitä sun tätä.

Tyhjennä tämä hakemisto(siis poista kaikki tiedostot, älä hakemistoa):

C:\Program Files\Norton AntiVirus\Quarantine

Jollei auta, niin lähetäs vaikka uninstall ja startup-listat HjT:stä (open misc tools -> open uninstall manager -> sieltä eteenpäin, ja open misc tools, täpit niihin kahteen ruutuun ja klikkaa generate startuplist).

 

joo, elikkäs uutta listaa pukkaa:

StartupList report, 20.2.2006, 15:21:15
StartupList version: 1.52.2
Started from : C:\Documents and Settings\Nikke\Desktop\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Billionton\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\Office10\EXCEL.EXE
C:\Program Files\Billionton\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\MSN Messenger\dw.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Nikke\Desktop\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\Nikke\Start Menu\Programs\Startup]
*No files*

Shell folders AltStartup:
*Folder not found*

User shell folders Startup:
*Folder not found*

User shell folders AltStartup:
*Folder not found*

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
BTTray.lnk = ?
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

Shell folders Common AltStartup:
*Folder not found*

User shell folders Common Startup:
*Folder not found*

User shell folders Alternate Common Startup:
*Folder not found*

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Zone Labs Client = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
IntelliPoint = "C:\Program Files\Microsoft IntelliPoint\point32.exe"
WinampAgent = C:\Program Files\Winamp\winampa.exe
NVMixerTray = "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
Cmaudio = RunDll32 cmicnfg.cpl,CMICtrlWnd
RoxioDragToDisc = "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
SM1BG = C:\WINDOWS\SM1BG.EXE
SunJavaUpdateSched = C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
DAEMON Tools-1033 = "C:\Program Files\D-Tools\daemon.exe" -lang 1033
iTunesHelper = C:\Program Files\iTunes\iTunesHelper.exe
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
Symantec NetDriver Monitor = C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
LogitechVideoRepair = C:\Program Files\Logitech\Video\ISStart.exe
LogitechVideoTray = C:\Program Files\Logitech\Video\LogiTray.exe
ATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
OpwareSE2 = "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
BluetoothAuthenticationAgent = rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
SpyHunter =
mwavscan = "C:\Kaspersky\mwavscan.com" /s

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
*No values found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command

(Default) = "%1" /S

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\WINDOWS\System32\mshta.exe "%1" %*

--------------------------------------------------

File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command

(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

[{4b218e3e-bc98-4770-93d3-2731b9329278}] *
StubPath = %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf

[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\system32\ie4uinit.exe

--------------------------------------------------

Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps

*Registry key not found*

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Verifying REGEDIT.EXE integrity:

- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename OK: 'REGEDIT.EXE'
- File description: 'Registry Editor'

Registry check passed

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll - {9394EDE7-C8B5-483E-8773-474BF36AF6E4}
(no name) - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
NAV Helper - C:\Program Files\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Norton AntiVirus - Scan my computer - Nikke.job
Symantec NetDetect.job

--------------------------------------------------

Enumerating Download Program Files:

[WUWebControl Class]
InProcServer32 = C:\WINDOWS\system32\wuweb.dll
CODEBASE = http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1104249563372

[Java Plug-in 1.5.0_04]
InProcServer32 = C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab

[Java Plug-in 1.5.0_04]
InProcServer32 = C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx
CODEBASE = http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
NameSpace #4: C:\WINDOWS\system32\wshbth.dll
Protocol #1: C:\WINDOWS\system32\mswsock.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
Protocol #6: C:\WINDOWS\system32\mswsock.dll
Protocol #7: C:\WINDOWS\system32\mswsock.dll
Protocol #8: C:\WINDOWS\system32\mswsock.dll
Protocol #9: C:\WINDOWS\system32\mswsock.dll
Protocol #10: C:\WINDOWS\system32\mswsock.dll
Protocol #11: C:\WINDOWS\system32\mswsock.dll
Protocol #12: C:\WINDOWS\system32\mswsock.dll
Protocol #13: C:\WINDOWS\system32\mswsock.dll
Protocol #14: C:\WINDOWS\system32\mswsock.dll
Protocol #15: C:\WINDOWS\system32\mswsock.dll
Protocol #16: C:\WINDOWS\system32\mswsock.dll
Protocol #17: C:\WINDOWS\system32\mswsock.dll
Protocol #18: C:\WINDOWS\system32\mswsock.dll
Protocol #19: C:\WINDOWS\system32\mswsock.dll
Protocol #20: C:\WINDOWS\system32\mswsock.dll
Protocol #21: C:\WINDOWS\system32\mswsock.dll
Protocol #22: C:\WINDOWS\system32\mswsock.dll
Protocol #23: C:\WINDOWS\system32\mswsock.dll
Protocol #24: C:\WINDOWS\system32\mswsock.dll
Protocol #25: C:\WINDOWS\system32\mswsock.dll
Protocol #26: C:\WINDOWS\system32\mswsock.dll

--------------------------------------------------

Enumerating Windows NT/2000/XP services

Microsoft ACPI Driver: System32\DRIVERS\ACPI.sys (system)
Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start)
AFD Networking Support Environment: \SystemRoot\System32\drivers\afd.sys (system)
Alerter: %SystemRoot%\System32\svchost.exe -k LocalService (disabled)
Application Layer Gateway Service: %SystemRoot%\System32\alg.exe (manual start)
AMD K7 Processor Driver: System32\DRIVERS\amdk7.sys (system)
Application Management: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
1394 ARP Client Protocol: System32\DRIVERS\arp1394.sys (manual start)
RAS Asynchronous Media Driver: System32\DRIVERS\asyncmac.sys (manual start)
Standard IDE/ESDI Hard Disk Controller: System32\DRIVERS\atapi.sys (system)
Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart)
ATI Smart: C:\WINDOWS\system32\ati2sgag.exe (autostart)
ati2mtag: system32\DRIVERS\ati2mtag.sys (manual start)
ATM ARP Client Protocol: System32\DRIVERS\atmarpc.sys (manual start)
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Audio Stub Driver: System32\DRIVERS\audstub.sys (manual start)
Background Intelligent Transfer Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Computer Browser: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Bluetooth-äänilaite: system32\drivers\btaudio.sys (manual start)
Bluetooth-näennäistietoliikenneohjain: system32\DRIVERS\btport.sys (manual start)
Bluetooth Request Block Driver: system32\DRIVERS\BthEnum.sys (manual start)
Bluetooth Device (Personal Area Network): system32\DRIVERS\bthpan.sys (manual start)
Bluetooth Port Driver: System32\Drivers\BTHport.sys (manual start)
Bluetooth Support Service: %SystemRoot%\system32\svchost.exe -k bthsvcs (autostart)
Bluetooth Radio USB Driver: System32\Drivers\BTHUSB.sys (manual start)
Bluetooth-väyläluetteloija: system32\DRIVERS\btkrnl.sys (manual start)
Bluetooth Serial Driver: \??\C:\WINDOWS\system32\drivers\btserial.sys (autostart)
Bluetooth Port Client Driver: \??\C:\WINDOWS\system32\drivers\btslbcsp.sys (autostart)
Bluetooth Service: C:\Program Files\Billionton\Bluetooth-ohjelmisto\bin\btwdins.exe (autostart)
Bluetooth-lähiverkkopalvelin: system32\DRIVERS\btwdndis.sys (manual start)
WIDCOMM USB Bluetooth Driver: System32\Drivers\btwusb.sys (manual start)
Closed Caption Decoder: system32\DRIVERS\CCDECODE.sys (manual start)
Symantec Event Manager: "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" (autostart)
Symantec Password Validation: "C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe" (manual start)
Symantec Settings Manager: "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" (autostart)
CD-ROM Driver: System32\DRIVERS\cdrom.sys (system)
Indexing Service: C:\WINDOWS\System32\cisvc.exe (manual start)
ClipBook: %SystemRoot%\system32\clipsrv.exe (disabled)
C-Media WDM Audio Interface: system32\drivers\cmuda.sys (manual start)
COM+ System Application: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
d347bus: system32\DRIVERS\d347bus.sys (system)
d347prt: System32\Drivers\d347prt.sys (system)
DCOM Server Process Launcher: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
DHCP Client: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Disk Driver: System32\DRIVERS\disk.sys (system)
Logical Disk Manager Administrative Service: %SystemRoot%\System32\dmadmin.exe /com (manual start)
dmboot: System32\drivers\dmboot.sys (disabled)
Logical Disk Manager Driver: System32\drivers\dmio.sys (system)
dmload: System32\drivers\dmload.sys (system)
Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start)
DNS Client: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Event Log: %SystemRoot%\system32\services.exe (autostart)
COM+ Event System: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start)
ewido security suite control: C:\Program Files\ewido anti-malware\ewidoctrl.exe (autostart)
ewido security suite driver: \??\C:\Program Files\ewido anti-malware\guard.sys (system)
ewido security suite guard: C:\Program Files\ewido anti-malware\ewidoguard.exe (autostart)
Fast User Switching Compatibility: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Floppy Disk Controller Driver: System32\DRIVERS\fdc.sys (manual start)
Floppy Disk Driver: System32\DRIVERS\flpydisk.sys (manual start)
FltMgr: system32\drivers\fltmgr.sys (system)
Volume Manager Driver: System32\DRIVERS\ftdisk.sys (system)
Game Port Enumerator: System32\DRIVERS\gameenum.sys (manual start)
GEAR CDRom Filter: SYSTEM32\DRIVERS\GEARAspiWDM.sys (manual start)
Generic Packet Classifier: System32\DRIVERS\msgpc.sys (manual start)
Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Human Interface Device Access: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
HTTP: System32\Drivers\HTTP.sys (manual start)
HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
i8042 Keyboard and PS/2 Mouse Port Driver: System32\DRIVERS\i8042prt.sys (system)
CD-Burning Filter Driver: system32\DRIVERS\imapi.sys (system)
IMAPI CD-Burning COM Service: C:\WINDOWS\System32\imapi.exe (manual start)
IPv6 Windows Firewall Driver: system32\drivers\ip6fw.sys (manual start)
IP Traffic Filter Driver: System32\DRIVERS\ipfltdrv.sys (manual start)
IP in IP Tunnel Driver: System32\DRIVERS\ipinip.sys (manual start)
IP Network Address Translator: System32\DRIVERS\ipnat.sys (manual start)
iPod-palvelu: "C:\Program Files\iPod\bin\iPodService.exe" (manual start)
IPSEC driver: System32\DRIVERS\ipsec.sys (system)
IR Enumerator Service: System32\DRIVERS\irenum.sys (manual start)
PnP ISA/EISA Bus Driver: System32\DRIVERS\isapnp.sys (system)
Keyboard Class Driver: System32\DRIVERS\kbdclass.sys (system)
Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start)
Server: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Workstation: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
TCP/IP NetBIOS Helper: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Messenger: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
NetMeeting Remote Desktop Sharing: C:\WINDOWS\System32\mnmsrvc.exe (manual start)
Mouse Class Driver: System32\DRIVERS\mouclass.sys (system)
WebDav Client Redirector: System32\DRIVERS\mrxdav.sys (manual start)
MRXSMB: System32\DRIVERS\mrxsmb.sys (system)
Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start)
Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start)
Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
Microsoft System Management BIOS Driver: System32\DRIVERS\mssmbios.sys (manual start)
Microsoft Streaming Tee/Sink-to-Sink Converter: system32\drivers\MSTEE.sys (manual start)
Microsoft MPU-401 MIDI UART Driver: system32\drivers\msmpu401.sys (manual start)
NABTS/FEC VBI Codec: system32\DRIVERS\NABTSFEC.sys (manual start)
Norton AntiVirus Auto-Protect Service: "C:\Program Files\Norton AntiVirus\navapsvc.exe" (autostart)
NAVENG: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060215.006\NAVENG.Sys (manual start)
NAVEX15: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060215.006\NavEx15.Sys (manual start)
Microsoft TV/Video Connection: system32\DRIVERS\NdisIP.sys (manual start)
Remote Access NDIS TAPI Driver: System32\DRIVERS\ndistapi.sys (manual start)
NDIS Usermode I/O Protocol: System32\DRIVERS\ndisuio.sys (manual start)
Remote Access NDIS WAN Driver: System32\DRIVERS\ndiswan.sys (manual start)
NetBIOS Interface: System32\DRIVERS\netbios.sys (system)
NetBT: System32\DRIVERS\netbt.sys (system)
Network DDE: %SystemRoot%\system32\netdde.exe (disabled)
Network DDE DSDM: %SystemRoot%\system32\netdde.exe (disabled)
Net Logon: %SystemRoot%\System32\lsass.exe (manual start)
Network Connections: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
1394 Net Driver: System32\DRIVERS\nic1394.sys (manual start)
Network Location Awareness (NLA): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Norton AntiVirus Firewall Monitor Service: "C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe" (autostart)
NT LM Security Support Provider: %SystemRoot%\System32\lsass.exe (manual start)
Removable Storage: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
nvatabus: system32\DRIVERS\nvatabus.sys (system)
NVIDIA nForce Networking Legacy Driver: System32\DRIVERS\NVENET.sys (manual start)
nvidesm: system32\drivers\nvidesm.sys (system)
NVIDIA nForce AGP Bus Filter: System32\DRIVERS\nv_agp.sys (system)
IPX Traffic Filter Driver: System32\DRIVERS\nwlnkflt.sys (manual start)
IPX Traffic Forwarder Driver: System32\DRIVERS\nwlnkfwd.sys (manual start)
OHCI Compliant IEEE 1394 Host Controller: System32\DRIVERS\ohci1394.sys (system)
Parallel port driver: System32\DRIVERS\parport.sys (manual start)
PCI Bus Driver: System32\DRIVERS\pci.sys (system)
PCIIde: System32\DRIVERS\pciide.sys (system)
Low level access layer for CD devices: System32\Drivers\Pcouffin.sys (manual start)
Volume Adapter: system32\DRIVERS\lv302af.sys (manual start)
Labtec WebCam Pro(PID_08A0): system32\DRIVERS\LV302AV.SYS (manual start)
Plug and Play: %SystemRoot%\system32\services.exe (autostart)
Microsoft IntelliPoint Filter Driver: System32\DRIVERS\point32.sys (manual start)
IPSEC Services: %SystemRoot%\System32\lsass.exe (autostart)
WAN Miniport (PPTP): System32\DRIVERS\raspptp.sys (manual start)
Processor Driver: System32\DRIVERS\processr.sys (system)
Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
QoS Packet Scheduler: System32\DRIVERS\psched.sys (manual start)
Direct Parallel Link Driver: System32\DRIVERS\ptilink.sys (manual start)
PxHelp20: system32\DRIVERS\PxHelp20.sys (system)
Remote Access Auto Connection Driver: System32\DRIVERS\rasacd.sys (system)
Remote Access Auto Connection Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
WAN Miniport (L2TP): System32\DRIVERS\rasl2tp.sys (manual start)
Remote Access Connection Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Remote Access PPPOE Driver: System32\DRIVERS\raspppoe.sys (manual start)
Direct Parallel: System32\DRIVERS\raspti.sys (manual start)
Rdbss: System32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Terminal Server Device Redirector Driver: System32\DRIVERS\rdpdr.sys (manual start)
Remote Desktop Help Session Manager: C:\WINDOWS\system32\sessmgr.exe (manual start)
Digital CD Audio Playback Filter Driver: System32\DRIVERS\redbook.sys (system)
Routing and Remote Access: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Remote Registry: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Bluetooth Device (RFCOMM Protocol TDI): system32\DRIVERS\rfcomm.sys (manual start)
Remote Procedure Call (RPC) Locator: %SystemRoot%\System32\locator.exe (manual start)
Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start)
Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver: System32\DRIVERS\RTL8139.SYS (manual start)
Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
SAVRT: \??\C:\Program Files\Norton AntiVirus\SAVRT.SYS (manual start)
SAVRTPEL: \??\C:\Program Files\Norton AntiVirus\SAVRTPEL.SYS (system)
SAVScan: "C:\Program Files\Norton AntiVirus\SAVScan.exe" (manual start)
ScriptBlocking Service: C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe (autostart)
Smart Card: %SystemRoot%\System32\SCardSvr.exe (manual start)
Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Secdrv: System32\DRIVERS\secdrv.sys (autostart)
Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Serenum Filter Driver: System32\DRIVERS\serenum.sys (manual start)
Serial port driver: System32\DRIVERS\serial.sys (system)
Windows Firewall/Internet Connection Sharing (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
BDA Slip De-Framer: system32\DRIVERS\SLIP.sys (manual start)
Symantec Network Drivers Service: "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe" (autostart)
SPBBCDrv: \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (system)
Symantec SPBBCSvc: "C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe" (autostart)
Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start)
Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
System Restore Filter Driver: System32\DRIVERS\sr.sys (system)
System Restore Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Srv: System32\DRIVERS\srv.sys (manual start)
SSDP Discovery Service: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
Windows Image Acquisition (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart)
BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start)
Software Bus Driver: System32\DRIVERS\swenum.sys (manual start)
Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start)
MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{F2223419-458E-4914-B2BF-EEE340823A35} (manual start)
Symantec Core LC: C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (autostart)
SYMDNS: \SystemRoot\System32\Drivers\SYMDNS.SYS (manual start)
SymEvent: \??\C:\Program Files\Symantec\SYMEVENT.SYS (manual start)
SYMFW: \SystemRoot\System32\Drivers\SYMFW.SYS (manual start)
SYMIDS: \SystemRoot\System32\Drivers\SYMIDS.SYS (manual start)
SYMIDSCO: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20051208.051\symidsco.sys (manual start)
symlcbrd: \??\C:\WINDOWS\system32\drivers\symlcbrd.sys (autostart)
SYMNDIS: \SystemRoot\System32\Drivers\SYMNDIS.SYS (manual start)
SYMREDRV: \SystemRoot\System32\Drivers\SYMREDRV.SYS (manual start)
SYMTDI: \SystemRoot\System32\Drivers\SYMTDI.SYS (system)
SymWMI Service: "C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe" (autostart)
Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start)
Performance Logs and Alerts: %SystemRoot%\system32\smlogsvc.exe (manual start)
Telephony: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
TCP/IP Protocol Driver: System32\DRIVERS\tcpip.sys (system)
Terminal Device Driver: System32\DRIVERS\termdd.sys (system)
Terminal Services: %SystemRoot%\System32\svchost -k DComLaunch (manual start)
Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Telnet: C:\WINDOWS\System32\tlntsvr.exe (manual start)
Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart)
Microcode Update Driver: System32\DRIVERS\update.sys (manual start)
Universal Plug and Play Device Host: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start)
USB Audio Driver (WDM): system32\drivers\usbaudio.sys (manual start)
Microsoft USB Generic Parent Driver: System32\DRIVERS\usbccgp.sys (manual start)
USB2 Enabled Hub: System32\DRIVERS\usbhub.sys (manual start)
Microsoft USB Open Host Controller Miniport Driver: System32\DRIVERS\usbohci.sys (manual start)
Microsoft USB PRINTER Class: system32\DRIVERS\usbprint.sys (manual start)
USB Scanner Driver: system32\DRIVERS\usbscan.sys (manual start)
USB Mass Storage Driver: system32\DRIVERS\USBSTOR.SYS (manual start)
VGA Display Controller.: \SystemRoot\System32\drivers\vga.sys (system)
vsdatant: System32\vsdatant.sys (system)
TrueVector Internet Monitor: C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service (autostart)
Volume Shadow Copy: %SystemRoot%\System32\vssvc.exe (manual start)
Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Remote Access IP ARP Driver: System32\DRIVERS\wanarp.sys (manual start)
Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start)
WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Portable Media Serial Number Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Windows Management Instrumentation Driver Extensions: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
WMI Performance Adapter: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start)
Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
World Standard Teletext Codec: system32\DRIVERS\WSTCODEC.SYS (manual start)
Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Network Provisioning Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)


--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: *Registry value not found*

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll

--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*windows update = wuaruclt.exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*windows update = wuaruclt.exe

--------------------------------------------------

End of report, 38 480 bytes
Report generated in 0,125 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only




Ad-Aware SE Personal
Adobe Download Manager 1.2 (Remove Only)
Adobe Reader 6.0.1 - Suomi
Apollo DVD Copy 4.2.2
ArcSoft PhotoStudio 5.5
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
Azureus
Billionton Bluetooth-ohjelmisto
BitTorrent 3.4.2
Brothers In Arms
BSplayer
Call of Duty(R) 2
Canon MP Drivers 7.0
Canon MP Navigator 1.1
Canon ScanGear Starter
Canon Utilities Easy-PhotoPrint
ccCommon
C-Media WDM Audio Driver
Cypress USB Mass Storage Driver Installation
DAEMON Tools
DC++ 0.667
DivX
DivX 5.0 Pro Bundle
DivX Player
Easy-WebPrint
eMule
eMusic - 50 Free MP3 offer
ewido anti-malware
ffdshow
Google Earth
Grand Theft Auto Vice City
GTA San Andreas
HijackThis 1.99.1
IFI OnlineFoto
Internet Worm Protection
iTunes
J2SE Runtime Environment 5.0 Update 1
J2SE Runtime Environment 5.0 Update 2
J2SE Runtime Environment 5.0 Update 4
Labtec WebCam
Labtec® WebCam Driver
Language pack for Ad-Aware SE
LiveReg (Symantec Corporation)
LiveUpdate 2.6 (Symantec Corporation)
Macromedia Flash Player 8
Macromedia Shockwave Player
Max Payne 2
Microsoft Office XP Professional ja FrontPage
mIRC
Mozilla Firefox (1.0.7)
MSN Messenger 7.5
MSN Työkalupalkki
Napster
Norton AntiVirus 2005
Norton AntiVirus 2005 (Symantec Corporation)
Norton AntiVirus Help
Norton AntiVirus Parent MSI
Norton AntiVirus SYMLT MSI
Norton WMI Update
Norton WMI Update
NVIDIA Drivers
NvMixer
OmniPage SE
Opera
PDF Converter 1.1
Power Mp3 Cutter(Mp3 Sound Cutter) 1.41
QuickTime
RealPlayer
Roxio Burn Engine
Roxio Easy Media Creator 7
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Skype 1.1
SPBBC
Spybot - Search & Destroy 1.3
SpyHunter
Subtitle Workshop 2.51
Symantec
Symantec Script Blocking Installer
SymNet
testikuva ScreenSaver
TSA
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB910437)
USB Storage Adapter FX (SM1)
VideoLAN VLC media player 0.7.0
Winamp (remove only)
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinRAR-pakkausohjelma
XiRCON 1.0B4
Yahoo! Toolbar
ZoneAlarm

 

mitään ihmeempää vieläkään tapahtunu.... pitäsköhän asentaa vaan winukka uusiks?

 

Mun silmään ei satu suurempia, yks juttu kuitenkin:

Ota ensin rekisteristä näin varmuuskopio:

Suorita -> regedit -> ok. Sitten Tiedosto -> Vie. Kirjoita sille joku nimi ja sitten Tallenna(ja laita muistiin, mihin tallensit sen).

Sitten tallenna tämä alla oleva tekstinpätkä nimellä fix.reg vaikka muistiossa ja vaikka työpöydälle (tallennusmuoto kaikki tiedostot)

Tuplaklikkaa ja paina kyllä ja ok. Käynnistä kone uudelleen ja lähetä uusi startup-lista. Auttoiko?

 

ei mene vieläkään mikään päälle. mutta tässä nyt se lista:





StartupList report, 20.2.2006, 17:52:45
StartupList version: 1.52.2
Started from : C:\Documents and Settings\Nikke\Desktop\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Billionton\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Billionton\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\MSN Messenger\dw.exe
C:\Program Files\Microsoft Office\Office10\EXCEL.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\NMain.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Nikke\Desktop\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\Nikke\Start Menu\Programs\Startup]
*No files*

Shell folders AltStartup:
*Folder not found*

User shell folders Startup:
*Folder not found*

User shell folders AltStartup:
*Folder not found*

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
BTTray.lnk = ?
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

Shell folders Common AltStartup:
*Folder not found*

User shell folders Common Startup:
*Folder not found*

User shell folders Alternate Common Startup:
*Folder not found*

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Zone Labs Client = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
IntelliPoint = "C:\Program Files\Microsoft IntelliPoint\point32.exe"
WinampAgent = C:\Program Files\Winamp\winampa.exe
NVMixerTray = "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
Cmaudio = RunDll32 cmicnfg.cpl,CMICtrlWnd
RoxioDragToDisc = "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
SM1BG = C:\WINDOWS\SM1BG.EXE
SunJavaUpdateSched = C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
DAEMON Tools-1033 = "C:\Program Files\D-Tools\daemon.exe" -lang 1033
iTunesHelper = C:\Program Files\iTunes\iTunesHelper.exe
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
Symantec NetDriver Monitor = C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
LogitechVideoRepair = C:\Program Files\Logitech\Video\ISStart.exe
LogitechVideoTray = C:\Program Files\Logitech\Video\LogiTray.exe
ATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
OpwareSE2 = "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
BluetoothAuthenticationAgent = rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
SpyHunter =
mwavscan = "C:\Kaspersky\mwavscan.com" /s

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
*No values found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command

(Default) = "%1" /S

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\WINDOWS\System32\mshta.exe "%1" %*

--------------------------------------------------

File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command

(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

[{4b218e3e-bc98-4770-93d3-2731b9329278}] *
StubPath = %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf

[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\system32\ie4uinit.exe

--------------------------------------------------

Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps

*Registry key not found*

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Verifying REGEDIT.EXE integrity:

- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename OK: 'REGEDIT.EXE'
- File description: 'Registry Editor'

Registry check passed

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll - {9394EDE7-C8B5-483E-8773-474BF36AF6E4}
(no name) - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
NAV Helper - C:\Program Files\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Norton AntiVirus - Scan my computer - Nikke.job
Symantec NetDetect.job

--------------------------------------------------

Enumerating Download Program Files:

[WUWebControl Class]
InProcServer32 = C:\WINDOWS\system32\wuweb.dll
CODEBASE = http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1104249563372

[Java Plug-in 1.5.0_04]
InProcServer32 = C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab

[Java Plug-in 1.5.0_04]
InProcServer32 = C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx
CODEBASE = http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
NameSpace #4: C:\WINDOWS\system32\wshbth.dll
Protocol #1: C:\WINDOWS\system32\mswsock.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
Protocol #6: C:\WINDOWS\system32\mswsock.dll
Protocol #7: C:\WINDOWS\system32\mswsock.dll
Protocol #8: C:\WINDOWS\system32\mswsock.dll
Protocol #9: C:\WINDOWS\system32\mswsock.dll
Protocol #10: C:\WINDOWS\system32\mswsock.dll
Protocol #11: C:\WINDOWS\system32\mswsock.dll
Protocol #12: C:\WINDOWS\system32\mswsock.dll
Protocol #13: C:\WINDOWS\system32\mswsock.dll
Protocol #14: C:\WINDOWS\system32\mswsock.dll
Protocol #15: C:\WINDOWS\system32\mswsock.dll
Protocol #16: C:\WINDOWS\system32\mswsock.dll
Protocol #17: C:\WINDOWS\system32\mswsock.dll
Protocol #18: C:\WINDOWS\system32\mswsock.dll
Protocol #19: C:\WINDOWS\system32\mswsock.dll
Protocol #20: C:\WINDOWS\system32\mswsock.dll
Protocol #21: C:\WINDOWS\system32\mswsock.dll
Protocol #22: C:\WINDOWS\system32\mswsock.dll
Protocol #23: C:\WINDOWS\system32\mswsock.dll
Protocol #24: C:\WINDOWS\system32\mswsock.dll
Protocol #25: C:\WINDOWS\system32\mswsock.dll
Protocol #26: C:\WINDOWS\system32\mswsock.dll

--------------------------------------------------

Enumerating Windows NT/2000/XP services

Microsoft ACPI Driver: System32\DRIVERS\ACPI.sys (system)
Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start)
AFD Networking Support Environment: \SystemRoot\System32\drivers\afd.sys (system)
Alerter: %SystemRoot%\System32\svchost.exe -k LocalService (disabled)
Application Layer Gateway Service: %SystemRoot%\System32\alg.exe (manual start)
AMD K7 Processor Driver: System32\DRIVERS\amdk7.sys (system)
Application Management: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
1394 ARP Client Protocol: System32\DRIVERS\arp1394.sys (manual start)
RAS Asynchronous Media Driver: System32\DRIVERS\asyncmac.sys (manual start)
Standard IDE/ESDI Hard Disk Controller: System32\DRIVERS\atapi.sys (system)
Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart)
ATI Smart: C:\WINDOWS\system32\ati2sgag.exe (autostart)
ati2mtag: system32\DRIVERS\ati2mtag.sys (manual start)
ATM ARP Client Protocol: System32\DRIVERS\atmarpc.sys (manual start)
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Audio Stub Driver: System32\DRIVERS\audstub.sys (manual start)
Background Intelligent Transfer Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Computer Browser: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Bluetooth-äänilaite: system32\drivers\btaudio.sys (manual start)
Bluetooth-näennäistietoliikenneohjain: system32\DRIVERS\btport.sys (manual start)
Bluetooth Request Block Driver: system32\DRIVERS\BthEnum.sys (manual start)
Bluetooth Device (Personal Area Network): system32\DRIVERS\bthpan.sys (manual start)
Bluetooth Port Driver: System32\Drivers\BTHport.sys (manual start)
Bluetooth Support Service: %SystemRoot%\system32\svchost.exe -k bthsvcs (autostart)
Bluetooth Radio USB Driver: System32\Drivers\BTHUSB.sys (manual start)
Bluetooth-väyläluetteloija: system32\DRIVERS\btkrnl.sys (manual start)
Bluetooth Serial Driver: \??\C:\WINDOWS\system32\drivers\btserial.sys (autostart)
Bluetooth Port Client Driver: \??\C:\WINDOWS\system32\drivers\btslbcsp.sys (autostart)
Bluetooth Service: C:\Program Files\Billionton\Bluetooth-ohjelmisto\bin\btwdins.exe (autostart)
Bluetooth-lähiverkkopalvelin: system32\DRIVERS\btwdndis.sys (manual start)
WIDCOMM USB Bluetooth Driver: System32\Drivers\btwusb.sys (manual start)
Closed Caption Decoder: system32\DRIVERS\CCDECODE.sys (manual start)
Symantec Event Manager: "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" (autostart)
Symantec Password Validation: "C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe" (manual start)
Symantec Settings Manager: "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" (autostart)
CD-ROM Driver: System32\DRIVERS\cdrom.sys (system)
Indexing Service: C:\WINDOWS\System32\cisvc.exe (manual start)
ClipBook: %SystemRoot%\system32\clipsrv.exe (disabled)
C-Media WDM Audio Interface: system32\drivers\cmuda.sys (manual start)
COM+ System Application: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
d347bus: system32\DRIVERS\d347bus.sys (system)
d347prt: System32\Drivers\d347prt.sys (system)
DCOM Server Process Launcher: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
DHCP Client: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Disk Driver: System32\DRIVERS\disk.sys (system)
Logical Disk Manager Administrative Service: %SystemRoot%\System32\dmadmin.exe /com (manual start)
dmboot: System32\drivers\dmboot.sys (disabled)
Logical Disk Manager Driver: System32\drivers\dmio.sys (system)
dmload: System32\drivers\dmload.sys (system)
Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start)
DNS Client: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Event Log: %SystemRoot%\system32\services.exe (autostart)
COM+ Event System: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start)
ewido security suite control: C:\Program Files\ewido anti-malware\ewidoctrl.exe (autostart)
ewido security suite driver: \??\C:\Program Files\ewido anti-malware\guard.sys (system)
ewido security suite guard: C:\Program Files\ewido anti-malware\ewidoguard.exe (autostart)
Fast User Switching Compatibility: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Floppy Disk Controller Driver: System32\DRIVERS\fdc.sys (manual start)
Floppy Disk Driver: System32\DRIVERS\flpydisk.sys (manual start)
FltMgr: system32\drivers\fltmgr.sys (system)
Volume Manager Driver: System32\DRIVERS\ftdisk.sys (system)
Game Port Enumerator: System32\DRIVERS\gameenum.sys (manual start)
GEAR CDRom Filter: SYSTEM32\DRIVERS\GEARAspiWDM.sys (manual start)
Generic Packet Classifier: System32\DRIVERS\msgpc.sys (manual start)
Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Human Interface Device Access: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
HTTP: System32\Drivers\HTTP.sys (manual start)
HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
i8042 Keyboard and PS/2 Mouse Port Driver: System32\DRIVERS\i8042prt.sys (system)
CD-Burning Filter Driver: system32\DRIVERS\imapi.sys (system)
IMAPI CD-Burning COM Service: C:\WINDOWS\System32\imapi.exe (manual start)
IPv6 Windows Firewall Driver: system32\drivers\ip6fw.sys (manual start)
IP Traffic Filter Driver: System32\DRIVERS\ipfltdrv.sys (manual start)
IP in IP Tunnel Driver: System32\DRIVERS\ipinip.sys (manual start)
IP Network Address Translator: System32\DRIVERS\ipnat.sys (manual start)
iPod-palvelu: "C:\Program Files\iPod\bin\iPodService.exe" (manual start)
IPSEC driver: System32\DRIVERS\ipsec.sys (system)
IR Enumerator Service: System32\DRIVERS\irenum.sys (manual start)
PnP ISA/EISA Bus Driver: System32\DRIVERS\isapnp.sys (system)
Keyboard Class Driver: System32\DRIVERS\kbdclass.sys (system)
Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start)
Server: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Workstation: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
TCP/IP NetBIOS Helper: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Messenger: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
NetMeeting Remote Desktop Sharing: C:\WINDOWS\System32\mnmsrvc.exe (manual start)
Mouse Class Driver: System32\DRIVERS\mouclass.sys (system)
WebDav Client Redirector: System32\DRIVERS\mrxdav.sys (manual start)
MRXSMB: System32\DRIVERS\mrxsmb.sys (system)
Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start)
Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start)
Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
Microsoft System Management BIOS Driver: System32\DRIVERS\mssmbios.sys (manual start)
Microsoft Streaming Tee/Sink-to-Sink Converter: system32\drivers\MSTEE.sys (manual start)
Microsoft MPU-401 MIDI UART Driver: system32\drivers\msmpu401.sys (manual start)
NABTS/FEC VBI Codec: system32\DRIVERS\NABTSFEC.sys (manual start)
Norton AntiVirus Auto-Protect Service: "C:\Program Files\Norton AntiVirus\navapsvc.exe" (autostart)
NAVENG: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060215.006\NAVENG.Sys (manual start)
NAVEX15: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060215.006\NavEx15.Sys (manual start)
Microsoft TV/Video Connection: system32\DRIVERS\NdisIP.sys (manual start)
Remote Access NDIS TAPI Driver: System32\DRIVERS\ndistapi.sys (manual start)
NDIS Usermode I/O Protocol: System32\DRIVERS\ndisuio.sys (manual start)
Remote Access NDIS WAN Driver: System32\DRIVERS\ndiswan.sys (manual start)
NetBIOS Interface: System32\DRIVERS\netbios.sys (system)
NetBT: System32\DRIVERS\netbt.sys (system)
Network DDE: %SystemRoot%\system32\netdde.exe (disabled)
Network DDE DSDM: %SystemRoot%\system32\netdde.exe (disabled)
Net Logon: %SystemRoot%\System32\lsass.exe (manual start)
Network Connections: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
1394 Net Driver: System32\DRIVERS\nic1394.sys (manual start)
Network Location Awareness (NLA): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Norton AntiVirus Firewall Monitor Service: "C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe" (autostart)
NT LM Security Support Provider: %SystemRoot%\System32\lsass.exe (manual start)
Removable Storage: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
nvatabus: system32\DRIVERS\nvatabus.sys (system)
NVIDIA nForce Networking Legacy Driver: System32\DRIVERS\NVENET.sys (manual start)
nvidesm: system32\drivers\nvidesm.sys (system)
NVIDIA nForce AGP Bus Filter: System32\DRIVERS\nv_agp.sys (system)
IPX Traffic Filter Driver: System32\DRIVERS\nwlnkflt.sys (manual start)
IPX Traffic Forwarder Driver: System32\DRIVERS\nwlnkfwd.sys (manual start)
OHCI Compliant IEEE 1394 Host Controller: System32\DRIVERS\ohci1394.sys (system)
Parallel port driver: System32\DRIVERS\parport.sys (manual start)
PCI Bus Driver: System32\DRIVERS\pci.sys (system)
PCIIde: System32\DRIVERS\pciide.sys (system)
Low level access layer for CD devices: System32\Drivers\Pcouffin.sys (manual start)
Volume Adapter: system32\DRIVERS\lv302af.sys (manual start)
Labtec WebCam Pro(PID_08A0): system32\DRIVERS\LV302AV.SYS (manual start)
Plug and Play: %SystemRoot%\system32\services.exe (autostart)
Microsoft IntelliPoint Filter Driver: System32\DRIVERS\point32.sys (manual start)
IPSEC Services: %SystemRoot%\System32\lsass.exe (autostart)
WAN Miniport (PPTP): System32\DRIVERS\raspptp.sys (manual start)
Processor Driver: System32\DRIVERS\processr.sys (system)
Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
QoS Packet Scheduler: System32\DRIVERS\psched.sys (manual start)
Direct Parallel Link Driver: System32\DRIVERS\ptilink.sys (manual start)
PxHelp20: system32\DRIVERS\PxHelp20.sys (system)
Remote Access Auto Connection Driver: System32\DRIVERS\rasacd.sys (system)
Remote Access Auto Connection Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
WAN Miniport (L2TP): System32\DRIVERS\rasl2tp.sys (manual start)
Remote Access Connection Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Remote Access PPPOE Driver: System32\DRIVERS\raspppoe.sys (manual start)
Direct Parallel: System32\DRIVERS\raspti.sys (manual start)
Rdbss: System32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Terminal Server Device Redirector Driver: System32\DRIVERS\rdpdr.sys (manual start)
Remote Desktop Help Session Manager: C:\WINDOWS\system32\sessmgr.exe (manual start)
Digital CD Audio Playback Filter Driver: System32\DRIVERS\redbook.sys (system)
Routing and Remote Access: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Remote Registry: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Bluetooth Device (RFCOMM Protocol TDI): system32\DRIVERS\rfcomm.sys (manual start)
Remote Procedure Call (RPC) Locator: %SystemRoot%\System32\locator.exe (manual start)
Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start)
Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver: System32\DRIVERS\RTL8139.SYS (manual start)
Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
SAVRT: \??\C:\Program Files\Norton AntiVirus\SAVRT.SYS (manual start)
SAVRTPEL: \??\C:\Program Files\Norton AntiVirus\SAVRTPEL.SYS (system)
SAVScan: "C:\Program Files\Norton AntiVirus\SAVScan.exe" (manual start)
ScriptBlocking Service: C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe (autostart)
Smart Card: %SystemRoot%\System32\SCardSvr.exe (manual start)
Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Secdrv: System32\DRIVERS\secdrv.sys (autostart)
Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Serenum Filter Driver: System32\DRIVERS\serenum.sys (manual start)
Serial port driver: System32\DRIVERS\serial.sys (system)
Windows Firewall/Internet Connection Sharing (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
BDA Slip De-Framer: system32\DRIVERS\SLIP.sys (manual start)
Symantec Network Drivers Service: "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe" (autostart)
SPBBCDrv: \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (system)
Symantec SPBBCSvc: "C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe" (autostart)
Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start)
Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
System Restore Filter Driver: System32\DRIVERS\sr.sys (system)
System Restore Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Srv: System32\DRIVERS\srv.sys (manual start)
SSDP Discovery Service: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
Windows Image Acquisition (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart)
BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start)
Software Bus Driver: System32\DRIVERS\swenum.sys (manual start)
Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start)
MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{F2223419-458E-4914-B2BF-EEE340823A35} (manual start)
Symantec Core LC: C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (autostart)
SYMDNS: \SystemRoot\System32\Drivers\SYMDNS.SYS (manual start)
SymEvent: \??\C:\Program Files\Symantec\SYMEVENT.SYS (manual start)
SYMFW: \SystemRoot\System32\Drivers\SYMFW.SYS (manual start)
SYMIDS: \SystemRoot\System32\Drivers\SYMIDS.SYS (manual start)
SYMIDSCO: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20051208.051\symidsco.sys (manual start)
symlcbrd: \??\C:\WINDOWS\system32\drivers\symlcbrd.sys (autostart)
SYMNDIS: \SystemRoot\System32\Drivers\SYMNDIS.SYS (manual start)
SYMREDRV: \SystemRoot\System32\Drivers\SYMREDRV.SYS (manual start)
SYMTDI: \SystemRoot\System32\Drivers\SYMTDI.SYS (system)
SymWMI Service: "C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe" (autostart)
Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start)
Performance Logs and Alerts: %SystemRoot%\system32\smlogsvc.exe (manual start)
Telephony: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
TCP/IP Protocol Driver: System32\DRIVERS\tcpip.sys (system)
Terminal Device Driver: System32\DRIVERS\termdd.sys (system)
Terminal Services: %SystemRoot%\System32\svchost -k DComLaunch (manual start)
Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Telnet: C:\WINDOWS\System32\tlntsvr.exe (manual start)
Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart)
Microcode Update Driver: System32\DRIVERS\update.sys (manual start)
Universal Plug and Play Device Host: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start)
USB Audio Driver (WDM): system32\drivers\usbaudio.sys (manual start)
Microsoft USB Generic Parent Driver: System32\DRIVERS\usbccgp.sys (manual start)
USB2 Enabled Hub: System32\DRIVERS\usbhub.sys (manual start)
Microsoft USB Open Host Controller Miniport Driver: System32\DRIVERS\usbohci.sys (manual start)
Microsoft USB PRINTER Class: system32\DRIVERS\usbprint.sys (manual start)
USB Scanner Driver: system32\DRIVERS\usbscan.sys (manual start)
USB Mass Storage Driver: system32\DRIVERS\USBSTOR.SYS (manual start)
VGA Display Controller.: \SystemRoot\System32\drivers\vga.sys (system)
vsdatant: System32\vsdatant.sys (system)
TrueVector Internet Monitor: C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service (autostart)
Volume Shadow Copy: %SystemRoot%\System32\vssvc.exe (manual start)
Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Remote Access IP ARP Driver: System32\DRIVERS\wanarp.sys (manual start)
Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start)
WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Portable Media Serial Number Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Windows Management Instrumentation Driver Extensions: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
WMI Performance Adapter: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start)
Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
World Standard Teletext Codec: system32\DRIVERS\WSTCODEC.SYS (manual start)
Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Network Provisioning Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)


--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: *Registry value not found*

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll

--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*windows update = wuaruclt.exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*windows update = wuaruclt.exe

--------------------------------------------------

End of report, 38 537 bytes
Report generated in 0,188 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

 

taitaapi mennä winukka uusiks?

 

Juu, korjausasennusta kannattaa ensin yrittää.