Ok the first indication I had that there was something wrong is when this XP Antivirus 2009 started popping up and it wouldn't go away. I would have to bring up task manager to get rid of it and close IE. This was shortly after returning home. My oldest grandson had been on the computer while I was gone and no telling what sites he went to and of course he not talking. I do have the computer password protected but I forgot to log off when I left and now I'm paying for it. grrrr
This is new computer and it came with Macafee installed on it and Macafee didn't do squat ugh. So I ditched Macafee and downloaded Avast! Ran thier boot time scanner and ran it again after start up and these are the things they found and put in the chest the several times I've run it.
nstC2aa.dll
nstA03C.dll
xxx8712.exe
xxx6143.exe
xxx6173.exe
xxx5672.exe
84[1].exe
7[1].exe
6[1]exe
85[1].exe
120[1].exe
~tmpc.exe <several copies of this one.. it keeps coming back
eauzycuitwog.dll
dbstr.dll
There were a couple of files it specifically ask me about in the boot time scan and since I wasn't sure I said "not sure" and it didn't put them in the chest. I guess those files were system files.
I also installed spyware doctor.. geesh could kick myself. I've had it since I got puter but never installed it yet. Ran spyware doctor and it found a lot of stuff and supposedly deleted it too.
There are 2 files that keep popping up on my task manager or rather processes and these keep freezing me up. I had to keep task manager open while running gmer in order to do a complete scan. I tryed about 3 times and each time it froze up when this process started. ~tmpb.exe
There is also a xxx3641.exe process that I hadn't seen before listed.
I think thats all. I'm attaching the reports.
Would appreciate your help ;0)
DDS (Version 1.0) - NTFSx86
Run by Chevy57Sue at 14:06:57.05 on Wed 11/12/2008
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3325.2315 [GMT -5:00]
============== Running Processes ===============
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Norton Save and Restore\Agent\VProTray.exe
C:\Windows\System32\ico.exe
C:\Windows\System32\Pmxmiced.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\XPSMiniViewGadget\XPSMiniViewGadget.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Chevy57Sue\AppData\Local\Temp\xxx3641.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Taskmgr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Chevy57Sue\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Psuedo HJT Report ===============
uStart Page = hxxp://www.insightbb.com/
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0080612
mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0080612
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [KeBDupxYRU] c:\programdata\paxctqhm\fkrqhirw.exe
uRun: [strmsg] c:\windows\system32\hgtwzkxu.exe
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [MSFox] c:\users\chevy57sue\appdata\local\temp\xxx3641.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [SigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\sttray.exe
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [Norton Save and Restore 2.0] "c:\program files\norton save and restore\agent\VProTray.exe"
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [<NO NAME>]
mRun: [PMX Daemon] ICO.EXE
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\programdata\scansoft\paperport\11\config\ereg\Ereg.ini
mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
dRun: [DelayShred] c:\progra~1\mcafee\mshr\shrcl.exe /p7 /q c:\users\chevy5~1\appdata\local\micros~1\windows\tempor~1\content.ie5\00i841xk\ads_4_~1.sh! c:\users\chevy5~1\appdata\local\micros~1\windows\tempor~1\content.ie5\00i841xk\ADS_1_~1.SH!
mExplorerRun: [KeBDupxYRU] c:\programdata\paxctqhm\fkrqhirw.exe
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
Notify: GoToAssist -c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
============= SERVICES / DRIVERS ===============
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys
R3 atikmdag;atikmdag;c:\windows\system32\drivers\atikmdag.sys
S4 ErrDev;Microsoft Hardware Error Device Driver;c:\windows\system32\drivers\errdev.sys
S4 MegaSR;MegaSR;c:\windows\system32\drivers\megasr.sys
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys
R3 pmxmouse;PMXMOUSE;c:\windows\system32\drivers\pmxmouse.sys
R3 pmxusblf;PMXUSBLF;c:\windows\system32\drivers\pmxusblf.sys
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:\program files\adobe\photoshop elements 6.0\PhotoshopElementsFileAgent.exe
S3 GoToAssist;GoToAssist;c:\program files\citrix\gotoassist\514\g2aservice.exe Start=service
R2 Norton Save and Restore;Norton Save and Restore;c:\program files\norton save and restore\agent\VProSvc.exe
S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxLiveShare10.exe
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe
S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatch10.exe
S2 SessionLauncher;SessionLauncher;c:\users\admini~1\appdata\local\temp\dx9\SessionLauncher.exe
============== File Associations ===============
regedit=regedit.exe "%1"
=============== Created Last 30 ================
2008-11-12 10:59 126,468 a------- c:\windows\system32\msxml71.dll
2008-11-12 08:31 102,664 a------- c:\windows\system32\drivers\tmcomm.sys
2008-11-12 08:30 <DIR> --d----- c:\users\chevy57sue\.housecall6.6
2008-11-11 21:09 <DIR> a-d----- c:\programdata\TEMP
2008-11-11 20:06 81,288 a------- c:\windows\system32\drivers\iksyssec.sys
2008-11-11 20:06 66,952 a------- c:\windows\system32\drivers\iksysflt.sys
2008-11-11 20:06 40,840 a------- c:\windows\system32\drivers\ikfilesec.sys
2008-11-11 20:06 29,576 a------- c:\windows\system32\drivers\kcom.sys
2008-11-11 20:06 <DIR> --d----- c:\users\chevy5~1\appdata\roaming\PC Tools
2008-11-11 20:06 <DIR> --d----- c:\program files\Spyware Doctor
2008-11-11 20:06 626,688 a------- c:\windows\system32\msvcr80.dll
2008-11-11 20:01 118 a------- c:\windows\system32\MRT.INI
2008-11-11 19:59 1,334,272 a------- c:\windows\system32\msxml6.dll
2008-11-11 19:59 1,191,936 a------- c:\windows\system32\msxml3.dll
2008-11-11 19:59 212,480 a------- c:\windows\system32\drivers\mrxsmb10.sys
2008-11-10 08:25 <DIR> --d----- c:\program files\trend micro
2008-11-10 07:29 250 a------- c:\windows\gmer.ini
2008-11-10 00:49 28,544 a------- c:\windows\system32\drivers\pavboot.sys
2008-11-10 00:49 <DIR> --d----- c:\program files\Panda Security
2008-11-09 18:21 51,280 a------- c:\windows\system32\drivers\aswMonFlt.sys
2008-11-06 17:53 <DIR> --d----- c:\program files\common files\SWF Studio
2008-10-31 14:27 428,544 a------- c:\windows\system32\EncDec.dll
2008-10-31 14:27 217,088 a------- c:\windows\system32\psisrndr.ax
2008-10-31 14:27 177,664 a------- c:\windows\system32\mpg2splt.ax
2008-10-31 14:27 293,376 a------- c:\windows\system32\psisdecd.dll
2008-10-31 14:27 80,896 a------- c:\windows\system32\MSNP.ax
2008-10-28 20:44 <DIR> --d----- c:\users\chevy5~1\appdata\roaming\Unity
2008-10-28 18:01 147,456 a------- c:\windows\system32\Faultrep.dll
2008-10-28 18:01 125,952 a------- c:\windows\system32\wersvc.dll
2008-10-28 18:01 443,392 a------- c:\windows\system32\win32spl.dll
2008-10-14 12:50 2,032,640 a------- c:\windows\system32\win32k.sys
2008-10-14 12:50 288,768 a------- c:\windows\system32\drivers\srv.sys
2008-10-14 12:50 3,601,464 a------- c:\windows\system32\ntkrnlpa.exe
2008-10-14 12:50 3,549,240 a------- c:\windows\system32\ntoskrnl.exe
2008-10-14 12:50 827,392 a------- c:\windows\system32\wininet.dll
2008-10-14 12:50 1,383,424 a------- c:\windows\system32\mshtml.tlb
2008-10-13 19:43 <DIR> --d----- c:\program files\Unity
==================== Find3M ====================
2008-11-09 20:03 <DIR> --d----- c:\program files\qwdicxb
2008-10-24 03:19 <DIR> --d----- c:\progra~2\paxctqhm
2008-10-24 03:11 <DIR> --d----- c:\users\chevy5~1\appdata\roaming\Amazon
2008-10-24 03:04 <DIR> --d----- c:\program files\Amazon
2008-10-14 20:17 <DIR> --d----- c:\progra~2\Dell
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2008-09-21 15:38 <DIR> --d----- c:\program files\There
2008-09-19 00:06 <DIR> --d----- c:\program files\Sierra On-Line
2008-09-18 01:09 <DIR> --d----- c:\program files\Brother
2008-09-18 01:04 <DIR> --d----- c:\program files\Nuance
2008-09-18 01:04 <DIR> --d----- c:\progra~2\ScanSoft
2008-09-18 01:04 <DIR> --d----- c:\program files\common files\ScanSoft Shared
2008-09-18 01:03 <DIR> --d----- c:\program files\ScanSoft
2008-09-18 01:03 <DIR> --d----- c:\progra~2\Brother
2008-09-18 00:52 <DIR> --d----- c:\program files\Messenger Plus! Live
2008-06-24 23:54 <DIR> --d----- c:\users\chevy5~1\appdata\roaming\Symantec
2008-06-17 19:10 <DIR> --d----- c:\progra~2\Messenger Plus!
2008-06-14 00:24 <DIR> --d----- c:\progra~2\ATI
2008-06-12 11:19 <DIR> --d----- c:\progra~2\Symantec
2008-06-12 11:12 <DIR> --d----- c:\progra~2\Uninstall
2008-06-12 11:06 <DIR> --d----- c:\progra~2\SupportSoft
============= FINISH: 14:07:21.33 ===============
This is new computer and it came with Macafee installed on it and Macafee didn't do squat ugh. So I ditched Macafee and downloaded Avast! Ran thier boot time scanner and ran it again after start up and these are the things they found and put in the chest the several times I've run it.
nstC2aa.dll
nstA03C.dll
xxx8712.exe
xxx6143.exe
xxx6173.exe
xxx5672.exe
84[1].exe
7[1].exe
6[1]exe
85[1].exe
120[1].exe
~tmpc.exe <several copies of this one.. it keeps coming back
eauzycuitwog.dll
dbstr.dll
There were a couple of files it specifically ask me about in the boot time scan and since I wasn't sure I said "not sure" and it didn't put them in the chest. I guess those files were system files.
I also installed spyware doctor.. geesh could kick myself. I've had it since I got puter but never installed it yet. Ran spyware doctor and it found a lot of stuff and supposedly deleted it too.
There are 2 files that keep popping up on my task manager or rather processes and these keep freezing me up. I had to keep task manager open while running gmer in order to do a complete scan. I tryed about 3 times and each time it froze up when this process started. ~tmpb.exe
There is also a xxx3641.exe process that I hadn't seen before listed.
I think thats all. I'm attaching the reports.
Would appreciate your help ;0)
DDS (Version 1.0) - NTFSx86
Run by Chevy57Sue at 14:06:57.05 on Wed 11/12/2008
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3325.2315 [GMT -5:00]
============== Running Processes ===============
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Norton Save and Restore\Agent\VProTray.exe
C:\Windows\System32\ico.exe
C:\Windows\System32\Pmxmiced.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\XPSMiniViewGadget\XPSMiniViewGadget.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Chevy57Sue\AppData\Local\Temp\xxx3641.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Taskmgr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Chevy57Sue\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Psuedo HJT Report ===============
uStart Page = hxxp://www.insightbb.com/
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0080612
mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0080612
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [KeBDupxYRU] c:\programdata\paxctqhm\fkrqhirw.exe
uRun: [strmsg] c:\windows\system32\hgtwzkxu.exe
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [MSFox] c:\users\chevy57sue\appdata\local\temp\xxx3641.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [SigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\sttray.exe
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [Norton Save and Restore 2.0] "c:\program files\norton save and restore\agent\VProTray.exe"
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [<NO NAME>]
mRun: [PMX Daemon] ICO.EXE
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\programdata\scansoft\paperport\11\config\ereg\Ereg.ini
mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
dRun: [DelayShred] c:\progra~1\mcafee\mshr\shrcl.exe /p7 /q c:\users\chevy5~1\appdata\local\micros~1\windows\tempor~1\content.ie5\00i841xk\ads_4_~1.sh! c:\users\chevy5~1\appdata\local\micros~1\windows\tempor~1\content.ie5\00i841xk\ADS_1_~1.SH!
mExplorerRun: [KeBDupxYRU] c:\programdata\paxctqhm\fkrqhirw.exe
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
Notify: GoToAssist -c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
============= SERVICES / DRIVERS ===============
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys
R3 atikmdag;atikmdag;c:\windows\system32\drivers\atikmdag.sys
S4 ErrDev;Microsoft Hardware Error Device Driver;c:\windows\system32\drivers\errdev.sys
S4 MegaSR;MegaSR;c:\windows\system32\drivers\megasr.sys
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys
R3 pmxmouse;PMXMOUSE;c:\windows\system32\drivers\pmxmouse.sys
R3 pmxusblf;PMXUSBLF;c:\windows\system32\drivers\pmxusblf.sys
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:\program files\adobe\photoshop elements 6.0\PhotoshopElementsFileAgent.exe
S3 GoToAssist;GoToAssist;c:\program files\citrix\gotoassist\514\g2aservice.exe Start=service
R2 Norton Save and Restore;Norton Save and Restore;c:\program files\norton save and restore\agent\VProSvc.exe
S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxLiveShare10.exe
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe
S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatch10.exe
S2 SessionLauncher;SessionLauncher;c:\users\admini~1\appdata\local\temp\dx9\SessionLauncher.exe
============== File Associations ===============
regedit=regedit.exe "%1"
=============== Created Last 30 ================
2008-11-12 10:59 126,468 a------- c:\windows\system32\msxml71.dll
2008-11-12 08:31 102,664 a------- c:\windows\system32\drivers\tmcomm.sys
2008-11-12 08:30 <DIR> --d----- c:\users\chevy57sue\.housecall6.6
2008-11-11 21:09 <DIR> a-d----- c:\programdata\TEMP
2008-11-11 20:06 81,288 a------- c:\windows\system32\drivers\iksyssec.sys
2008-11-11 20:06 66,952 a------- c:\windows\system32\drivers\iksysflt.sys
2008-11-11 20:06 40,840 a------- c:\windows\system32\drivers\ikfilesec.sys
2008-11-11 20:06 29,576 a------- c:\windows\system32\drivers\kcom.sys
2008-11-11 20:06 <DIR> --d----- c:\users\chevy5~1\appdata\roaming\PC Tools
2008-11-11 20:06 <DIR> --d----- c:\program files\Spyware Doctor
2008-11-11 20:06 626,688 a------- c:\windows\system32\msvcr80.dll
2008-11-11 20:01 118 a------- c:\windows\system32\MRT.INI
2008-11-11 19:59 1,334,272 a------- c:\windows\system32\msxml6.dll
2008-11-11 19:59 1,191,936 a------- c:\windows\system32\msxml3.dll
2008-11-11 19:59 212,480 a------- c:\windows\system32\drivers\mrxsmb10.sys
2008-11-10 08:25 <DIR> --d----- c:\program files\trend micro
2008-11-10 07:29 250 a------- c:\windows\gmer.ini
2008-11-10 00:49 28,544 a------- c:\windows\system32\drivers\pavboot.sys
2008-11-10 00:49 <DIR> --d----- c:\program files\Panda Security
2008-11-09 18:21 51,280 a------- c:\windows\system32\drivers\aswMonFlt.sys
2008-11-06 17:53 <DIR> --d----- c:\program files\common files\SWF Studio
2008-10-31 14:27 428,544 a------- c:\windows\system32\EncDec.dll
2008-10-31 14:27 217,088 a------- c:\windows\system32\psisrndr.ax
2008-10-31 14:27 177,664 a------- c:\windows\system32\mpg2splt.ax
2008-10-31 14:27 293,376 a------- c:\windows\system32\psisdecd.dll
2008-10-31 14:27 80,896 a------- c:\windows\system32\MSNP.ax
2008-10-28 20:44 <DIR> --d----- c:\users\chevy5~1\appdata\roaming\Unity
2008-10-28 18:01 147,456 a------- c:\windows\system32\Faultrep.dll
2008-10-28 18:01 125,952 a------- c:\windows\system32\wersvc.dll
2008-10-28 18:01 443,392 a------- c:\windows\system32\win32spl.dll
2008-10-14 12:50 2,032,640 a------- c:\windows\system32\win32k.sys
2008-10-14 12:50 288,768 a------- c:\windows\system32\drivers\srv.sys
2008-10-14 12:50 3,601,464 a------- c:\windows\system32\ntkrnlpa.exe
2008-10-14 12:50 3,549,240 a------- c:\windows\system32\ntoskrnl.exe
2008-10-14 12:50 827,392 a------- c:\windows\system32\wininet.dll
2008-10-14 12:50 1,383,424 a------- c:\windows\system32\mshtml.tlb
2008-10-13 19:43 <DIR> --d----- c:\program files\Unity
==================== Find3M ====================
2008-11-09 20:03 <DIR> --d----- c:\program files\qwdicxb
2008-10-24 03:19 <DIR> --d----- c:\progra~2\paxctqhm
2008-10-24 03:11 <DIR> --d----- c:\users\chevy5~1\appdata\roaming\Amazon
2008-10-24 03:04 <DIR> --d----- c:\program files\Amazon
2008-10-14 20:17 <DIR> --d----- c:\progra~2\Dell
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2008-09-21 15:38 <DIR> --d----- c:\program files\There
2008-09-19 00:06 <DIR> --d----- c:\program files\Sierra On-Line
2008-09-18 01:09 <DIR> --d----- c:\program files\Brother
2008-09-18 01:04 <DIR> --d----- c:\program files\Nuance
2008-09-18 01:04 <DIR> --d----- c:\progra~2\ScanSoft
2008-09-18 01:04 <DIR> --d----- c:\program files\common files\ScanSoft Shared
2008-09-18 01:03 <DIR> --d----- c:\program files\ScanSoft
2008-09-18 01:03 <DIR> --d----- c:\progra~2\Brother
2008-09-18 00:52 <DIR> --d----- c:\program files\Messenger Plus! Live
2008-06-24 23:54 <DIR> --d----- c:\users\chevy5~1\appdata\roaming\Symantec
2008-06-17 19:10 <DIR> --d----- c:\progra~2\Messenger Plus!
2008-06-14 00:24 <DIR> --d----- c:\progra~2\ATI
2008-06-12 11:19 <DIR> --d----- c:\progra~2\Symantec
2008-06-12 11:12 <DIR> --d----- c:\progra~2\Uninstall
2008-06-12 11:06 <DIR> --d----- c:\progra~2\SupportSoft
============= FINISH: 14:07:21.33 ===============
