Hi!
I was told to make my own thread about this so here it is =P.
anyways, i have followed all the steps thats listed here:
http://www.daniweb.com/techtalkforums/thread50093.html
I think everything went succesfully..
Here are the reports:
This is the SmitfraudFix log t hat i posted in the thread linked above:
SmitFraudFix v2.74
Scan done at 14:02:35,84, 2006-07-21
Run from C:\Documents and Settings\Larzz\Skrivbord\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
C:\WINDOWS\kl.exe FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\ishost.exe FOUND !
C:\WINDOWS\system32\ismon.exe FOUND !
C:\WINDOWS\system32\isnotify.exe FOUND !
C:\WINDOWS\system32\issearch.exe FOUND !
C:\WINDOWS\system32\ixt?.dll FOUND !
C:\WINDOWS\system32\ixt??.dll FOUND !
C:\WINDOWS\system32\ot.ico FOUND !
C:\WINDOWS\system32\pmnqguh.dll FOUND !
C:\WINDOWS\system32\ts.ico FOUND !
C:\WINDOWS\system32\components\flx?.dll FOUND !
C:\WINDOWS\system32\components\flx??.dll FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Larzz\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Larzz\FAVORI~1
C:\DOCUME~1\Larzz\FAVORI~1\Antivirus Test Online.url FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
C:\DOCUME~1\ALLUSE~1\SKRIVB~1\Online Security Guide.url FOUND !
C:\DOCUME~1\ALLUSE~1\SKRIVB~1\Security Troubleshooting.url FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program
C:\Program\SpyQuake2.com\ FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="about
:Home"
"SubscribedURL"="about
:Home"
"FriendlyName"="Min aktuella startsida"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"cinnamomum"="{93ac7c30-3878-4eaa-9420-7977285df5b1}"
»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
And here is the HJT log:
Logfile of HijackThis v1.99.1
Scan saved at 16:23:38, on 2006-07-22
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ishost.exe
C:\WINDOWS\system32\isnotify.exe
C:\WINDOWS\system32\issearch.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\ismon.exe
C:\Program\iTunes\iTunesHelper.exe
C:\Program\QuickTime\qttask.exe
C:\Program\D-Tools\daemon.exe
C:\Program\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program\Logitech\Video\LogiTray.exe
C:\Program\MessengerPlus! 3\MsgPlus.exe
C:\Program\CyberLink\PowerDVD\PDVDServ.exe
C:\Program\ATI Technologies\ATI.ACE\cli.exe
C:\Program\Winamp\winampa.exe
C:\Program\SMS från Datorn Stand Alone\eSMS Executive Windows.exe
C:\Program\MSN Messenger\MsnMsgr.Exe
C:\Program\Serv-U\ServUTray.exe
C:\WINDOWS\ECURIT~1\iexplore.exe
C:\WINDOWS\M?crosoft.NET\??xplore.exe
C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program\EASYPH~1\Apache\apache.exe
C:\Program\No-IP\DUC20.exe
C:\Program\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program\EASYPH~1\MySql\bin\mysqld.exe
C:\Program\EASYPH~1\Apache\apache.exe
C:\Program\Logitech\Video\FxSvr2.exe
C:\Program\No-IP\DUC20.exe
C:\Program\Serv-U\ServUDaemon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\iPod\bin\iPodService.exe
C:\Program\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program\ATI Technologies\ATI.ACE\cli.exe
C:\Program\ATI Technologies\ATI.ACE\cli.exe
C:\Program\Internet Explorer\iexplore.exe
C:\HIjackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program\Mozilla Firefox\firefox.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://google.se/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
R3 - URLSearchHook: (no name) - {C3971E35-A5A5-A372-FC4C-F8EA16EC729A} - C:\WINDOWS\system32\mlfdx.dll
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [RemoteControl] C:\Program\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program\Winamp\winampa.exe
O4 - HKLM\..\Run: [SMS från Datorn Stand Alone] "C:\Program\SMS från Datorn Stand Alone\eSMS Executive Windows.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Program\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [ServUTrayIcon] C:\Program\Serv-U\ServUTray.exe
O4 - HKCU\..\Run: [Wnir] "C:\WINDOWS\ECURIT~1\iexplore.exe" -vt yax
O4 - HKCU\..\Run: [Cgycnby] C:\WINDOWS\M?crosoft.NET\??xplore.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: No-IP DUC.lnk = C:\Program\No-IP\DUC20.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
http://ak.exe.imgfarm.com/images/noc...up1.0.0.15.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} (YazzleActiveX Control) -
http://yax-download.yazzle.net/Yazzl...cab?refid=1123
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll C:\WINDOWS\system32\scanregw.dll
O21 - SSODL: cinnamomum - {93ac7c30-3878-4eaa-9420-7977285df5b1} - C:\WINDOWS\system32\pmnqguh.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apache - Unknown owner - C:\Program\EASYPH~1\Apache\apache.exe" --ntservice (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: MySQL - Unknown owner - C:\Program\EASYPH~1\MySql\bin\mysqld.exe
O23 - Service: MySQL5 - Unknown owner - C:\Program\MySQL\MySQL.exe (file missing)
O23 - Service: NoIPDUCService - Vitalwerks LLC - C:\Program\No-IP\DUC20.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Serv-U FTP Server (Serv-U) - Cat Soft - C:\Program\Serv-U\ServUDaemon.exe
And here is the ewido log:
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 18:48:44 2006-07-22
+ Scan result:
HKLM\SOFTWARE\Classes\CLSID\{3E422F49-1566-40D3-B43D-077EF739AC32} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E422F49-1566-40D3-B43D-077EF739AC32} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-1844237615-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E422F49-1566-40D3-B43D-077EF739AC32} -> Adware.Generic : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Lokala inställningar\Temporary Internet Files\Content.IE5\HAXBNRGB\YazzleActiveX[1].cab/YazzleActiveX.ocx -> Adware.MediaTickets : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\YazzleActiveX.ocx -> Adware.MediaTickets : Cleaned with backup (quarantined).
C:\WINDOWS\YAXUninst.exe -> Adware.MediaTickets : Cleaned with backup (quarantined).
C:\WINDOWS\system32\NaviHelper.dll -> Adware.Navi : Cleaned with backup (quarantined).
C:\WINDOWS\Mіcrosoft.NET\іеxplore.exe -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\WINDOWS\system32\mlfdx.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\WINDOWS\system32\scanregw.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
[1396] C:\WINDOWS\system32\scanregw.dll -> Adware.PurityScan : Error during cleaning.
[252] C:\WINDOWS\system32\scanregw.dll -> Adware.PurityScan : Error during cleaning.
[300] C:\WINDOWS\system32\scanregw.dll -> Adware.PurityScan : Error during cleaning.
[312] C:\WINDOWS\system32\scanregw.dll -> Adware.PurityScan : Error during cleaning.
[472] C:\WINDOWS\system32\scanregw.dll -> Adware.PurityScan : Error during cleaning.
[536] C:\WINDOWS\system32\scanregw.dll -> Adware.PurityScan : Error during cleaning.
[600] C:\WINDOWS\system32\scanregw.dll -> Adware.PurityScan : Error during cleaning.
[876] C:\WINDOWS\system32\scanregw.dll -> Adware.PurityScan : Error during cleaning.
C:\Documents and Settings\Larzz\Lokala inställningar\Temporary Internet Files\Content.IE5\HAXBNRGB\anti4[1].exe -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Lokala inställningar\Temporary Internet Files\Content.IE5\HAXBNRGB\ff3[1] -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\WINDOWS\system32\fccayxv.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\WINDOWS\system32\pmnlk.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\WINDOWS\g10770984.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g12878062.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g13423078.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g15519187.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g1710875.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g17275312.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g19373093.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g19919265.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g2063000.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g21898593.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g23795921.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g25741203.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g26444562.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g28395359.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g30286093.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g32283250.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g32808578.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g34892500.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g36650562.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g38733390.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g39292875.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g43259703.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g45776578.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g49748468.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g52385687.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g56224156.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g58865609.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g62826359.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g6374640.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g642468.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g65467640.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g6929703.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g69308343.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g71949656.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g75790500.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g78431750.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g83713234.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\WINDOWS\g9035593.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Lokala inställningar\Temporary Internet Files\Content.IE5\HAXBNRGB\!update-4028[1].0000 -> Downloader.PurityScan.cu : Cleaned with backup (quarantined).
C:\WINDOWS\ѕecurity\iexplore.exe -> Downloader.PurityScan.cu : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Lokala inställningar\Temporary Internet Files\Content.IE5\KZF4N8XX\mulbin32[1].exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\WINDOWS\system32\oins.exe -> Dropper.Small : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.62:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@122.2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.19:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
:mozilla.20:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
:mozilla.21:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
:mozilla.22:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
:mozilla.75:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.76:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.65:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Lokala inställningar\Temp\Cookies\larzz@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@as.casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.40:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.63:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
:mozilla.64:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
:mozilla.66:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
:mozilla.67:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.68:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.69:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@phg.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@hotlog[1].txt -> TrackingCookie.Hotlog : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@ilead.itrack[1].txt -> TrackingCookie.Itrack : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.9:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup (quarantined).
:mozilla.97:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.98:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.33:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.34:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Lokala inställningar\Temp\Cookies\larzz@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.23:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@weborama[2].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@yadro[2].txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined).
:mozilla.71:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.72:C:\Documents and Settings\Larzz\Application Data\Mozilla\Firefox\Profiles\gwuovonl.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Cookies\larzz@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\WINDOWS\system32\ksyngxye.exe -> Trojan.Agent.ny : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Lokala inställningar\Temporary Internet Files\Content.IE5\1KOQ8R0H\bgates[1].exe -> Trojan.Dialer.pz : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Lokala inställningar\Temporary Internet Files\Content.IE5\1KOQ8R0H\srvnhq[1].exe -> Trojan.Dialer.u : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Lokala inställningar\Temporary Internet Files\Content.IE5\CZMLV7ZX\srvipe[1].exe -> Trojan.Dialer.u : Cleaned with backup (quarantined).
C:\Documents and Settings\Larzz\Lokala inställningar\Temporary Internet Files\Content.IE5\CZMLV7ZX\srvxym[1].exe -> Trojan.Dialer.u : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win36.tmp.exe -> Trojan.Dialer.u : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win74.tmp.exe -> Trojan.Dialer.u : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win76.tmp.exe -> Trojan.Dialer.u : Cleaned with backup (quarantined).
::Report end
Thanks for the help i have already goten and for the help i may get =)
/Larzz
Unsolved 
