Logfile of HijackThis v1.99.1
Scan saved at 5:26:04 PM, on 7/27/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\System32\Ati2evxx.exe
E:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
E:\WINDOWS\System32\installer.exe
E:\WINDOWS\system32\drivers\KodakCCS.exe
E:\Program Files\Norton AntiVirus\navapsvc.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\System32\MsPMSPSv.exe
E:\Program Files\BroadJump\Client Foundation\CFD.exe
E:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
E:\Program Files\Synaptics\SynTP\SynTPLpr.exe
E:\Program Files\Synaptics\SynTP\SynTPEnh.exe
E:\WINDOWS\system32\atiptaxx.exe
E:\PROGRA~1\NORTON~1\navapw32.exe
E:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
E:\WINDOWS\system32\wscntfy.exe
E:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
E:\WINDOWS\system32\WLANSTA.EXE
E:\Program Files\AutoUpdate\AutoUpdate.exe
E:\WINDOWS\System32\iexplore.exe
E:\Program Files\Common Files\XCPCSync\Translators\LtNts4\NtsAgent.exe
E:\WINDOWS\System32\cdral897.exe
E:\Program Files\Scansoft\PaperPort\pptd40nt.exe
E:\WINDOWS\system32\atipuixx.exe
E:\Program Files\MSN Messenger\MsnMsgr.Exe
E:\Documents and Settings\Kimberly Williams\Application Data\eetu.exe
E:\WINDOWS\system32\n.exe
E:\Program Files\palmOne\HOTSYNC.EXE
E:\WINDOWS\explorer.exe
E:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
E:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
E:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\WINDOWS\System32\WmrTIA2.exe
E:\WINDOWS\System32\KwgNbTS.exe
e:\windows\system32\hjvnxir.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\WINDOWS\.exe
E:\Documents and Settings\Kimberly Williams\My Documents\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://websearch.sho...81515748&id=7.0
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://websearch.sho...81515748&id=7.0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://websearch.sho...81515748&id=7.0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://websearch.sho...81515748&id=7.0
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
websearch.shopnav.com/q.cgi?q=
R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe E:\WINDOWS\Nail.exe
O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com
O2 - BHO: Band Class - {00027925-0017-4faf-9539-90E4AC0B9EC5} - E:\WINDOWS\eltt.dll
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - E:\WINDOWS\systb.dll (file
missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program
Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1989657F-E718-6CF1-D353-6C550ED67B4F} -
E:\WINDOWS\System32\ngtlitu.dll (file missing)
O2 - BHO: (no name) - {232B0C0D-B898-F91E-BD1F-B7EE8F85BECF} - E:\WINDOWS\system32\auop.dll
O2 - BHO: (no name) - {232B0E08-B898-F91E-BD1F-B7EE8F85BECF} - E:\WINDOWS\system32\auop.dll
O2 - BHO: (no name) - {232B0E09-B898-F91E-BD1F-B7EE8F85BECF} - E:\WINDOWS\system32\auop.dll
O2 - BHO: (no name) - {232E0908-B898-F91E-BD1F-B7EE8F85BECF} - E:\WINDOWS\system32\auop.dll
O2 - BHO: (no name) - {23557479-B894-FA12-BD1F-CCEE8BFCBECD} - E:\WINDOWS\system32\auop.dll
O2 - BHO: (no name) - {235A0B09-B898-F91E-BD1F-B7EE8F85BECF} - E:\WINDOWS\system32\auop.dll
O2 - BHO: (no name) - {235D0908-B898-F91E-BD1F-B7EE8F85BECF} - E:\WINDOWS\system32\auop.dll
O2 - BHO: (no name) - {235D0B09-B898-F91E-BD1F-B7EE8F85BECF} - E:\WINDOWS\system32\auop.dll
O2 - BHO: (no name) - {235E0809-B898-F91E-BD1F-B7EE8F85BECF} - E:\WINDOWS\system32\auop.dll
O2 - BHO: (no name) - {235F0B08-B898-F91E-BD1F-B7EE8F85BECF} - E:\WINDOWS\system32\auop.dll
O2 - BHO: (no name) - {35DA6022-E66C-38FC-D500-6C550E827346} -
E:\WINDOWS\system32\wbdppa.dll (file missing)
O2 - BHO: (no name) - {38DC3428-BE46-0190-D253-6C550E80714A} - E:\WINDOWS\System32\mpxl.dll
(file missing)
O2 - BHO: IEProxyHelperObj Class - {43DF16FD-D9ED-4c9e-B14A-F3236A12C649} - E:\Program
Files\MusicNow\IEProxyHelper.dll
O2 - BHO: (no name) - {48DB3A76-EB14-3DF1-8557-6C550E807F4E} - E:\WINDOWS\System32\gdri.dll
(file missing)
O2 - BHO: (no name) - {4BFBABB3-615D-2D91-5130-3536539CFECD} - E:\WINDOWS\system32\lnwzn.dll
(file missing)
O2 - BHO: (no name) - {4ED06128-EB1B-30A6-8251-6C550E80294A} - E:\WINDOWS\System32\ixfm.dll
(file missing)
O2 - BHO: (no name) - {5228780D-B59A-CC1C-BD1F-B7EE8F85BECF} - E:\WINDOWS\system32\auop.dll
O2 - BHO: (no name) - {52287879-B596-CF10-BD1F-CCEE8BFCBECD} - E:\WINDOWS\system32\auop.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {92388823-1AB8-0260-CBD1-4E8199B55FC6} -
E:\WINDOWS\system32\wjsdbun.dll (file missing)
O2 - BHO: (no name) - {924A8F23-1AB8-0260-CBD1-4E8199B55FC6} -
E:\WINDOWS\system32\wjsdbun.dll (file missing)
O2 - BHO: (no name) - {924D8923-1AB8-0260-CBD1-4E8199B55FC6} -
E:\WINDOWS\system32\wjsdbun.dll (file missing)
O2 - BHO: (no name) - {924E8823-1AB8-0260-CBD1-4E8199B55FC6} -
E:\WINDOWS\system32\wjsdbun.dll (file missing)
O2 - BHO: (no name) - {924E8923-1AB8-0260-CBD1-4E8199B55FC6} -
E:\WINDOWS\system32\wjsdbun.dll (file missing)
O2 - BHO: (no name) - {924E8E23-1AB8-0260-CBD1-4E8199B55FC6} -
E:\WINDOWS\system32\wjsdbun.dll (file missing)
O2 - BHO: (no name) - {924E8F23-1AB8-0260-CBD1-4E8199B55FC6} -
E:\WINDOWS\system32\wjsdbun.dll (file missing)
O2 - BHO: (no name) - {924F8923-1AB8-0260-CBD1-4E8199B55FC6} -
E:\WINDOWS\system32\wjsdbun.dll (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - E:\Program Files\MSN
Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: (no name) - {A7F08007-13C1-3519-B7D8-1B6407AE1B95} -
E:\WINDOWS\system32\yyeudmt.dll (file missing)
O2 - BHO: Xbrowse Class - {AC109D01-32D6-4EB5-8300-D3C5EBAC7C83} - E:\Documents and
Settings\All Users\Application Data\x2ff\x2ff.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\MSN
Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - E:\Program Files\Norton
AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {C7034164-85D8-9843-D13E-804DF4D62BC2} -
E:\WINDOWS\system32\puqpyxg.dll (file missing)
O2 - BHO: Xbrowse Class - {CE7EF827-47CC-48EB-B570-C367F1E1277E} - E:\Documents and
Settings\All Users\Application Data\x1ff\x1ff.dll
O2 - BHO: Xbrowse Class - {D319662B-D5BF-4538-ADF3-8D3E36362608} - E:\Documents and
Settings\All Users\Application Data\x0ff\x0ff.dll
O2 - BHO: (no name) - {D47CBA26-2E88-0258-CBD1-4E8199B55FC6} -
E:\WINDOWS\system32\wjsdbun.dll (file missing)
O2 - BHO: (no name) - {E3398F53-17B6-3466-CBD1-35819DCC5FC4} -
E:\WINDOWS\system32\wjsdbun.dll (file missing)
O2 - BHO: (no name) - {ED398827-6DCB-0258-CBD1-4E8199B55FC6} -
E:\WINDOWS\system32\wjsdbun.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - E:\Program
Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\MSN Apps\MSN
Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [BJCFD] E:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [SynTPLpr] E:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] E:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [NAV Agent] E:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "E:\Program Files\Adaptec\Easy CD Creator
5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [WorksFUD] E:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] E:\Program Files\Microsoft Works\WksSb.exe
/AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] E:\Program Files\Common Files\Microsoft
Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [WLANSTA.EXE] WLANSTA.EXE START
O4 - HKLM\..\Run: [hpfsched] E:\WINDOWS\hpfsched.exe
O4 - HKLM\..\Run: [Mz] E:\documents and settings\kimberly williams\local
settings\temp\Mz.exe
O4 - HKLM\..\Run: [couponsandoffers] javaw -cp "E:\Program
Files\couponsandoffers\System\Code" Main lp: "E:\Program Files\couponsandoffers"
O4 - HKLM\..\Run: [2LRX2W83X2T3MQ] E:\WINDOWS\System32\Ghp2HeX1.exe
O4 - HKLM\..\Run: [AutoUpdater] "E:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [dpcproxy] E:\WINDOWS\system32\dpcproxy.exe
O4 - HKLM\..\Run: [iexplore] E:\WINDOWS\System32\iexplore.exe
O4 - HKLM\..\Run: [o9mT36U] ipscedos.exe
O4 - HKLM\..\Run: [EasySync Pro - LtNts4] E:\Program Files\Common
Files\XCPCSync\Translators\LtNts4\NtsAgent.exe
O4 - HKLM\..\Run: [EasySync Pro - 3CmPlm] E:\Program Files\Common
Files\XCPCSync\Translators\3CmPlm\AutoDet.exe
O4 - HKLM\..\Run: [EasySync Pro] E:\Program Files\Common Files\XCPCMenu.exe
O4 - HKLM\..\Run: [DXsrTe] E:\documents and settings\kimberly williams\local
settings\temp\DXsrTe.exe
O4 - HKLM\..\Run: [o2nQ39P] rnrnv.exe
O4 - HKLM\..\Run: [289f3fc90f31] E:\WINDOWS\System32\cdral897.exe
O4 - HKLM\..\Run: [dlsmgr] C:\Program Files\dlsmgr\dlsmgr.exe
O4 - HKLM\..\Run: [x95Ue5O] spnpml13.exe
O4 - HKLM\..\Run: [FullAudio] "E:\PROGRA~1\MusicNow\WMPImporter.exe"
O4 - HKLM\..\Run: [conscorr] E:\WINDOWS\conscorr.exe
O4 - HKLM\..\Run: [Mb] E:\documents and settings\kimberly williams\local
settings\temp\Mb.exe
O4 - HKLM\..\Run: [satmat] E:\WINDOWS\satmat.exe
O4 - HKLM\..\Run: [OneTouch Monitor] E:\Program Files\Visioneer OneTouch\OneTouchMon.exe
O4 - HKLM\..\Run: [ezVtbHUMT] C:\windows\ezVtbHUMT.exe
O4 - HKLM\..\Run: [J0qy] C:\windows\J0qy.exe
O4 - HKLM\..\Run: [Upsfc] E:\DOCUME~1\KIMBER~1\LOCALS~1\Temp\app294.tmp
O4 - HKLM\..\Run: [PaperPort PTD] E:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] E:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] E:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [b4226d5d0398] E:\WINDOWS\system32\atipuixx.exe
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe"
-osboot
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [pmtgrcw] e:\windows\system32\fygknj.exe r
O4 - HKLM\..\Run: [winsync] E:\WINDOWS\system32\n.exe reg_run
O4 - HKLM\..\Run: [yzbppa] e:\windows\system32\hjvnxir.exe r
O4 - HKLM\..\RunOnce: [SpybotSnD] "E:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
/autocheck
O4 - HKCU\..\Run: [HXIUL.EXE] E:\Program Files\Alset\HelpExpress\Kimberly Williams\HXIUL.EXE
O4 - HKCU\..\Run: [HELPEXP.EXE] E:\Program Files\Alset\HelpExpress\Kimberly
Williams\Client\HelpExp.exe
O4 - HKCU\..\Run: [g3q24Tt25] sqllt.exe
O4 - HKCU\..\Run: [Z144RVj9T] expx5032.exe
O4 - HKCU\..\Run: [Zy53RWY8O] icaim700.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "E:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [patchw32] E:\DOCUME~1\KIMBER~1\LOCALS~1\Temp\patchw32.exe
O4 - HKCU\..\Run: [toolbar] E:\DOCUME~1\KIMBER~1\LOCALS~1\Temp\toolbar.exe
O4 - HKCU\..\Run: [WinTools] E:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
O4 - HKCU\..\Run: [Gjfstxrr] E:\WINDOWS\system32\??rss.exe
O4 - HKCU\..\Run: [Aida] E:\Documents and Settings\Kimberly Williams\Application
Data\eetu.exe
O4 - Startup: HotSync Manager.lnk = E:\Program Files\palmOne\HOTSYNC.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat
7.0\Reader\reader_sl.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = E:\Program Files\Cisco Systems\VPN
Client\vpngui.exe
O4 - Global Startup: rkit.exe
O8 - Extra context menu item: Coupons - file://E:\Program
Files\couponsandoffers\System\Temp\couponsandoffers_script0.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://E:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} -
E:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} -
E:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
E:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
E:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://E:\Program
Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} -
http://www.spywarest...es2/Install.cab
O16 - DPF: {297DE2B6-509A-4B36-93C5-A65276606900} (RRAAINAX_02.RRAAINAX) -
http://www.in.honda....AX/RraainAX.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by102fd.bay10...es/MsnPUpld.cab
O16 - DPF: {544EB377-350A-4295-9BEB-EAB8392E09C6} (MSN Money Charting) -
http://fdl.msn.com/p...13/invinstl.exe
O16 - DPF: {5C7F15E1-F31A-44FD-AA1A-2EC63AAFFD3A} (SpeedCtrl Class) -
http://www.atelys.com/src/Speedup.ocx
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) -
http://www.amazon.of..._1/axofupld.cab
O16 - DPF: {90051A81-3018-4826-8B38-DD60B6B53F9C} (Snapfish File Upload ActiveX Control) -
http://www.yorkphoto.../YorkUpload.cab
O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} (MSN Money Charting) -
http://moneycentral....s/pmupdate2.exe
O16 - DPF: {A7E092C3-692A-11D0-A7E5-08002B322F3B} (WebResponseAttachments Control) -
https://webresponse....eX/FileXfer.cab
O16 - DPF: {ABD45F35-2E4C-44C0-A075-6EF1DE75398E} (ClearStream Accelerator) -
http://www.riversoftware.net/x0ff.cab
O16 - DPF: {B10031B2-F184-4803-9A88-D239C0641D70} (180SAInstaller Class) -
http://ax.180solutio...SAInstaller.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn...pDownloader.cab
O16 - DPF: {C915801D-6F00-49CD-8A9A-8DE5C11ADDC1} (Pixami Drag/Drop Upload UI Control) -
http://www.cmphotoce...ropUploader.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) -
http://ax.phobos.app.../ITDetector.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) -
https://visioneer.we...ort/ieatgpc.cab
O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - http://cabs.roings.com/cabs/mmed.cab
O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} -
http://winfixer.com/...nnerInstall.cab
O16 - DPF: {FF65677A-8977-48CA-916A-DFF81B037DF3} - http://download.over...com/WildApp.cab
O23 - Service: Ati HotKey Poller - Unknown owner - E:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - E:\Program
Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. -
E:\WINDOWS\System32\ImapiRox.exe
O23 - Service: Installer Service (Installer) - Unknown owner -
E:\WINDOWS\System32\installer.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company -
E:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation -
E:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -
E:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation -
E:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - E:\Program Files\Common
Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WinTools for IE service (WinToolsSvc) - Unknown owner - E:\Program
Files\Common Files\WinTools\WToolsS.exe (file missing)
I also run spybot almost everyday.