Here they are....
ComboFix 07-10-25.4 - NELSOJ2 2007-10-29 16:53:01.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.397 [GMT -5:00]
Running from: C:\Documents and Settings\nelsoj2\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\nelsoj2\Desktop\CFScript.txt
* Created a new restore point
FILE::
C:\WINDOWS\system32\dasldujs.dll
C:\WINDOWS\system32\ekntcscv.dll
C:\WINDOWS\system32\ethywjua.dll
C:\WINDOWS\system32\vturo.dll
C:\WINDOWS\system32\wvshnadw.dll
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\dasldujs.dll
C:\WINDOWS\system32\ekntcscv.dll
C:\WINDOWS\system32\ethywjua.dll
C:\WINDOWS\system32\vturo.dll
C:\WINDOWS\system32\wvshnadw.dll
.
((((((((((((((((((((((((( Files Created from 2007-09-28 to 2007-10-29 )))))))))))))))))))))))))))))))
.
2007-10-26 10:22 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-10-26 10:22 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-10-26 08:37 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2007-10-26 08:35 <DIR> d-------- C:\Program Files\MSBuild
2007-10-26 08:35 <DIR> d-------- C:\Program Files\Microsoft Works
2007-10-26 08:33 <DIR> d-------- C:\Program Files\Microsoft.NET
2007-10-25 08:02 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-24 08:03 <DIR> d-------- C:\Program Files\a-squared Free
2007-10-23 15:10 <DIR> d-------- C:\Program Files\Lavasoft
2007-10-23 15:10 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-10-23 15:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-10-23 14:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-10-19 09:37 <DIR> d-------- C:\QUARANTINE
2007-10-09 20:21 584,192 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-10-03 12:00 <DIR> d-------- C:\FYE search committee
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-23 13:10 --------- d-----w C:\Program Files\FinePixViewer
2007-10-10 16:41 --------- d-----w C:\Program Files\Google
2007-10-08 18:39 --------- d-----w C:\Documents and Settings\nelsoj2\Application Data\U3
2007-09-25 13:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-09-24 14:02 --------- d-----w C:\Documents and Settings\nelsoj2\Application Data\Talkback
2007-09-21 18:46 --------- d-----w C:\Documents and Settings\nelsoj2\Application Data\Skype
2007-09-21 18:44 --------- d-----w C:\Documents and Settings\nelsoj2\Application Data\Move Networks
2007-09-21 12:59 --------- d-----w C:\Program Files\Common Files\DriveCleaner Freeware
2007-09-10 20:02 --------- d-----w C:\Documents and Settings\nelsoj2\Application Data\FUJIFILM
2007-09-10 19:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-09-10 19:52 --------- d-----w C:\Program Files\PIXELA
2007-09-10 19:16 --------- d-----w C:\Program Files\REGSHAVE
2007-08-22 13:12 96,256 ------w C:\WINDOWS\system32\dllcache\inseng.dll
2007-08-22 13:12 658,944 ------w C:\WINDOWS\system32\dllcache\wininet.dll
2007-08-22 13:12 615,424 ------w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-08-22 13:12 55,808 ------w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-08-22 13:12 532,480 ------w C:\WINDOWS\system32\dllcache\mstime.dll
2007-08-22 13:12 474,112 ------w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-08-22 13:12 449,024 ------w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-08-22 13:12 39,424 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-08-22 13:12 357,888 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-08-22 13:12 3,058,176 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-08-22 13:12 251,392 ------w C:\WINDOWS\system32\dllcache\iepeers.dll
2007-08-22 13:12 205,312 ------w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-08-22 13:12 16,384 ------w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-08-22 13:12 151,040 ------w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-08-22 13:12 146,432 ------w C:\WINDOWS\system32\dllcache\msrating.dll
2007-08-22 13:12 1,494,528 ------w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-08-22 13:12 1,054,208 ------w C:\WINDOWS\system32\dllcache\danim.dll
2007-08-22 13:12 1,022,976 ------w C:\WINDOWS\system32\dllcache\browseui.dll
2007-08-21 10:30 18,432 ------w C:\WINDOWS\system32\dllcache\iedw.exe
2007-08-21 06:15 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-21 06:15 683,520 ------w C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-07-31 00:19 92,504 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-31 00:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-07-31 00:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-07-31 00:19 549,720 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-31 00:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-07-31 00:19 53,080 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-31 00:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-07-31 00:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-07-31 00:19 325,976 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-31 00:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-07-31 00:19 203,096 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-31 00:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-07-31 00:19 1,712,984 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-31 00:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-07-31 00:18 33,624 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\FYE search committee ----
2007-10-09 15:32 31232 --a------ C:\FYE search committee\first three candidates.doc
2007-10-09 15:32 26624 --a------ C:\FYE search committee\last two candidates and final feelings.doc
---- Directory of C:\QUARANTINE ----
((((((((((((((((((((((((((((( snapshot@2007-10-25_ 8.10.06.54 )))))))))))))))))))))))))))))))))))))))))
.
- 2006-04-27 19:28:31 110,592 -c--a-w C:\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll
+ 2007-10-26 16:02:10 110,592 ----a-w C:\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll
+ 2007-10-26 13:35:30 65,536 ----a-w C:\WINDOWS\assembly\GAC\dao\10.0.4504.0__31bf3856ad364e35\DAO.DLL
+ 2007-10-26 13:35:34 4,608 ----a-w C:\WINDOWS\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll
+ 2007-10-26 13:35:29 1,215,328 ----a-w C:\WINDOWS\assembly\GAC\IACore\1.7.6223.0__31bf3856ad364e35\IACore.dll
+ 2007-10-26 13:35:29 82,784 ----a-w C:\WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
+ 2007-10-26 13:35:20 31,560 ----a-w C:\WINDOWS\assembly\GAC\ipdmctrl\11.0.0.0__71e9bce111e9429c\IPDMCTRL.DLL
+ 2007-10-26 13:35:31 8,007,680 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
+ 2007-10-26 13:35:20 16,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.InfoPath.Permission\12.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Permission.dll
+ 2007-10-26 13:33:27 80,696 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll
+ 2007-10-26 13:34:25 1,612,592 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll
+ 2007-10-26 13:34:25 1,276,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2007-10-26 13:34:25 150,320 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
+ 2007-10-26 13:35:20 404,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.InfoPath.SemiTrust\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.SemiTrust.dll
+ 2007-10-26 13:34:25 88,896 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2007-10-26 13:34:25 146,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
+ 2007-10-26 13:34:59 17,208 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.OneNote\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OneNote.dll
+ 2007-10-26 13:34:25 248,632 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2007-10-26 13:34:25 232,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Publisher.dll
+ 2007-10-26 13:34:25 20,280 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
+ 2007-10-26 13:34:25 781,104 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2007-10-26 13:35:30 13,312 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll
+ 2007-10-26 13:34:25 371,496 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
+ 2007-10-26 13:34:25 64,288 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
- 2006-04-27 19:28:31 229,376 -c--a-w C:\WINDOWS\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL
+ 2007-10-26 16:02:09 229,376 ----a-w C:\WINDOWS\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL
- 2006-04-27 19:28:31 4,096 -c--a-w C:\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll
+ 2007-10-26 16:02:10 4,096 ----a-w C:\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll
+ 2007-10-26 13:34:25 416,544 ----a-w C:\WINDOWS\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2007-10-26 13:33:25 12,104 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.dll
+ 2007-10-26 13:33:27 12,096 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll
+ 2007-10-26 13:34:44 12,096 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll
+ 2007-10-26 13:35:21 12,616 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2007-10-26 13:35:20 12,616 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.dll
+ 2007-10-26 13:35:00 12,112 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll
+ 2007-10-26 13:35:08 12,104 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Publisher.dll
+ 2007-10-26 13:34:47 12,104 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll
+ 2007-10-26 13:35:16 12,096 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
+ 2007-10-26 13:34:49 12,080 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll
+ 2007-10-26 13:34:49 11,544 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll
- 2006-04-27 19:28:31 16,384 -c--a-w C:\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll
+ 2007-10-26 16:02:09 16,384 ----a-w C:\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll
+ 2006-10-27 00:48:14 434,528 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\DWTRIG20.EXE
+ 2006-10-27 20:07:36 17,891,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\EXCEL.EXE
+ 2006-10-27 20:26:40 16,870,712 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSO.DLL
+ 2006-10-27 20:04:10 9,581,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSPUB.EXE
+ 2006-10-27 01:42:36 8,423,224 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OARTCONV.DLL
+ 2006-09-15 21:25:18 3,611,416 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OUTLFLTR.DAT
+ 2006-10-27 01:09:44 590,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PUBCONV.DLL
+ 2006-10-27 20:11:38 4,235,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\WRD12CNV.DLL
+ 2006-10-27 20:11:36 21,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\WRD12EXE.EXE
+ 2006-10-27 20:23:08 17,483,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\WWLIB.DLL
+ 2006-10-27 02:13:08 14,674,216 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\XL12CNV.EXE
+ 2007-10-28 09:03:46 1,165,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2007-10-28 09:03:46 20,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2007-10-28 09:03:47 1,172,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\Icon.40C4F73A.BC9D.47CA.B565.924DD0F17ED9.exe
+ 2007-10-28 09:03:47 888,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\Icon.6D1A0CC6.F60F.4782.B48E.B48B8836BBDD.exe
+ 2007-10-28 09:03:47 922,384 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\Icon.797FCE53.7934.4F1D.8854.605872F0D5F4.exe
+ 2007-10-28 09:03:47 1,165,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\Icon.AA7FBB86.1A69.4FDC.B4E6.B9B42044CE18.exe
+ 2007-10-28 09:03:46 159,504 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2007-10-28 09:03:46 184,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2007-10-28 09:03:46 217,864 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2007-10-28 09:03:47 18,704 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2007-10-28 09:03:47 35,088 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2007-10-28 09:03:46 845,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2007-10-28 09:03:46 922,384 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2007-10-28 09:03:46 272,648 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2007-10-28 09:03:47 888,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2007-10-28 09:03:46 1,172,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2007-10-23 19:52:09 217,864 ----a-r C:\WINDOWS\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2007-10-26 16:05:01 217,864 ----a-r C:\WINDOWS\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2004-03-11 20:13:14 1,146,320 ----a-w C:\WINDOWS\system32\FM20.DLL
+ 2006-10-26 19:10:08 1,190,688 ----a-w C:\WINDOWS\system32\FM20.DLL
- 2007-10-24 13:53:31 250,288 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2007-10-26 16:27:00 401,528 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2002-08-21 10:10:16 204,800 -c--a-w C:\WINDOWS\system32\INKED.DLL
+ 2006-10-26 18:45:04 207,360 ----a-w C:\WINDOWS\system32\INKED.DLL
- 2004-03-22 20:17:06 24,816 ----a-w C:\WINDOWS\system32\mdimon.dll
+ 2006-10-27 00:58:10 30,512 ----a-w C:\WINDOWS\system32\mdimon.dll
- 1998-03-25 02:54:08 15,872 -c--a-w C:\WINDOWS\system32\SCP32.DLL
+ 2006-07-24 15:50:40 39,728 ----a-w C:\WINDOWS\system32\SCP32.DLL
- 2004-03-22 20:17:04 765,680 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll
+ 2006-10-27 00:58:24 793,392 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll
- 2004-03-22 20:17:10 42,224 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll
+ 2006-10-27 00:58:16 65,328 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll
+ 2006-10-27 00:56:16 864,080 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\msonpdrv.dll
+ 2006-10-27 00:56:14 67,408 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\msonpui.dll
- 2004-03-22 20:17:04 765,680 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdigraph.dll
+ 2006-10-27 00:58:24 793,392 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdigraph.dll
- 2004-03-22 20:17:10 42,224 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdiui.dll
+ 2006-10-27 00:58:16 65,328 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdiui.dll
+ 2006-10-27 00:56:16 864,080 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\msonpdrv.dll
+ 2006-10-27 00:56:14 67,408 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\msonpui.dll
- 2004-03-22 20:17:08 25,840 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
+ 2006-10-27 00:58:12 30,512 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
+ 2006-10-27 00:56:12 33,104 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
- 1999-11-24 23:40:50 40,960 -c--a-w C:\WINDOWS\system32\VBAME.DLL
+ 2006-07-24 15:50:40 47,920 ----a-w C:\WINDOWS\system32\VBAME.DLL
- 2002-08-21 10:13:12 189,952 ----a-w C:\WINDOWS\system32\WISPTIS.EXE
+ 2006-10-26 18:45:04 293,376 ----a-w C:\WINDOWS\system32\WISPTIS.EXE
+ 2006-10-26 18:40:34 95,744 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
+ 2006-10-26 18:40:36 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll
+ 2006-10-26 18:40:36 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll
+ 2006-10-26 18:40:36 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll
+ 2006-10-26 18:40:36 1,093,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2006-10-26 18:40:36 1,079,808 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2006-10-26 18:40:36 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2006-10-26 18:40:36 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2006-10-26 18:40:36 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
+ 2006-10-26 18:40:36 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
+ 2006-10-26 18:40:36 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2006-10-26 18:40:36 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
+ 2006-10-26 18:40:36 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2006-10-26 18:40:36 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
+ 2006-10-26 18:40:36 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
+ 2006-10-26 18:40:36 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2006-10-26 18:40:36 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{137504E1-2B68-46FE-976A-7E7F5366D1EC}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5179F93B-1BBD-4C23-83C4-C3E0EC7DCE84}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-09-20 08:35]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-09-20 08:32]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-09-20 08:36]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 12:42]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 16:19]
"ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.exe" [2004-09-22 20:00]
"McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" [2005-02-25 16:50]
"Network Associates Error Reporting Service"="C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe" [2003-10-07 09:48]
"QuickFinder Scheduler"="C:\Program Files\WordPerfect Office 11\Programs\QFSCHD110.EXE" [2003-07-09 12:07]
"NWTRAY"="NWTRAY.EXE" [2002-03-12 11:37 C:\WINDOWS\system32\nwtray.exe]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-05-11 10:10]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-14 13:47]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 22:32]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Novell Messenger"="C:\Novell\Messenger\NMCL32.exe" [2005-07-19 15:30]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-04 12:08]
"DKab1err"="C:\Program Files\Dell\Printer Software\ErrorApp\DKab1err.exe" [2006-10-21 12:38]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe [2006-07-17 15:05:39]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06]
Desktop Application Director 11.lnk - C:\WINDOWS\Installer\{54F90B55-BEB3-4F0D-8802-228822FA5921}\NewShortcut1_3.exe [2006-05-04 09:34:13]
Exif Launcher 2.lnk - C:\Program Files\FinePixViewer\QuickDCF2.exe [2007-09-10 14:49:58]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"disablecad"=0 (0x0)
"CompatibleRUPSecurity"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 nwv1_0
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Aim6"="C:\Program Files\AIM6\aim6.exe" /d locale=en-US
ee://aol/imApp
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
R0 NICM;Novell InterService Communication Driver;C:\WINDOWS\system32\drivers\nicm.sys
R0 NWFILTER;Novell UNC Path Filter;C:\WINDOWS\system32\NetWare\nwfilter.sys
R1 NaiAvTdi1;NaiAvTdi1;C:\WINDOWS\system32\drivers\mvstdi5x.sys
R2 Daily Backup;Daily Backup;"C:\Program Files\Tivoli\baclient\dsmcsvc.exe"
R2 NetwareWorkstation;Novell Client for Windows;C:\WINDOWS\system32\NetWare\nwfs.sys
R2 NWDHCP;Novell DHCP Inform Client;C:\WINDOWS\system32\NetWare\nwdhcp.sys
R2 RESMGR;Novell NetWare Resource Manager;C:\WINDOWS\system32\NetWare\resmgr.sys
R2 SRVLOC;Novell Service Location;C:\WINDOWS\system32\NetWare\srvloc.sys
R3 dkab_device;dkab_device;C:\WINDOWS\system32\DKabcoms.exe -service
R3 NWDNS;Novell DNS Name Space Service Provider;C:\WINDOWS\system32\NetWare\nwdns.sys
R3 NWHOST;Novell Host File Name Space Service Provider;C:\WINDOWS\system32\NetWare\NWHOST.sys
R3 NWSLP;Novell SLP Name Space Service Provider;C:\WINDOWS\system32\NetWare\nwslp.sys
R3 NWSNS;Novell Simple Naming Services;C:\WINDOWS\system32\NetWare\NWSNS.sys
S2 NWSIPX32;Novell NetWare IPX/SPX Transport Interface;C:\WINDOWS\system32\NetWare\nwsipx32.sys
S3 cusrvc;Client Update Service for Novell;C:\WINDOWS\system32\cusrvc.exe
S3 NWSAP;Novell SAP Name Space Provider;C:\WINDOWS\system32\NetWare\NWSAP.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
AutoRun\command - E:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3644ff06-1a91-11dc-b2be-0013720f756d}]
AutoRun\command - E:\LaunchU3.exe
*Newly Created Service* - ENTDRV51
.
Contents of the 'Scheduled Tasks' folder
"2007-10-27 14:47:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
.
**************************************************************************
catchme 0.3.1232 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-10-29 16:56:25
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-29 16:57:14 - machine was rebooted
C:\ComboFix2.txt ... 2007-10-25 08:11
.
--- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:00, on 2007-10-29
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Tivoli\baclient\dsmcsvc.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe
C:\WINDOWS\system32\NWTRAY.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Novell\Messenger\NMCL32.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Dell\Printer Software\ErrorApp\DKab1err.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\DKabcoms.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\WordPerfect Office 11\Programs\DAD11.exe
C:\Program Files\FinePixViewer\QuickDCF2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\nelsoj2\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.auburn.edu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.dell.com
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {137504E1-2B68-46FE-976A-7E7F5366D1EC} - (no file)
O2 - BHO: (no name) - {5179F93B-1BBD-4C23-83C4-C3E0EC7DCE84} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe"
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office 11\Programs\QFSCHD110.EXE"
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKCU\..\Run: [Novell Messenger] "C:\Novell\Messenger\NMCL32.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DKab1err] C:\Program Files\Dell\Printer Software\ErrorApp\DKab1err.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Desktop Application Director 11.lnk = ?
O4 - Global Startup: Exif Launcher 2.lnk = ?
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.1\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll
O9 - Extra button: Novell Messenger - {3C3171BC-1025-43d1-8D1D-61CF4B38A28F} - C:\Novell\MESSEN~1\NMCL32.exe
O9 - Extra 'Tools' menuitem: Novell Messenger - {3C3171BC-1025-43d1-8D1D-61CF4B38A28F} - C:\Novell\MESSEN~1\NMCL32.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -
http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) -
file://C:\WINDOWS\msxml4.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = auburn.edu
O17 - HKLM\Software\..\Telephony: DomainName = auburn.edu
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = auburn.edu
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe
O23 - Service: Daily Backup - IBM Corporation - C:\Program Files\Tivoli\baclient\dsmcsvc.exe
O23 - Service: dkab_device - - C:\WINDOWS\system32\DKabcoms.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O24 - Desktop Component 0: (no name) -
http://static.ak.facebook.com/images/no ... nd_ie6.gif
--
End of file - 9536 bytes