I ran the things I was suppost to and I am still having some problems. Here is my scan logs with a vundo fix log. I dont have the panda scan because IE will freezes and it wont let me run the scan with fire fox.
Thanks
Phillip V
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 12:33:35 PM 1/24/2007
+ Scan result:
C:\Documents and Settings\ALL\My Documents\My Videos\Peer Impact\Setup.exe -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\AntivirusGolden.url -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\Logs -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\Logs\scan_log_06182006-125326.html -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\Logs\scan_log_06182006-161350.html -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\Logs\scan_log_06192006-123807.html -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\Logs\scan_log_06192006-124434.html -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\Logs\scan_log_06192006-133512.html -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\Logs\scan_log_06192006-133922.html -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\Logs\scan_log_06192006-231049.html -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\Logs\scan_log_06192006-231933.html -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\Logs\scan_log_06192006-232515.html -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\Logs\scan_log_06202006-082005.html -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\Logs\scan_log_06202006-142920.html -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\Logs\scan_log_06202006-155253.html -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\Logs\scan_log_06202006-162325.html -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\Logs\scan_log_06202006-162946.html -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\Logs\scan_log_06202006-163252.html -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\Logs\scan_log_06202006-163724.html -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\db.dat -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\generalConfig.xml -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\ignored.lst -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\monitorConfig.xml -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\scannerConfig.xml -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
C:\Program Files\AntivirusGolden\usageStats.xml -> Adware.AntiVirusGolden : Cleaned with backup (quarantined).
HKLM\SOFTWARE\YourSiteBar -> Adware.ISTBar : Error during cleaning.
HKLM\SOFTWARE\YourSiteBar\Historyfiles -> Adware.ISTBar : Error during cleaning.
HKLM\SOFTWARE\YourSiteBar\Historystring -> Adware.ISTBar : Error during cleaning.
C:\WINDOWS\SYSTEM32\alsawspi.dll -> Logger.Agent.ps : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\hsbcsncy.dll -> Logger.Agent.ps : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\thplkkoy.dll -> Logger.Agent.ps : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\txnpioro.dll -> Logger.Agent.ps : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\vfgxamlp.dll -> Logger.Agent.ps : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\wejroqru.dll -> Logger.Agent.ps : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\xolucghy.dll -> Logger.Agent.ps : Cleaned with backup (quarantined).
:mozilla.29:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.30:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.64:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.84:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.85:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.86:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.87:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.58:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.125:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.121:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.69:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.72:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.73:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.74:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.75:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.70:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.71:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.115:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.59:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.65:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.124:C:\Documents and Settings\ALL\Application Data\Mozilla\Firefox\Profiles\44ci5dgv.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
::Report end
UPERAntiSpyware Scan Log
Generated 01/24/2007 at 01:45 PM
Application Version : 3.5.1016
Core Rules Database Version : 3171
Trace Rules Database Version: 1181
Scan type : Custom Scan
Total Scan Time : 01:05:05
Memory items scanned : 467
Memory threats detected : 4
Registry items scanned : 5599
Registry threats detected : 209
File items scanned : 79276
File threats detected : 21
Trojan.Downloader-PATDUM
C:\WINDOWS\CURSORS\EKYOFNT.DLL
C:\WINDOWS\CURSORS\EKYOFNT.DLL
HKLM\Software\Classes\CLSID\{43AACA1E-47EA-4E3A-AAE2-5A310A3562F1}
HKCR\CLSID\{43AACA1E-47EA-4E3A-AAE2-5A310A3562F1}
HKCR\CLSID\{43AACA1E-47EA-4E3A-AAE2-5A310A3562F1}\InprocServer32
HKCR\CLSID\{43AACA1E-47EA-4E3A-AAE2-5A310A3562F1}\InprocServer32#ThreadingModel
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{43AACA1E-47EA-4E3A-AAE2-5A310A3562F1}
Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\ekyofnt
Trojan.Downloader-Quake11
C:\WINDOWS\SYSTEM32\OCJDINYF.DLL
C:\WINDOWS\SYSTEM32\OCJDINYF.DLL
Trojan.Virtumonde/Resident
C:\WINDOWS\SYSTEM32\KTKCUKKG.DLL
C:\WINDOWS\SYSTEM32\KTKCUKKG.DLL
Adware.MyWebSearch
C:\PROGRA~1\MYWEBS~1\BAR\2.BIN\MWSOEMON.EXE
C:\PROGRA~1\MYWEBS~1\BAR\2.BIN\MWSOEMON.EXE
[MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\BAR\2.BIN\MWSOEMON.EXE
[MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\BAR\2.BIN\MWSOEMON.EXE
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\InprocServer32
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\Programmable
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\TypeLib
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\InprocServer32
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\InprocServer32#ThreadingModel
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\Programmable
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\Programmable
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\TypeLib
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32#ThreadingModel
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\Programmable
C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\MWSOEMON.EXE
C:\PROGRAM FILES\MYWEBSEARCH\BAR\2.BIN\MWSOEMON.EXE
Unclassified.Unknown Origin
HKCR\CLSID\{1DAEFCB9-06C8-47C6-8F20-3FB54B244DAA}
HKCR\CLSID\{1DAEFCB9-06C8-47C6-8F20-3FB54B244DAA}\InprocServer32
HKCR\CLSID\{1DAEFCB9-06C8-47C6-8F20-3FB54B244DAA}\InprocServer32#ThreadingModel
HKCR\CLSID\{7DA39570-5FD2-4F18-94B4-20730CB3F727}
HKCR\CLSID\{7DA39570-5FD2-4F18-94B4-20730CB3F727}\InprocServer32
HKCR\CLSID\{7DA39570-5FD2-4F18-94B4-20730CB3F727}\InprocServer32#ThreadingModel
Adware.MovieLand/MediaPipe
C:\Program Files\moviepass Terms.html
Adware.180solutions/Search Assistant
HKCR\LMgr180.WMDRMAx
HKCR\LMgr180.WMDRMAx\CLSID
HKCR\LMgr180.WMDRMAx\CurVer
HKCR\LMgr180.WMDRMAx.1
HKCR\LMgr180.WMDRMAx.1\CLSID
HKCR\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}
HKCR\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\ProxyStubClsid
HKCR\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\ProxyStubClsid32
HKCR\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\TypeLib
HKCR\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\TypeLib#Version
HKCR\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}
HKCR\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\ProxyStubClsid
HKCR\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\ProxyStubClsid32
HKCR\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib
HKCR\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib#Version
HKCR\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}
HKCR\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\ProxyStubClsid
HKCR\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\ProxyStubClsid32
HKCR\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\TypeLib
HKCR\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\TypeLib#Version
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaGatewayX.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaGatewayX.dll#.Owner
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaGatewayX.dll#{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs#C:\WINDOWS\Downloaded Program Files\MediaGatewayX.dll [ ]
Adware.180solutions/ZangoSearch
HKCR\ClientAX.ZangoClientAX
HKCR\ClientAX.ZangoClientAX\CLSID
HKCR\ClientAX.ZangoClientAX\CurVer
HKCR\ClientAX.ZangoClientAX.1
HKCR\ClientAX.ZangoClientAX.1\CLSID
HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}
HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\Control
HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\InprocServer32
HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\InprocServer32#ThreadingModel
HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\MiscStatus
HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\MiscStatus\1
HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\ProgID
HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\Programmable
HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\ToolboxBitmap32
HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\TypeLib
HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\Version
HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\VersionIndependentProgID
HKCR\CLSID\{F31A5D11-BF0B-4A4E-90AF-274F2090AAA6}
HKCR\CLSID\{F31A5D11-BF0B-4A4E-90AF-274F2090AAA6}\InprocServer32
HKCR\CLSID\{F31A5D11-BF0B-4A4E-90AF-274F2090AAA6}\InprocServer32#ThreadingModel
HKCR\CLSID\{F31A5D11-BF0B-4A4E-90AF-274F2090AAA6}\ProgID
HKCR\CLSID\{F31A5D11-BF0B-4A4E-90AF-274F2090AAA6}\Programmable
HKCR\CLSID\{F31A5D11-BF0B-4A4E-90AF-274F2090AAA6}\TypeLib
HKCR\CLSID\{F31A5D11-BF0B-4A4E-90AF-274F2090AAA6}\VersionIndependentProgID
HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}
HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Control
HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\InprocServer32
HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\InprocServer32#ThreadingModel
HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\MiscStatus
HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\MiscStatus\1
HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\ProgID
HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Programmable
HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\ToolboxBitmap32
HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\TypeLib
HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Version
HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\VersionIndependentProgID
HKCR\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}
HKCR\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\Control
HKCR\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\InprocServer32
HKCR\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\InprocServer32#ThreadingModel
HKCR\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\MiscStatus
HKCR\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\MiscStatus\1
HKCR\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\ProgID
HKCR\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\Programmable
HKCR\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\ToolboxBitmap32
HKCR\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\TypeLib
HKCR\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\Version
HKCR\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\VersionIndependentProgID
HKCR\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}
HKCR\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0
HKCR\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\0
HKCR\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\0\win32
HKCR\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\FLAGS
HKCR\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\HELPDIR
HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}
HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0
HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0\0
HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0\0\win32
HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0\FLAGS
HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0\HELPDIR
HKCR\Interface\{6C092742-10FE-4DB2-988D-FC71948DE70C}
HKCR\Interface\{6C092742-10FE-4DB2-988D-FC71948DE70C}\ProxyStubClsid
HKCR\Interface\{6C092742-10FE-4DB2-988D-FC71948DE70C}\ProxyStubClsid32
HKCR\Interface\{6C092742-10FE-4DB2-988D-FC71948DE70C}\TypeLib
HKCR\Interface\{6C092742-10FE-4DB2-988D-FC71948DE70C}\TypeLib#Version
HKCR\Interface\{7FA8976F-D00C-4E98-8729-A66569233FB5}
HKCR\Interface\{7FA8976F-D00C-4E98-8729-A66569233FB5}\ProxyStubClsid
HKCR\Interface\{7FA8976F-D00C-4E98-8729-A66569233FB5}\ProxyStubClsid32
HKCR\Interface\{7FA8976F-D00C-4E98-8729-A66569233FB5}\TypeLib
HKCR\Interface\{7FA8976F-D00C-4E98-8729-A66569233FB5}\TypeLib#Version
HKCR\Interface\{A16650A9-B065-40EC-BBD1-F8D370D17FB1}
HKCR\Interface\{A16650A9-B065-40EC-BBD1-F8D370D17FB1}\ProxyStubClsid
HKCR\Interface\{A16650A9-B065-40EC-BBD1-F8D370D17FB1}\ProxyStubClsid32
HKCR\Interface\{A16650A9-B065-40EC-BBD1-F8D370D17FB1}\TypeLib
HKCR\Interface\{A16650A9-B065-40EC-BBD1-F8D370D17FB1}\TypeLib#Version
HKCR\Interface\{BDDDF1A5-51A9-4F51-B38D-4CD0AD831B31}
HKCR\Interface\{BDDDF1A5-51A9-4F51-B38D-4CD0AD831B31}\ProxyStubClsid
HKCR\Interface\{BDDDF1A5-51A9-4F51-B38D-4CD0AD831B31}\ProxyStubClsid32
HKCR\Interface\{BDDDF1A5-51A9-4F51-B38D-4CD0AD831B31}\TypeLib
HKCR\Interface\{BDDDF1A5-51A9-4F51-B38D-4CD0AD831B31}\TypeLib#Version
HKCR\Interface\{E43DFAA6-8C16-4519-B022-8792408505A4}
HKCR\Interface\{E43DFAA6-8C16-4519-B022-8792408505A4}\ProxyStubClsid
HKCR\Interface\{E43DFAA6-8C16-4519-B022-8792408505A4}\ProxyStubClsid32
HKCR\Interface\{E43DFAA6-8C16-4519-B022-8792408505A4}\TypeLib
HKCR\Interface\{E43DFAA6-8C16-4519-B022-8792408505A4}\TypeLib#Version
Registry Cleaner Trial
HKCR\Install.Install
HKCR\Install.Install\CLSID
HKCR\Install.Install\CurVer
HKCR\Install.Install.1
HKCR\Install.Install.1\CLSID
Adware.IST/YourSiteBar
HKLM\Software\YourSiteBar
HKLM\Software\YourSiteBar#installTitle
HKLM\Software\YourSiteBar\Historyfiles
HKLM\Software\YourSiteBar\Historyfiles#C:\Program Files\YourSiteBar\yoursitebar.xml
HKLM\Software\YourSiteBar\Historyfiles#C:\Program Files\YourSiteBar\imagemap_normal.bmp
HKLM\Software\YourSiteBar\Historyfiles#C:\Program Files\YourSiteBar\imagemap_over.bmp
HKLM\Software\YourSiteBar\Historyfiles#C:\Program Files\YourSiteBar\version.txt
HKLM\Software\YourSiteBar\Historystring
Trojan.Security Toolbar
C:\Documents and Settings\All Users\Start Menu\Online Security Guide.url
C:\Documents and Settings\All Users\Start Menu\Security Troubleshooting.url
Adware.180solutions/Seekmo
HKCR\seekmohook.SABHO
HKCR\seekmohook.SABHO\CLSID
HKCR\seekmohook.SABHO\CurVer
HKCR\seekmohook.SABHO.1
HKCR\seekmohook.SABHO.1\CLSID
HKCR\SeekmoToolbar.SeekmoToolband
HKCR\SeekmoToolbar.SeekmoToolband\CLSID
HKCR\SeekmoToolbar.SeekmoToolband\CurVer
HKCR\SeekmoToolbar.SeekmoToolband.1
HKCR\SeekmoToolbar.SeekmoToolband.1\CLSID
HKCR\CLSID\{53E0B6E8-A51D-448B-B692-40B67B285543}
HKCR\CLSID\{53E0B6E8-A51D-448B-B692-40B67B285543}#AppID
HKCR\CLSID\{53E0B6E8-A51D-448B-B692-40B67B285543}\InprocServer32
HKCR\CLSID\{53E0B6E8-A51D-448B-B692-40B67B285543}\InprocServer32#ThreadingModel
HKCR\CLSID\{53E0B6E8-A51D-448B-B692-40B67B285543}\ProgID
HKCR\CLSID\{53E0B6E8-A51D-448B-B692-40B67B285543}\Programmable
HKCR\CLSID\{53E0B6E8-A51D-448B-B692-40B67B285543}\TypeLib
HKCR\CLSID\{53E0B6E8-A51D-448B-B692-40B67B285543}\VersionIndependentProgID
HKCR\TypeLib\{B3A2ECDA-1487-4E7B-815E-D91E43AC79DC}
HKCR\TypeLib\{B3A2ECDA-1487-4E7B-815E-D91E43AC79DC}\1.0
HKCR\TypeLib\{B3A2ECDA-1487-4E7B-815E-D91E43AC79DC}\1.0\0
HKCR\TypeLib\{B3A2ECDA-1487-4E7B-815E-D91E43AC79DC}\1.0\0\win32
HKCR\TypeLib\{B3A2ECDA-1487-4E7B-815E-D91E43AC79DC}\1.0\FLAGS
HKCR\TypeLib\{B3A2ECDA-1487-4E7B-815E-D91E43AC79DC}\1.0\HELPDIR
HKCR\Interface\{AA06DE54-7B8A-4366-9209-D1FA2FD5E680}
HKCR\Interface\{AA06DE54-7B8A-4366-9209-D1FA2FD5E680}\ProxyStubClsid
HKCR\Interface\{AA06DE54-7B8A-4366-9209-D1FA2FD5E680}\ProxyStubClsid32
HKCR\Interface\{AA06DE54-7B8A-4366-9209-D1FA2FD5E680}\TypeLib
HKCR\Interface\{AA06DE54-7B8A-4366-9209-D1FA2FD5E680}\TypeLib#Version
HKCR\AppId\SeekmoTB.DLL
HKCR\AppId\SeekmoTB.DLL#AppID
HKCR\AppId\{21B8997E-251A-412C-A805-B0A4F791B03E}
HKU\S-1-5-21-2681504818-2928367816-3752255958-1011\Software\seekmo
HKLM\Software\seekmo
HKLM\Software\seekmo#umt
HKLM\Software\seekmo#duid
HKLM\Software\seekmo#partner_id
HKLM\Software\seekmo#product_id
HKLM\Software\seekmo#cvf
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\seekmo
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\seekmo#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\seekmo#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\seekmo#DisplayIcon
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Seekmo Toolbar
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Seekmo Toolbar#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Seekmo Toolbar#UninstallString
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{53E0B6E8-A51D-448B-B692-40B67B285543} [ Seekmo Toolbar ]
C:\Documents and Settings\All Users\Start Menu\Programs\Seekmo Search Assistant\Seekmo Customer Support.url
C:\Documents and Settings\All Users\Start Menu\Programs\Seekmo Search Assistant\Seekmo.com.url
C:\Documents and Settings\All Users\Start Menu\Programs\Seekmo Search Assistant\Uninstall Seekmo Instructions.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Seekmo Search Assistant
Adware.VSToolbar
HKCR\CLSID\{821F87FF-8245-4972-9E28-732E92EC2F51}
HKCR\CLSID\{821F87FF-8245-4972-9E28-732E92EC2F51}\InProcServer32
HKCR\CLSID\{821F87FF-8245-4972-9E28-732E92EC2F51}\InProcServer32#ThreadingModel
HKU\S-1-5-21-2681504818-2928367816-3752255958-1011\Software\Search Toolbar Corp
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{821F87FF-8245-4972-9E28-732E92EC2F51}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{821F87FF-8245-4972-9E28-732E92EC2F51}#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{821F87FF-8245-4972-9E28-732E92EC2F51}#UninstallString
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{821F87FF-8245-4972-9E28-732E92EC2F51}
C:\Documents and Settings\ALL\Application Data\SearchToolbarCorp\Toolbar Vision\PageHistory.txt
C:\Documents and Settings\ALL\Application Data\SearchToolbarCorp\Toolbar Vision\WebHistory.txt
C:\Documents and Settings\ALL\Application Data\SearchToolbarCorp\Toolbar Vision
C:\Documents and Settings\ALL\Application Data\SearchToolbarCorp
Trojan.Media-Codec
C:\DOCUMENTS AND SETTINGS\ALL\RECENT\X PASSWORD MANAGER.URL
Trojan.Downloader-SpyTool
C:\WINDOWS\SYSTEM32\CNKELVBY.DLL
C:\WINDOWS\SYSTEM32\RVCPBGTX.DLL
C:\WINDOWS\SYSTEM32\SAFBWCWA.DLL
undoFix V6.3.2
Checking Java version...
Java version is 1.4.2.3
Java version is 1.5.0.8
Scan started at 2:32:56 PM 1/24/2007
Listing files found while scanning....
C:\Program Files\VSAdd-in\VSAdd-in.dll
C:\WINDOWS\SYSTEM32\amekeoxf.exe
C:\WINDOWS\SYSTEM32\egyooqeo.exe
C:\WINDOWS\SYSTEM32\gxxbjuln.exe
C:\WINDOWS\SYSTEM32\pwkolerx.exe
C:\WINDOWS\SYSTEM32\yjpwjwtk.exe
Beginning removal...
Attempting to delete C:\WINDOWS\SYSTEM32\amekeoxf.exe
C:\WINDOWS\SYSTEM32\amekeoxf.exe Has been deleted!
Attempting to delete C:\WINDOWS\SYSTEM32\egyooqeo.exe
C:\WINDOWS\SYSTEM32\egyooqeo.exe Has been deleted!
Attempting to delete C:\WINDOWS\SYSTEM32\gxxbjuln.exe
C:\WINDOWS\SYSTEM32\gxxbjuln.exe Has been deleted!
Attempting to delete C:\WINDOWS\SYSTEM32\pwkolerx.exe
C:\WINDOWS\SYSTEM32\pwkolerx.exe Has been deleted!
Attempting to delete C:\WINDOWS\SYSTEM32\yjpwjwtk.exe
C:\WINDOWS\SYSTEM32\yjpwjwtk.exe Has been deleted!
Performing Repairs to the registry.
Done!
Logfile of HijackThis v1.99.1
Scan saved at 2:41:36 PM, on 1/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\ALL\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearsh...ar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearsh...ar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Ulead Memory Card Detector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [kgsystray] C:\Program Files\Kuma Games\kgsystray\Kuma_tray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebse...?p=ZJxdm035KBUS
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewid...oOnlineScan.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfar...tup1.0.0.15.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfr..._instmodule.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/.../GrooveAX27.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - https://disney.go.co...GameManager.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.game...aploader_v6.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe