Hello, I have managed to get the Smitfraud, and Spybot is not able to remove it. I have downloaded and launched HijackThis, and here is the log:

Logfile of HijackThis v1.99.1
Scan saved at 16:36:27, on 2007-03-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\scvhost.exe
C:\Program\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\sstray.exe
C:\Program\Eset\nod32kui.exe
C:\Program\Java\jre1.5.0_11\bin\jusched.exe
C:\Program\DAEMON Tools\daemon.exe
C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\Logitech\G-series Software\LGDCore.exe
C:\Program\Logitech\G-series Software\LCDMon.exe
C:\Program\HP\HP Software Update\HPWuSchd2.exe
C:\Program\Spybot - Search & Destroy\TeaTimer.exe
C:\Program\Logitech\G-series Software\Applets\LCDClock.exe
C:\Program\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Program\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program\DTemp\DTemp.exe
C:\Program\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program\Mozilla Firefox\firefox.exe
C:\Program\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program\VideoLAN\VLC\vlc.exe
F:\utorrent.exe
C:\Program files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_11\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [nod32kui] "C:\Program\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Windows Update] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [msconfig] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [icq lite] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [Update Checker] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [AntiVir] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [Windows Update] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [msconfig] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [icq lite] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [Update Checker] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [AntiVir] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [] C:\WINDOWS\scvhost.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Genväg till DTemp.lnk = C:\Program\DTemp\DTemp.exe
O4 - Startup: NetMeter.lnk = C:\Program\NetMeter\NetMeter.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Snabbstart.lnk = C:\Program\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe


Any help is appreciated, the faster the better :)
Thanks in advance!

Welcome to the forum, you have nasty infection here, see this:
http://www.liutilities.com/products/wintaskspro/processlibrary/scvhost/

I need to give you this information:
A Backdoor is a software program that gives an attacker unauthorized access to a machine and the means for remotely controlling the machine without the user's knowledge. A Backdoor compromises system integrity by making changes to the system that allow it to by used by the attacker for malicious purposes unknown to the user.
One or more of the identified infections is a backdoor trojan.
This allows hackers to remotely control your computer, steal critical system information and Download and Execute files
I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.
Though the Trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of Trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
http://www.dslreports.com/faq/10451

When Should I Format, How Should I Reinstall
http://www.dslreports.com/faq/10063

Please let us know what you have decided to do in your next post.

Thanks

Thanks for the extremely fast response, and sadly for bringing bad news :/

I would think reformatting the computer is a good idea then, but i have some questions first.
I see in Sunbelt Kerio Personal Firewall that i have permanently blocked all connections to the program scvhost.exe, can i feel secure then?
I have also planned to buy a new computer at the end of this month, but if a reformat for the computer is needed would it be a good idea to just buy the computer now?

Thanks again!

You know, when I google that worm, I get a lot of different possibles, but there is little doubt it is a backfoor trojan, which is why I decided to give you the information so you could protect yourself. There is also a good chance I can help you remove the worm. There are a couple of things I can not do. One is to guarantee the safety and security of the computer and the other is to tell you that you can feel secure if you block it with Sunbelt Kerio Personal Firewall. You would have to address that question to them:
http://www.sunbelt-software.com/Home-Home-Office/Sunbelt-Personal-Firewall/Support/

It would also be a mute point for me to address the other question, that is a decision you have to make.

Thanks

I will gladly do anything to at least try getting this worm out of the system, as i feel the computer will not be much use for me when having this evil thing in it :)

Follow these directions carefully:

Thanks to andymanchesta and anyone else who helped with the fix.

1) Download SDFix and save it to your Desktop.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.
Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum).
Finally paste the contents of the Report.txt back on the forum with a new HijackThis log

Thanks

It seems i am unable to enter Fail-safe mode, i have tried hammering, holding, pressing the f8 button slowly, fast, and in all other ways i could come up with during the whole booting process, but it didn't happen.
I guessed it could be because i have a USB-connected keyboard, so i tried looking for my old one, but i couldnt find it.
But before the screen where i am supposed to press f8, i am actually able to press delete and enter the BIOS-settings screen, but "load fail-safe defaults" in that window seems to do nothing except disabling internet-connections.

Is there any way to somehow "Restart computer in Fail-safe mode" when i have entered windows?
As it has become night here, i will not be able to respond further until tomorrow, and until we hear again i will try looking some more for a non-USB keyboard.

Thanks for all the help so far!

http://www.google.com/search?hl=en&q=how+to+start+in+safe+mode&btnG=Google+Search

I can actually post an update on this right away, i forced myself into the window where i can choose to start in Fail-safe, but the keyboard didn't respond.
I assume that the only solution for this is using the mentioned non-USB keyboard. I will hunt for that tomorrow some more then, and make sure to get my hands on one, in one way or another.

OK, keep me posted, even though the fix is not going to work as well, if at all? You can try to run it in normal mode if need be. You have a load of the junk and we will have to clean what the fix does not manually, but I am willing to do what I can. That is if you still consider cleaning the junk a viable solution.

Thanks

<i managed to borrow an old PS/2 keyboard, which allowed me to start in failsafe mode.

Here is the Report.txt-log:


SDFix: Version 1.72

Run by Anders - 2007-03-15 / 15:30:40,37

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:






Restoring Windows Registry Entries
Restoring Default Hosts File


Rebooting...

Normal Mode:
Checking Files:

Below files will be copied to Backups folder then removed:

C:\WINDOWS\offlog.txt - Deleted
C:\WINDOWS\scvhost.exe - Deleted



ADS Check:

C:\WINDOWS\system32
No streams found.


Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Documents and Settings\\Anders\\Skrivbord\\utorrent.exe"="C:\\Documents and Settings\\Anders\\Skrivbord\\utorrent.exe:*:Enabled:µTorrent"
"F:\\utorrent.exe"="F:\\utorrent.exe:*:Enabled:µTorrent"
"C:\\Program\\Messenger\\msmsgs.exe"="C:\\Program\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program\\MSN Messenger\\msnmsgr.exe"="C:\\Program\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\\Program\\MSN Messenger\\msncall.exe"="C:\\Program\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"F:\\Electronic Arts\\Battlefield 2142 Demo\\BF2142.exe"="F:\\Electronic Arts\\Battlefield 2142 Demo\\BF2142.exe:*:Enabled:Battlefield 2"
"C:\\Program\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\WINDOWS\\scvhost.exe"="C:\\WINDOWS\\scvhost.exe:*:Enabled:Microsoft Windows"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program\\MSN Messenger\\msnmsgr.exe"="C:\\Program\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\\Program\\MSN Messenger\\msncall.exe"="C:\\Program\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"


Remaining Files:
---------------

Backups Folder: - C:\SDFix\backups\backups.zip

Checking For Files with Hidden Attributes :

C:\Program\Miranda IM\Received Files\apolonioazul@hotmail.com\Thumbs.db
C:\Program\Miranda IM\Received Files\grizor20@hotmail.com\Thumbs.db
C:\Program\Miranda IM\Received Files\marcovanduinen@gmail.com\Thumbs.db
C:\Program\Miranda IM\Received Files\varmlandskille1@hotmail.com\Thumbs.db
C:\Documents and Settings\Anders\Lokala inst„llningar\Temp\BITDA0.tmp

Finished

and HijackThis:

Logfile of HijackThis v1.99.1
Scan saved at 15:41:22, on 2007-03-15
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\sstray.exe
C:\Program\Eset\nod32kui.exe
C:\Program\Java\jre1.5.0_11\bin\jusched.exe
C:\Program\DAEMON Tools\daemon.exe
C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\Logitech\G-series Software\LGDCore.exe
C:\Program\Logitech\G-series Software\LCDMon.exe
C:\Program\HP\HP Software Update\HPWuSchd2.exe
C:\Program\Spybot - Search & Destroy\TeaTimer.exe
C:\Program\Logitech\G-series Software\Applets\LCDClock.exe
C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Program\DTemp\DTemp.exe
C:\Program\NetMeter\NetMeter.exe
C:\Program\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program\Mozilla Firefox\firefox.exe
C:\Program files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_11\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [nod32kui] "C:\Program\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Genväg till DTemp.lnk = C:\Program\DTemp\DTemp.exe
O4 - Startup: NetMeter.lnk = C:\Program\NetMeter\NetMeter.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Snabbstart.lnk = C:\Program\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe


Thank you so much for all the help so far!

Good that you got to safe mode, I need to mention some advice from the creator of the fix. He assures me this is a very nasty keylogger you had.

the infection they had is a keylogger so its a nasty one if they do any online banking or have payed for goods online, the offlog.txt contains the keylogging data but its probably getting reset everytime it gets sent out, I dont need the backups for that one with it having stolen data in it, its best if they just delete the backups folder, that infection can also take screenshots so its not a nice one to have on the pc,
Please follow the directions carefully and in the numbered order.

C:\Program\NetMeter\NetMeter.exe >>> see this information:
http://www.castlecops.com/startuplist-2440.html
http://www.bleepingcomputer.com/startups/NetMeter.exe-3644.html

1) How to make files and folders visible:
Click Start > Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
Uncheck: Hide file extensions for known file types
Uncheck the Hide protected operating system files (recommended) option.
Click Yes to confirm. Click OK.
You may reverse this for safety when we are finished.

2) Please download ATF Cleaner by Atribune
http://www.atribune.org/content/view/25/2/
Save it to your Desktop. We will use this later.

3) Start > Control Panel > Add Remove Programs and uninstall NetMeter

4) TeaTimer will block the changes we must make. Use the instruction in this link and turn it off until you are done:
http://russelltexas.com/malware/teatimer.htm

5) Open HijackThis and choose "Do a system scan only" then check the box in front of these line items:

(first two are not bad, but are damaged and not working. If you use them download them again when we finish)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - Startup: NetMeter.lnk = C:\Program\NetMeter\NetMeter.exe

Close all programs but HJT and all browser windows, then click on "Fix Checked"

6) RIGHT Click on Start then click on Explore. Locate and delete these items:

C:\Program\NetMeter\ <<< delete that folder

Since this was a bad infection, I would like to run two programs, one to check for hidden malware and one two check for rootkits. Both are from the same folks so careful not to confuse them.

7) Follow the instructions in this link, delete or at least quarantine anything found. Save the scan report to post.
http://forums.security-central.us/showthread.php?t=3165

8) Click here to download AVG Anti Rootkit and save it to your desktop.
http://beta.grisoft.cz/beta/betarep.files/antirootkit/AVG_AntiRootkit_1.0.0.13.exe
Double-click on the AVG_AntiRootkit_1.0.0.13.exe file to run it.
Click "I Agree" to agree to the EULA.
By default it will install to "G:\Program Files\GRISOFT\AVG Anti-Rootkit Beta".
Click "Next" to begin the installation then click "Install".
It will then ask you to reboot now to finish the installation.
Click "Finish" and your computer will reboot.
After it reboots, double-click on the AVG Anti-Rootkit Beta shortcut that is now on your desktop.
Click on the "Perform in-depth search" button to begin the scan.
The scan will take a while so be patient and let it complete.
When the scan is finished, click the "Save result to file" button.
Save the scan results to your desktop then come back here to copy and paste the results in your next reply to this thread.

9) Run ATF Cleaner
Double-click ATF-Cleaner.exe to run the program.
Click Select All found at the bottom of the list.
Click the Empty Selected button.
Click Exit on the Main menu to close the program.

Post the results of the AVG Anti-Spyware scan, the results of the Anti-Rootkit scan, a new HJT log and let me know how the computer is running.

Thanks

I encountered some problems with the Anti-rootkit program. When i scanned the first disks (C:\ and D:\) nothing was found, but when i scanned E:\ i got a huge list of objects (850 of them), and i was told they were hidden. But this comes from the fact that the harddisk got overheated or something along those lines, and all the files in a certain directory got corrupted in some way, as explorer.exe freezes whenever i enter that directory, and i have also tried before to delete the contents, and some other means of getting it fixed but nothing work.
So basically i got a huge list of objects that i cant do anything about, and the Anti-root program got stuck trying to scan a certain folder (i had the program running for 10 minutes and nothing happened).
So i couldnt scan the entire computer, but i will paste parts of the log anyway so you can see what it basically looks like.

But first the other AVG-program:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 22:07:34 2007-03-15

+ Scan result:



E:\SPEL\Rockstar Games\GTA San Andreas\GTA San Andreas\hlm-intro.exe -> Backdoor.Hupigon.kg : Cleaned.
C:\SDFix\backups\backups.zip/backups/scvhost.exe -> Backdoor.VB.ayx : Cleaned.
C:\System Volume Information\_restore{465D7D6E-619D-4A3B-BA81-302B7BCB6FD2}\RP211\A0055492.exe -> Backdoor.VB.ayx : Cleaned.
C:\System Volume Information\_restore{465D7D6E-619D-4A3B-BA81-302B7BCB6FD2}\RP211\A0055499.exe -> Backdoor.VB.ayx : Cleaned.
F:\System Volume Information\_restore{465D7D6E-619D-4A3B-BA81-302B7BCB6FD2}\RP209\A0054896.exe -> Backdoor.VB.ayx : Cleaned.
:mozilla.195:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.196:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.197:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.221:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.222:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.223:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.224:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.225:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.226:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.230:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.231:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.232:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.235:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.236:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.237:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.238:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.239:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.240:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.241:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.242:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.243:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.244:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.245:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.247:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.248:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.249:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.250:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.251:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.252:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.253:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.254:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.255:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.256:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.257:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.258:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.259:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.260:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.261:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.261:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.262:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.263:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.264:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.265:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.266:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.267:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.268:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.269:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.270:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.271:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.272:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.273:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.274:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.275:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.276:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.301:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.303:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.353:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.361:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.375:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.390:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.474:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.134:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.137:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.138:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.311:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.520:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.646:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.647:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\Anders\Cookies\anders@www.adobe[1].txt -> TrackingCookie.Adobe : Cleaned.
:mozilla.284:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.285:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.92:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.93:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.83:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.84:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.88:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.89:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.90:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.129:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.99:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.691:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Belstat : Cleaned.

:mozilla.288:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.352:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.693:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.110:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.111:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.112:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.97:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.98:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.636:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.637:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.638:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.319:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.320:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.321:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.363:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.132:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.48:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.383:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
:mozilla.325:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.326:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.327:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.37:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.41:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.43:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.44:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.24:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Fortunecity : Cleaned.
:mozilla.87:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Gemius : Cleaned.
:mozilla.88:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Gemius : Cleaned.
:mozilla.180:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.198:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.272:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.114:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Information : Cleaned.
:mozilla.115:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Information : Cleaned.
:mozilla.116:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Information : Cleaned.
:mozilla.649:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Information : Cleaned.
:mozilla.293:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.294:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.107:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.108:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.26:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.27:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.279:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.280:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.653:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.654:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.655:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.391:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.473:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Overture : Cleaned.

:mozilla.246:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.368:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.487:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.488:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.109:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.495:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.496:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.112:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.113:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.114:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.115:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.116:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.117:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.118:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.119:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.120:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.121:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.122:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.123:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.124:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.125:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.126:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.351:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.502:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.503:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.504:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.505:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.506:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.118:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.119:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.714:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.715:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.716:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.295:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.296:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.526:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.527:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.528:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.529:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.548:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Toplist : Cleaned.
:mozilla.80:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.81:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.81:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.82:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.82:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.213:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.45:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.384:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.133:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.325:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.36:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.583:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.120:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.121:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.122:C:\Documents and Settings\Resten\Application Data\Mozilla\Firefox\Profiles\pgy6l39y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.73:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.74:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.75:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.76:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.77:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.78:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.79:C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\58p9m2as.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Program\Eset\crack_reg.exe -> Trojan.Regpat.a : Cleaned.
F:\Mina Dokument\NOD\NOD32.rar/crack.zip/crack_reg.exe -> Trojan.Regpat.a : Cleaned.
F:\Mina Dokument\NOD\NOD32\crack.zip/crack_reg.exe -> Trojan.Regpat.a : Cleaned.
F:\NOD32.rar/crack.zip/crack_reg.exe -> Trojan.Regpat.a : Cleaned.


::Report end

From AVGAnti-rootkit: (Not in it's entirety, the full log is 71739 characters)

e:\Dc++ share\Musik\Bra musik\Absolute 70's,Hidden directory
e:\Dc++ share\Musik\Bra musik\absolute disco classics 2cd,Hidden directory
e:\Dc++ share\Musik\Bra musik\absolute disco classics 2cd\Absolute_Disco_Classics_2cd front.jpg,Hidden file
e:\Dc++ share\Musik\Bra musik\absolute disco classics 2cd\Absolute_Disco_Classics_2cd_back.jpg,Hidden file
e:\Dc++ share\Musik\Bra musik\absolute disco classics 2cd\Thumbs.db,Hidden file
e:\Dc++ share\Musik\Bra musik\Bloodhound Gang,Hidden directory
e:\Dc++ share\Musik\Bra musik\Busringningar,Hidden directory
e:\Dc++ share\Musik\Bra musik\Busringningar\dylte_-_din_slapphanta_morsa.mp3,Hidden file
e:\Dc++ share\Musik\Bra musik\Busringningar\dylte_-_ett_fornamn_tack.mp3,Hidden file
e:\Dc++ share\Musik\Bra musik\Busringningar\dylte_-_hariga_greken.mp3,Hidden file
e:\Dc++ share\Musik\Bra musik\Busringningar\dylte_-_harliga_plasthandskar.mp3,Hidden file
e:\Dc++ share\Musik\Bra musik\Busringningar\dylte_-_pengar_till_pizza.mp3,Hidden file
e:\Dc++ share\Musik\Bra musik\Busringningar\dylte_-_spant_pa_frugan.mp3,Hidden file
e:\Dc++ share\Musik\Bra musik\Busringningar\dylte_-_storm.mp3,Hidden file
e:\Dc++ share\Musik\Bra musik\Busringningar\dylte_-_trogkarring.mp3,Hidden file
e:\Dc++ share\Musik\Bra musik\Busringningar\dylte_-_turken.mp3,Hidden file
e:\Dc++ share\Musik\Bra musik\Busringningar\dylte_-_urblasta_sigbritt.mp3,Hidden file
e:\Dc++ share\Musik\Bra musik\Busringningar\dylte_-_viskmannen.mp3,Hidden file
e:\Dc++ share\Musik\Bra musik\Busringningar\gustav_-_socker_i_tanken.mp3,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music,Hidden directory
e:\Dc++ share\Musik\Bra musik\C64Music\Guardian Legend, The (1988)(Miyamo Shant - Irem)(68 Songs)[With SFX].nsf,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\HVSC_Intro_41.d64,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\HVSC_Intro_42.d64,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Ninja Gaiden (1989)(More Yamasan & B.B. Hasake - Tecmo)(64 Songs)[With SFX].nsf,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Raeburn_Gavin,Hidden directory
e:\Dc++ share\Musik\Bra musik\C64Music\Raeburn_Gavin\Dead_Zone.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Raeburn_Gavin\Enforcer.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Raeburn_Gavin\Gothik_PSID.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Raeburn_Gavin\Gun_Runner.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Raeburn_Gavin\Professional_Skatebrd_PSID.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Raeburn_Gavin\Pro_Tennis_Simulator_PSID.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Raeburn_Gavin\Rally_Cross_PSID.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Raeburn_Gavin\Rock_Star_Ate_Hamstr_PSID.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Raeburn_Gavin\Terminator.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Raeburn_Gavin\Thunderbolt.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Raeburn_Gavin\Toddler.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\readme.1st,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red,Hidden directory
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Alien_Syndrome.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Alien_Syndrome_preview.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\All_Risks.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Big_Deal.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Big_Deal_remix.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Crazy_Sample.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Crazy_Sample_First.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Crazy_Sample_II.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Dont_Go.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Final_Countdown.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Final_Walk.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Frightmare.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Odd_Habit.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Operation_Underground.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Playboy_The_Game.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Radax.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Red_Hubbard.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Red_Mokiz.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Red_Music.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Red_V110_Godv.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Rendez-vous.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Rhaa_Lovely.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Rhaa_Lovely_II.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Rhaa_Lovely_intro.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Rock.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Rocky.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Think_Twice_III.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Think_Twice_IV.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Think_Twice_V.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Touch_Me.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Touch_Me_plus.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Traz.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Watch_It.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Red\Why_Think_end_part.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Reynolds_Daryll,Hidden directory
e:\Dc++ share\Musik\Bra musik\C64Music\Reynolds_Daryll\Case_of_the_Mad_Mummy_PSID.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Reynolds_Daryll\Case_of_the_Mad_Mumm_BASIC.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Reynolds_Daryll\Nuclear_War_Games.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Reynolds_Daryll\Search_for_King_Solomons_M.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Reynolds_Daryll\Secret_of_Bastow_Man_BASIC.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock,Hidden directory
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\7_On_The_Top.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Challenge.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Contest_Demo_part_1.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Contest_Demo_part_2.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Contest_Demo_part_3.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Contest_Demo_part_4.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Deadline.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Demo_Tune_10.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Down.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\D_Y_S_P_I_D_C_E_part_2.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Easy.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Faraway.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\FIG_Again.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\FIG_Message_1.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Going_On.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Halloween_IV_part_2.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Ice-cold_part_1.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Ice-cold_part_2.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Ice-cold_part_3.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Jimmy.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Last_In_Line.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Nitro.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Paranoia.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Popcorn.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Rocks_Song.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Small_Song.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Starfire.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rock\Vertigo.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited,Hidden directory
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited\1984-F.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited\Beg_Your_Pardon.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited\Boston.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited\Ein_Fall_fuer_2.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited\Equinoxe_Qui_Cera_Blizzard.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited\Hurling_Frootmig.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited\Ikarus.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited\Jabba_Mix.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited\Magnetic_Dreams_Issue_03.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited\Muellermilch.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited\Music_Compo.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited\Nightdawn_Score-Tune.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited\Nightflight.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited\Rock-Monty.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited\Rock-Monty_PSID.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited\Slartibartfas.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited\Sunday_Night.sid,Hidden file
e:\Dc++ share\Musik\Bra musik\C64Music\Rockin_Limited\Synthiworld.sid,Hidden file

Logfile of HijackThis v1.99.1
Scan saved at 22:30:14, on 2007-03-15
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\sstray.exe
C:\Program\Eset\nod32kui.exe
C:\Program\Java\jre1.5.0_11\bin\jusched.exe
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\Logitech\G-series Software\LGDCore.exe
C:\Program\Logitech\G-series Software\LCDMon.exe
C:\Program\HP\HP Software Update\HPWuSchd2.exe
C:\Program\Logitech\G-series Software\Applets\LCDClock.exe
C:\Program\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Program\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program\DTemp\DTemp.exe
C:\Program\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program\Miranda IM\miranda32.exe
C:\Program\Mozilla Firefox\firefox.exe
C:\Program\Winamp\winamp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program\Microsoft Office\Office10\WINWORD.EXE
C:\Program files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_11\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [nod32kui] "C:\Program\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - Startup: Genväg till DTemp.lnk = C:\Program\DTemp\DTemp.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Snabbstart.lnk = C:\Program\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe



Sorry for the amount of text in the previous posts, but i felt it would be better to have you get a general idea of what messages i get. It has turned to night here again, and i will be unable to respond for a while.

It does seem as if the computer is running faster, but it may just be my imagination.

Thanks again :heart:.

I must apologize, I may be trying to help to many folks at once. The notification I am supposed to receive when you post, I did not get. If you have not resolved this issue, please post a new HJT log and describe the situation to the best of your ability, making sure to include any error messages you are receiving "word for word" and we will work from there.

Thanks...Phil

This topic has been closed to prevent others with similar issues posting in it.

If you need it re-opened please send me a private message (pm) and provide a link to the thread. Applies only to the original poster, anyone else with similar problems please start a new topic.