I fixing my friends computer and she had the Privacy_Danger image on the desktop as well as popups. I followed the Malware removal instructions on your website and it seems that everything is working again but can someone please review the logs.
Thank you
BitDefender Log
BitDefender Online Scanner - Real Time Virus Report
Generated at: Wed, Aug 29, 2007 - 17:49:15
--------------------------------------------------------------------------------
Scan Info
Scanned Files
360238
Infected Files
10
Virus Detected
Exploit.Win32.WMF-PFV
2
Generic.Sdbot.57870A27
2
Trojan.Bat.Killav.CR
4
Trojan.Downloader.Adload.BK
2
--------------------------------------------------------------------------------
This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.
SuperAntiSpyware Log
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 08/29/2007 at 07:04 PM
Application Version : 3.9.1008
Core Rules Database Version : 3295
Trace Rules Database Version: 1305
Scan type : Complete Scan
Total Scan Time : 00:56:30
Memory items scanned : 608
Memory threats detected : 0
Registry items scanned : 6641
Registry threats detected : 0
File items scanned : 52656
File threats detected : 67
Adware.Tracking Cookie
C:\Documents and Settings\Marssia\Cookies\marssia@2o7[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@a.websponsors[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@ad.103092804[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@ad.adnetinteractive[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@ad.iconadserver[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@ad.xplusone[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@ad.yieldmanager[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@adbrite[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@adopt.euroclick[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@adopt.specificclick[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@adrevolver[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@ads.adbrite[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@ads.addynamix[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@ads.pointroll[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@ads.realtechnetwork[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@ads.revsci[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@adserving.cpxinteractive[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@advertising[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@anad.tacoda[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@anat.tacoda[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@ar.atwola[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@atdmt[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@atwola[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@azjmp[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@bluestreak[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@bs.serving-sys[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@burstnet[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@casalemedia[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@coolsavings[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@cpvfeed[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@doubleclick[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@edge.ru4[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@ehg-davidsbridal.hitbox[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@fastclick[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@freecodesource.advertserve[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@hitbox[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@interclick[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@media.adrevolver[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@media.adrevolver[3].txt
C:\Documents and Settings\Marssia\Cookies\marssia@mediaplex[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@overture[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@precisionclick[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@pro-market[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@questionmarket[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@realmedia[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@reduxads.valuead[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@revsci[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@sales.liveperson[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@sales.liveperson[3].txt
C:\Documents and Settings\Marssia\Cookies\marssia@serving-sys[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@specificclick[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@statcounter[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@statse.webtrendslive[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@tacoda[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@tradedoubler[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@trafficmp[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@tremor.adbureau[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@tribalfusion[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@www.burstbeacon[1].txt
C:\Documents and Settings\Marssia\Cookies\marssia@www.burstnet[2].txt
C:\Documents and Settings\Marssia\Cookies\marssia@zedo[2].txt
C:\Documents and Settings\Owner\Cookies\owner@ads.cnn[1].txt
C:\Documents and Settings\Owner\Cookies\owner@adserving.autotrader[2].txt
C:\Documents and Settings\Wendy\Cookies\wendy@adinterax[1].txt
C:\Documents and Settings\Wendy\Cookies\wendy@atdmt[2].txt
C:\Documents and Settings\Wendy\Cookies\wendy@doubleclick[1].txt
Trojan.Net-MSV/VPS-G
C:\SYSTEM VOLUME INFORMATION\_RESTORE{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP711\A0183782.DLL
AVG Antispyware Log---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 9:56:05 PM 8/29/2007
+ Scan result:
C:\Documents and Settings\Marssia\Local Settings\Temporary Internet Files\Content.IE5\CTXSPT8K\weiydgwoiwu[1].htm -> Dropper.Small.j : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT009045 -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT009108.TXT -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\NPROTECT009055 -> TrackingCookie.Adbrite : Cleaned.
C:\RECYCLER\NPROTECT009071 -> TrackingCookie.Adbrite : Cleaned.
C:\RECYCLER\NPROTECT009115.TXT -> TrackingCookie.Adbrite : Cleaned.
C:\RECYCLER\NPROTECT009119.TXT -> TrackingCookie.Adbrite : Cleaned.
C:\RECYCLER\NPROTECT009056 -> TrackingCookie.Addynamix : Cleaned.
C:\RECYCLER\NPROTECT009120.TXT -> TrackingCookie.Addynamix : Cleaned.
C:\RECYCLER\NPROTECT009066 -> TrackingCookie.Adrevolver : Cleaned.
C:\RECYCLER\NPROTECT009105 -> TrackingCookie.Adrevolver : Cleaned.
C:\RECYCLER\NPROTECT009118.TXT -> TrackingCookie.Adrevolver : Cleaned.
C:\RECYCLER\NPROTECT009145.TXT -> TrackingCookie.Adrevolver : Cleaned.
C:\RECYCLER\NPROTECT009078 -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT009125.TXT -> TrackingCookie.Advertising : Cleaned.
C:\RECYCLER\NPROTECT009086 -> TrackingCookie.Atdmt : Cleaned.
C:\RECYCLER\NPROTECT009094 -> TrackingCookie.Atdmt : Cleaned.
C:\RECYCLER\NPROTECT009129.TXT -> TrackingCookie.Atdmt : Cleaned.
C:\RECYCLER\NPROTECT009170.TXT -> TrackingCookie.Atdmt : Cleaned.
C:\RECYCLER\NPROTECT009087 -> TrackingCookie.Bluestreak : Cleaned.
C:\RECYCLER\NPROTECT009132.TXT -> TrackingCookie.Bluestreak : Cleaned.
C:\RECYCLER\NPROTECT009073 -> TrackingCookie.Burstbeacon : Cleaned.
C:\RECYCLER\NPROTECT009166.TXT -> TrackingCookie.Burstbeacon : Cleaned.
C:\RECYCLER\NPROTECT009075 -> TrackingCookie.Burstnet : Cleaned.
C:\RECYCLER\NPROTECT009088 -> TrackingCookie.Burstnet : Cleaned.
C:\RECYCLER\NPROTECT009134.TXT -> TrackingCookie.Burstnet : Cleaned.
C:\RECYCLER\NPROTECT009167.TXT -> TrackingCookie.Burstnet : Cleaned.
C:\RECYCLER\NPROTECT009059 -> TrackingCookie.Casalemedia : Cleaned.
C:\RECYCLER\NPROTECT009135.TXT -> TrackingCookie.Casalemedia : Cleaned.
C:\RECYCLER\NPROTECT009072 -> TrackingCookie.Cnn : Cleaned.
C:\RECYCLER\NPROTECT009082 -> TrackingCookie.Cpvfeed : Cleaned.
C:\RECYCLER\NPROTECT009137.TXT -> TrackingCookie.Cpvfeed : Cleaned.
C:\RECYCLER\NPROTECT009048 -> TrackingCookie.Doubleclick : Cleaned.
C:\RECYCLER\NPROTECT009093 -> TrackingCookie.Doubleclick : Cleaned.
C:\RECYCLER\NPROTECT009138.TXT -> TrackingCookie.Doubleclick : Cleaned.
C:\RECYCLER\NPROTECT009171.TXT -> TrackingCookie.Doubleclick : Cleaned.
C:\RECYCLER\NPROTECT009044 -> TrackingCookie.Euroclick : Cleaned.
C:\RECYCLER\NPROTECT009116.TXT -> TrackingCookie.Euroclick : Cleaned.
C:\RECYCLER\NPROTECT009095 -> TrackingCookie.Fastclick : Cleaned.
C:\RECYCLER\NPROTECT009141.TXT -> TrackingCookie.Fastclick : Cleaned.
C:\RECYCLER\NPROTECT009042 -> TrackingCookie.Hitbox : Cleaned.
C:\RECYCLER\NPROTECT009068 -> TrackingCookie.Hitbox : Cleaned.
C:\RECYCLER\NPROTECT009140.TXT -> TrackingCookie.Hitbox : Cleaned.
C:\RECYCLER\NPROTECT009143.TXT -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Wendy\Cookies\wendy@search.live[2].txt -> TrackingCookie.Live : Cleaned.
C:\RECYCLER\NPROTECT009085 -> TrackingCookie.Liveperson : Cleaned.
C:\RECYCLER\NPROTECT009155.TXT -> TrackingCookie.Liveperson : Cleaned.
C:\RECYCLER\NPROTECT009099 -> TrackingCookie.Mediaplex : Cleaned.
C:\RECYCLER\NPROTECT009147.TXT -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Marssia\Cookies\marssia@search.msn[3].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Danny\Cookies\danny@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned.
C:\RECYCLER\NPROTECT006268.TXT -> TrackingCookie.Netflame : Cleaned.
C:\RECYCLER\NPROTECT006275.TXT -> TrackingCookie.Netflame : Cleaned.
C:\RECYCLER\NPROTECT009083 -> TrackingCookie.Overture : Cleaned.
C:\RECYCLER\NPROTECT009148.TXT -> TrackingCookie.Overture : Cleaned.
C:\RECYCLER\NPROTECT009041 -> TrackingCookie.Pointroll : Cleaned.
C:\RECYCLER\NPROTECT009121.TXT -> TrackingCookie.Pointroll : Cleaned.
C:\RECYCLER\NPROTECT009076 -> TrackingCookie.Pro-market : Cleaned.
C:\RECYCLER\NPROTECT009150.TXT -> TrackingCookie.Pro-market : Cleaned.
C:\RECYCLER\NPROTECT009065 -> TrackingCookie.Questionmarket : Cleaned.
C:\RECYCLER\NPROTECT009151.TXT -> TrackingCookie.Questionmarket : Cleaned.
C:\RECYCLER\NPROTECT009091 -> TrackingCookie.Realmedia : Cleaned.
C:\RECYCLER\NPROTECT009152.TXT -> TrackingCookie.Realmedia : Cleaned.
C:\RECYCLER\NPROTECT009053 -> TrackingCookie.Revsci : Cleaned.
C:\RECYCLER\NPROTECT009154.TXT -> TrackingCookie.Revsci : Cleaned.
C:\RECYCLER\NPROTECT009097 -> TrackingCookie.Ru4 : Cleaned.
C:\RECYCLER\NPROTECT009139.TXT -> TrackingCookie.Ru4 : Cleaned.
C:\RECYCLER\NPROTECT009050 -> TrackingCookie.Serving-sys : Cleaned.
C:\RECYCLER\NPROTECT009061 -> TrackingCookie.Serving-sys : Cleaned.
C:\RECYCLER\NPROTECT009133.TXT -> TrackingCookie.Serving-sys : Cleaned.
C:\RECYCLER\NPROTECT009157.TXT -> TrackingCookie.Serving-sys : Cleaned.
C:\RECYCLER\NPROTECT009079 -> TrackingCookie.Specificclick : Cleaned.
C:\RECYCLER\NPROTECT009098 -> TrackingCookie.Specificclick : Cleaned.
C:\RECYCLER\NPROTECT009117.TXT -> TrackingCookie.Specificclick : Cleaned.
C:\RECYCLER\NPROTECT009158.TXT -> TrackingCookie.Specificclick : Cleaned.
C:\RECYCLER\NPROTECT009080 -> TrackingCookie.Statcounter : Cleaned.
C:\RECYCLER\NPROTECT009159.TXT -> TrackingCookie.Statcounter : Cleaned.
C:\RECYCLER\NPROTECT009058 -> TrackingCookie.Tacoda : Cleaned.
C:\RECYCLER\NPROTECT009090 -> TrackingCookie.Tacoda : Cleaned.
C:\RECYCLER\NPROTECT009096 -> TrackingCookie.Tacoda : Cleaned.
C:\RECYCLER\NPROTECT009126.TXT -> TrackingCookie.Tacoda : Cleaned.
C:\RECYCLER\NPROTECT009127.TXT -> TrackingCookie.Tacoda : Cleaned.
C:\RECYCLER\NPROTECT009161.TXT -> TrackingCookie.Tacoda : Cleaned.
C:\RECYCLER\NPROTECT009102 -> TrackingCookie.Tradedoubler : Cleaned.
C:\RECYCLER\NPROTECT009162.TXT -> TrackingCookie.Tradedoubler : Cleaned.
C:\RECYCLER\NPROTECT009070 -> TrackingCookie.Trafficmp : Cleaned.
C:\RECYCLER\NPROTECT009163.TXT -> TrackingCookie.Trafficmp : Cleaned.
C:\RECYCLER\NPROTECT009043 -> TrackingCookie.Tribalfusion : Cleaned.
C:\RECYCLER\NPROTECT009165.TXT -> TrackingCookie.Tribalfusion : Cleaned.
C:\RECYCLER\NPROTECT009104 -> TrackingCookie.Valuead : Cleaned.
C:\RECYCLER\NPROTECT009153.TXT -> TrackingCookie.Valuead : Cleaned.
C:\Documents and Settings\Wendy\Cookies\wendy@m.webtrends[1].txt -> TrackingCookie.Webtrends : Cleaned.
C:\RECYCLER\NPROTECT009092 -> TrackingCookie.Webtrendslive : Cleaned.
C:\RECYCLER\NPROTECT009160.TXT -> TrackingCookie.Webtrendslive : Cleaned.
C:\RECYCLER\NPROTECT009069 -> TrackingCookie.Yieldmanager : Cleaned.
C:\RECYCLER\NPROTECT009114.TXT -> TrackingCookie.Yieldmanager : Cleaned.
C:\RECYCLER\NPROTECT009103 -> TrackingCookie.Zedo : Cleaned.
C:\RECYCLER\NPROTECT009168.TXT -> TrackingCookie.Zedo : Cleaned.
::Report end
HiJack This Log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:09:53 PM, on 8/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\WINNT\system32\LxrJD31s.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\WINNT\system32\slserv.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\hkcmd.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\1150492787\ee\AOLSoftware.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Documents and Settings\Danny\Local Settings\Temp\Toolkit.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\My Programs\WZQKPICK.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Danny\Desktop\Analyze.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1150492787\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [ToolKit] "C:\Program Files\SeagateToolkit\Toolkit.exe" -L -S /silent
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Billminder.lnk = C:\Program Files\Quicken\billmind.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\Quicken\QWDLLS.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\My Programs\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINNT\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINNT\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\winnt\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.worldnet.att.net
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1150220060187
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINNT\SYSTEM32\LxrJD31s.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\System32\HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINNT\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 11500 bytes