It "seems" to be fine. Do the scans look good?
FILE ::
c:\windows\system32\drivers\Start1Driver.SYS
Driver::
Start1Driver
ComboFix 09-08-10.06 - O'Kelley 08/21/2009 8:03.3.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.256 [GMT -5:00]
Running from: c:\documents and settings\O'Kelley\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\O'Kelley\Desktop\CFScript.txt
AV: CA Anti-Virus *On-access scanning disabled* (Updated) {17CFD1EA-56CF-40B5-A06B-BD3A27397C93}
.
- REDUCED FUNCTIONALITY MODE -
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\proquota.exe . . . is missing!!
.
((((((((((((((((((((((((( Files Created from 2009-07-21 to 2009-08-21 )))))))))))))))))))))))))))))))
.
2009-08-19 01:14 . 2009-08-19 01:14 -------- d-----w- c:\program files\ESET
2009-08-17 12:43 . 2009-08-17 12:42 108368 ----a-w- c:\windows\system32\drivers\veteboot.sys
2009-08-17 12:43 . 2009-08-17 12:42 880560 ----a-w- c:\windows\system32\drivers\vetefile.sys
2009-08-17 12:40 . 2006-10-09 21:39 32528 ------w- c:\windows\system32\drivers\vetmonnt.sys
2009-08-17 12:40 . 2006-10-09 21:39 21648 ------w- c:\windows\system32\drivers\vetfddnt.sys
2009-08-17 12:40 . 2006-10-09 21:39 21392 ------w- c:\windows\system32\drivers\vet-rec.sys
2009-08-17 12:40 . 2006-10-09 21:39 26640 ------w- c:\windows\system32\drivers\vet-filt.sys
2009-08-17 12:40 . 2006-10-09 21:39 75280 ------w- c:\windows\system32\isafprod.dll
2009-08-17 12:40 . 2006-10-09 21:39 95760 ------w- c:\windows\system32\isafeif.dll
2009-08-17 12:40 . 2006-08-05 19:21 75280 ------w- c:\windows\system32\vetredir.dll
2009-08-14 19:41 . 2009-08-14 19:41 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Help
2009-08-13 00:48 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-08-10 22:59 . 2009-08-10 22:59 -------- d-----w- C:\rsit
2009-08-10 21:59 . 2009-08-10 21:59 -------- d-----w- c:\documents and settings\O'Kelley\Application Data\Malwarebytes
2009-08-10 21:59 . 2009-08-03 18:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-10 21:59 . 2009-08-10 21:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-10 21:59 . 2009-08-10 21:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-08-10 21:59 . 2009-08-03 18:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-05 09:01 . 2009-08-05 09:01 204800 -c----w- c:\windows\system32\dllcache\mswebdvd.dll
2009-08-03 23:25 . 2009-08-17 13:22 -------- d-----w- c:\program files\Common Files\Scanner
2009-08-03 23:25 . 2009-02-18 18:54 111856 ----a-w- c:\windows\system32\wbem\canvprov.dll
2009-08-03 22:19 . 2009-03-14 11:48 5120 ----a-w- c:\windows\system32\drivers\Start1Driver.SYS
2009-07-29 04:37 . 2009-07-29 04:37 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2009-07-29 04:37 . 2009-07-29 04:37 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-20 15:25 . 2008-05-13 23:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-08-20 08:12 . 2009-08-20 08:12 32528 ----a-w- c:\windows\system32\drivers\vetmonnt.8
2009-08-20 08:12 . 2009-08-20 08:12 26640 ----a-w- c:\windows\system32\drivers\vet-filt.8
2009-08-20 08:12 . 2009-08-20 08:12 21648 ----a-w- c:\windows\system32\drivers\vetfddnt.8
2009-08-20 08:12 . 2009-08-20 08:12 21392 ----a-w- c:\windows\system32\drivers\vet-rec.8
2009-08-20 00:11 . 2009-08-20 00:11 32528 ----a-w- c:\windows\system32\drivers\vetmonnt.7
2009-08-20 00:11 . 2009-08-20 00:11 26640 ----a-w- c:\windows\system32\drivers\vet-filt.7
2009-08-20 00:11 . 2009-08-20 00:11 21648 ----a-w- c:\windows\system32\drivers\vetfddnt.7
2009-08-20 00:11 . 2009-08-20 00:11 21392 ----a-w- c:\windows\system32\drivers\vet-rec.7
2009-08-19 16:10 . 2009-08-19 16:10 32528 ----a-w- c:\windows\system32\drivers\vetmonnt.6
2009-08-19 16:10 . 2009-08-19 16:10 26640 ----a-w- c:\windows\system32\drivers\vet-filt.6
2009-08-19 16:10 . 2009-08-19 16:10 21648 ----a-w- c:\windows\system32\drivers\vetfddnt.6
2009-08-19 16:10 . 2009-08-19 16:10 21392 ----a-w- c:\windows\system32\drivers\vet-rec.6
2009-08-19 08:09 . 2009-08-19 08:09 32528 ----a-w- c:\windows\system32\drivers\vetmonnt.5
2009-08-19 08:09 . 2009-08-19 08:09 26640 ----a-w- c:\windows\system32\drivers\vet-filt.5
2009-08-19 08:09 . 2009-08-19 08:09 21648 ----a-w- c:\windows\system32\drivers\vetfddnt.5
2009-08-19 08:09 . 2009-08-19 08:09 21392 ----a-w- c:\windows\system32\drivers\vet-rec.5
2009-08-19 00:08 . 2009-08-19 00:08 32528 ----a-w- c:\windows\system32\drivers\vetmonnt.4
2009-08-19 00:08 . 2009-08-19 00:08 26640 ----a-w- c:\windows\system32\drivers\vet-filt.4
2009-08-19 00:08 . 2009-08-19 00:08 21648 ----a-w- c:\windows\system32\drivers\vetfddnt.4
2009-08-19 00:08 . 2009-08-19 00:08 21392 ----a-w- c:\windows\system32\drivers\vet-rec.4
2009-08-18 16:07 . 2009-08-18 16:07 32528 ----a-w- c:\windows\system32\drivers\vetmonnt.3
2009-08-18 16:07 . 2009-08-18 16:07 21648 ----a-w- c:\windows\system32\drivers\vetfddnt.3
2009-08-18 16:07 . 2009-08-18 16:07 21392 ----a-w- c:\windows\system32\drivers\vet-rec.3
2009-08-18 16:07 . 2009-08-18 16:07 26640 ----a-w- c:\windows\system32\drivers\vet-filt.3
2009-08-18 08:06 . 2009-08-18 08:06 32528 ----a-w- c:\windows\system32\drivers\vetmonnt.2
2009-08-18 08:06 . 2009-08-18 08:06 26640 ----a-w- c:\windows\system32\drivers\vet-filt.2
2009-08-18 08:06 . 2009-08-18 08:06 21648 ----a-w- c:\windows\system32\drivers\vetfddnt.2
2009-08-18 08:06 . 2009-08-18 08:06 21392 ----a-w- c:\windows\system32\drivers\vet-rec.2
2009-08-18 00:05 . 2009-08-18 00:05 32528 ----a-w- c:\windows\system32\drivers\vetmonnt.1
2009-08-18 00:05 . 2009-08-18 00:05 26640 ----a-w- c:\windows\system32\drivers\vet-filt.1
2009-08-18 00:05 . 2009-08-18 00:05 21648 ----a-w- c:\windows\system32\drivers\vetfddnt.1
2009-08-18 00:05 . 2009-08-18 00:05 21392 ----a-w- c:\windows\system32\drivers\vet-rec.1
2009-08-05 09:01 . 2004-08-12 14:01 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-03 23:40 . 2009-07-17 12:01 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-08-03 23:25 . 2008-01-09 23:20 -------- d-----w- c:\program files\CA
2009-08-02 22:22 . 2009-07-06 18:42 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-29 04:37 . 2004-08-12 14:07 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:37 . 2004-08-12 13:57 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-19 03:40 . 2008-01-20 23:15 -------- d-----w- c:\program files\Common Files\Adobe
2009-07-17 19:01 . 2004-08-12 13:55 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-17 12:22 . 2008-05-13 23:48 -------- d-----w- c:\program files\Google
2009-07-14 15:59 . 2009-07-14 15:59 -------- d-----w- c:\program files\Trend Micro
2009-07-14 04:43 . 2004-08-12 14:10 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-12 02:31 . 2008-01-20 23:16 -------- d-----w- c:\documents and settings\O'Kelley\Application Data\AdobeUM
2009-07-07 18:58 . 2009-07-07 18:58 0 ----a-w- c:\windows\nsreg.dat
2009-07-06 23:00 . 2004-08-12 13:57 1033728 ----a-w- c:\windows\explorer.exe
2009-07-06 21:34 . 2008-01-10 01:09 -------- d-----w- c:\program files\Windows Media Connect 2
2009-07-06 18:43 . 2009-07-06 18:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-12 12:31 . 2004-08-12 14:07 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 14:19 . 2008-01-05 18:48 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 14:13 . 2004-08-12 13:55 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 06:14 . 2004-08-12 14:09 132096 ----a-w- c:\windows\system32\wkssvc.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-13 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dell AIO Printer A920"="c:\program files\Dell AIO Printer A920\dlbkbmgr.exe" [2004-04-15 270336]
"cctray"="c:\program files\CA\CA Internet Security Suite\cctray\cctray.exe" [2006-10-09 177680]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-04 866584]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-13 342312]
"CAPPActiveProtection"="c:\program files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe" [2009-08-17 333040]
"CAVRID"="c:\program files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" [2006-10-09 226832]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Symantec NetDriver Warning"="c:\progra~1\SYMNET~1\SNDWarn.exe" [2004-10-29 218232]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PFW]
2007-06-06 20:46 79368 ----a-w- c:\windows\system32\UmxWNP.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"WinDefend"=2 (0x2)
"spkrmon"=2 (0x2)
"ose"=3 (0x3)
"NMIndexingService"=3 (0x3)
"NBService"=3 (0x3)
"MyWebSearchService"=2 (0x2)
"idsvc"=3 (0x3)
"gusvc"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
R0 KmxStart;KmxStart;c:\windows\system32\drivers\KmxStart.sys [1/5/2009 11:36 AM 107512]
R1 KmxAgent;KmxAgent;c:\windows\system32\drivers\KmxAgent.sys [11/18/2008 12:14 PM 72696]
R1 Start1Driver;Start1Driver;c:\windows\system32\drivers\Start1Driver.SYS [8/3/2009 5:19 PM 5120]
R2 ccSchedulerSVC;CA Common Scheduler Service;c:\program files\CA\CA Internet Security Suite\ccschedulersvc.exe [8/3/2009 6:24 PM 128240]
R2 UmxAgent;HIPS Event Manager;c:\program files\CA\SharedComponents\HIPSEngine\UmxAgent.exe [12/12/2008 12:37 PM 1153528]
R2 UmxCfg;HIPS Configuration Interpreter;c:\program files\CA\SharedComponents\HIPSEngine\UmxCfg.exe [12/10/2008 12:58 PM 797176]
R2 UmxPol;HIPS Policy Manager;c:\program files\CA\SharedComponents\HIPSEngine\UmxPol.exe [12/19/2008 1:59 PM 297464]
R3 KmxCfg;KmxCfg;c:\windows\system32\drivers\KmxCfg.sys [12/12/2008 12:37 PM 205304]
S1 hdfmopkg;hdfmopkg;\??\c:\windows\system32\drivers\hdfmopkg.sys --> c:\windows\system32\drivers\hdfmopkg.sys [?]
S3 HidCom;USB-HID -> COM Driver Service;c:\windows\system32\drivers\BdHidCom.sys [1/12/2008 10:19 AM 17408]
S3 PPCtlPriv;PPCtlPriv;c:\program files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe [8/3/2009 6:25 PM 222448]
S3 SysProtDrv.sys;SysProtDrv.sys;c:\documents and settings\O'Kelley\Desktop\SysProt\SysProtDrv.sys [8/13/2009 3:50 PM 44288]
S4 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - CACCPROVSP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder
2009-08-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]
2009-08-20 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-05-13 16:54]
2009-08-21 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 00:20]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.toast.net/startuSearch Page =
hxxp://www.google.comuSearch Bar =
hxxp://www.google.com/ieuSearchURL,(Default) =
hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\windows\system32\VetRedir.dll
FF - ProfilePath - c:\documents and settings\O'Kelley\Application Data\Mozilla\Firefox\Profiles\i4innrkf.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.toast.net/start/FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-08-21 08:07
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1396)
c:\windows\system32\UmxWnp.Dll
c:\program files\CA\SharedComponents\PPRT\bin\CACheck.dll
c:\program files\CA\SharedComponents\PPRT\bin\CAHook.dll
c:\program files\CA\SharedComponents\PPRT\bin\CAServer.dll
- - - - - - - > 'lsass.exe'(1604)
c:\windows\system32\VetRedir.dll
c:\windows\system32\ISafeIf.dll
- - - - - - - > 'explorer.exe'(4340)
c:\program files\CA\SharedComponents\PPRT\bin\CACheck.dll
c:\program files\CA\SharedComponents\PPRT\bin\CAHook.dll
c:\program files\CA\SharedComponents\PPRT\bin\CAServer.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-08-21 8:09
ComboFix-quarantined-files.txt 2009-08-21 13:09
ComboFix2.txt 2009-08-13 21:26
ComboFix3.txt 2009-08-13 20:39
Pre-Run: 141,136,891,904 bytes free
Post-Run: 141,490,204,672 bytes free
213 --- E O F --- 2009-08-13 08:03
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:15:52 AM, on 8/21/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.toast.net/startR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CAPPActiveProtection] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) -
http://upload.facebook.com/controls/200 ... oader5.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
http://cdn.scan.onecare.live.com/resour ... se1140.cabO16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0) -
https://carelink.minimed.com/plugin/jin ... s-i586.cabO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: CA Common Scheduler Service (ccSchedulerSVC) - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
O24 - Desktop Component 0: (no name) -
http://photos-e.ak.fbcdn.net/photos-ak- ... 0_2925.jpg--
End of file - 7492 bytes