Deckard's System Scanner v20071014.68 Run by Justin Kahl on 2008-07-25 22:25:50 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- Last 5 Restore Point(s) -- 19: 2008-07-25 05:57:55 UTC - RP452 - Windows Update 18: 2008-07-25 04:00:01 UTC - RP451 - Scheduled Checkpoint 17: 2008-07-23 20:51:33 UTC - RP450 - Installed SolidWorks 2007 SP0 16: 2008-07-23 20:23:10 UTC - RP449 - Installed COSMOSMotion 2007 SP0 15: 2008-07-23 20:21:45 UTC - RP448 - Installed COSMOSWorks 2007 SP0 -- First Restore Point -- 1: 2008-07-22 19:29:03 UTC - RP434 - Scheduled Checkpoint Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Justin Kahl.exe) ----------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:30:35 PM, on 7/25/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16681) Boot mode: Normal Running processes: C:\Windows\SOUNDMAN.EXE C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\AIM6\aim6.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Program Files (x86)\AVG\AVG8\avgtray.exe C:\Program Files (x86)\AIM6\aolsoftware.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Justin Kahl\Desktop\dss.exe C:\PROGRA~2\TRENDM~1\HIJACK~1\Justin Kahl.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] "C:\Program Files (x86)\PowerISO\PWRISOVM.EXE" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Aim6] "C:\Program Files (x86)\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3CCB369C-4D63-4286-9CC3-1F752694DD0D}: NameServer = 10.1.10.100,10.1.10.101 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GR99D3~1.DLL O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgfws8.exe O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Program Files (x86)\Dassault Systemes\B14\intel_a\code\bin\CATSysDemon.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8986 bytes -- HijackThis Fixed Entries (C:\PROGRA~2\TRENDM~1\HIJACK~1\backups\) ----------- backup-20080722-061124-145 O2 - BHO: CodecPlugin Class - {098716A9-0310-4CBE-BD64-B790A9761158} - C:\Windows\SysWow64\RichVideoCodec.dll backup-20080722-061124-252 O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" backup-20080722-061124-344 O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL backup-20080722-061124-437 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" backup-20080722-061124-607 O4 - HKCU\..\Run: [Aim6] "C:\Program Files (x86)\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp backup-20080722-061124-806 O4 - Global Startup: uninstall-ubuntu.exe backup-20080722-061124-899 O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab backup-20080722-132527-193 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = backup-20080722-132527-359 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = backup-20080722-132527-579 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = backup-20080722-132527-594 O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe backup-20080722-132527-754 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll backup-20080722-132527-772 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 ACPI (Microsoft ACPI Driver) - c:\windows\system32\drivers\acpi.sys (file missing) R0 atapi (IDE Channel) - c:\windows\system32\drivers\atapi.sys (file missing) R0 CLFS (Common Log (CLFS)) - c:\windows\system32\clfs.sys (file missing) R0 crcdisk (Crcdisk Filter Driver) - c:\windows\system32\drivers\crcdisk.sys (file missing) R0 disk (Disk Driver) - c:\windows\system32\drivers\disk.sys (file missing) R0 Ecache (ReadyBoost Caching Driver) - c:\windows\system32\drivers\ecache.sys (file missing) R0 FileInfo (File Information FS MiniFilter) - c:\windows\system32\drivers\fileinfo.sys (file missing) R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys (file missing) R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys (file missing) R0 MountMgr (Mount Point Manager) - c:\windows\system32\drivers\mountmgr.sys (file missing) R0 msisadrv (ISA/EISA Class Driver) - c:\windows\system32\drivers\msisadrv.sys (file missing) R0 Mup - c:\windows\system32\drivers\mup.sys (file missing) R0 NDIS (NDIS System Driver) - c:\windows\system32\drivers\ndis.sys (file missing) R0 nvstor64 - c:\windows\system32\drivers\nvstor64.sys (file missing) R0 partmgr (Partition Manager) - c:\windows\system32\drivers\partmgr.sys (file missing) R0 pci (PCI Bus Driver) - c:\windows\system32\drivers\pci.sys (file missing) R0 pciide - c:\windows\system32\drivers\pciide.sys (file missing) R0 spldr (Security Processor Loader Driver) - c:\windows\system32\drivers\spldr.sys (file missing) R0 volmgr (Volume Manager Driver) - c:\windows\system32\drivers\volmgr.sys (file missing) R0 volmgrx (Dynamic Volume Manager) - c:\windows\system32\drivers\volmgrx.sys (file missing) R0 volsnap (Storage volumes) - c:\windows\system32\drivers\volsnap.sys (file missing) R0 Wdf01000 (Kernel Mode Driver Frameworks service) - c:\windows\system32\drivers\wdf01000.sys (file missing) R1 AFD (Ancilliary Function Driver for Winsock) - c:\windows\system32\drivers\afd.sys (file missing) R1 AvgLdx64 (AVG AVI Loader Driver x64) - c:\windows\system32\drivers\avgldx64.sys (file missing) R1 AvgMfx64 (AVG Minifilter x64 Resident Driver) - c:\windows\system32\drivers\avgmfx64.sys (file missing) R1 cdrom (CD-ROM Driver) - c:\windows\system32\drivers\cdrom.sys (file missing) R1 CSC (Offline Files Driver) - c:\windows\system32\drivers\csc.sys (file missing) R1 DfsC (Dfs Client Driver) - c:\windows\system32\drivers\dfsc.sys (file missing) R1 kbdclass (Keyboard Class Driver) - c:\windows\system32\drivers\kbdclass.sys (file missing) R1 kbdhid (Keyboard HID Driver) - c:\windows\system32\drivers\kbdhid.sys (file missing) R1 mouclass (Mouse Class Driver) - c:\windows\system32\drivers\mouclass.sys (file missing) R1 Msfs - c:\windows\system32\drivers\msfs.sys (file missing) R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers\netbios.sys (file missing) R1 netbt - c:\windows\system32\drivers\netbt.sys (file missing) R1 Npfs - c:\windows\system32\drivers\npfs.sys (file missing) R1 nsiproxy (NSI proxy service) - c:\windows\system32\drivers\nsiproxy.sys (file missing) R1 Null - c:\windows\system32\drivers\null.sys (file missing) R1 PSched (QoS Packet Scheduler) - c:\windows\system32\drivers\pacer.sys (file missing) R1 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys (file missing) R1 rdbss (Redirected Buffering Sub Sysytem) - c:\windows\system32\drivers\rdbss.sys (file missing) R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys (file missing) R1 RDPENCDD (RDP Encoder Mirror Driver) - c:\windows\system32\drivers\rdpencdd.sys (file missing) R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys (file missing) R1 Serial (Serial port driver) - c:\windows\system32\drivers\serial.sys (file missing) R1 Smb (Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)) - c:\windows\system32\drivers\smb.sys (file missing) R1 Tcpip (TCP/IP Protocol Driver) - c:\windows\system32\drivers\tcpip.sys (file missing) R1 tdx (NetIO Legacy TDI Support Driver) - c:\windows\system32\drivers\tdx.sys (file missing) R1 TermDD (Terminal Device Driver) - c:\windows\system32\drivers\termdd.sys (file missing) R1 VgaSave - c:\windows\system32\drivers\vga.sys (file missing) R1 Wanarpv6 (Remote Access IPv6 ARP Driver) - c:\windows\system32\drivers\wanarp.sys (file missing) R2 lltdio (Link-Layer Topology Discovery Mapper I/O Driver) - c:\windows\system32\drivers\lltdio.sys (file missing) R2 luafv (UAC File Virtualization) - c:\windows\system32\drivers\luafv.sys (file missing) R2 PEAUTH - c:\windows\system32\drivers\peauth.sys (file missing) R2 rspndr (Link-Layer Topology Discovery Responder) - c:\windows\system32\drivers\rspndr.sys (file missing) R2 secdrv (Security Driver) - c:\windows\system32\drivers\secdrv.sys (file missing) R2 tcpipreg (TCP/IP Registry Compatibility) - c:\windows\system32\drivers\tcpipreg.sys (file missing) R3 ALCXWDM (Service for Realtek AC97 Audio (WDM)) - c:\windows\system32\drivers\rtkvac64.sys (file missing) R3 AmdK8 (AMD K8 Processor Driver) - c:\windows\system32\drivers\amdk8.sys (file missing) R3 AsyncMac (RAS Asynchronous Media Driver) - c:\windows\system32\drivers\asyncmac.sys (file missing) R3 AvgWfpA (AVG8 Firewall Driver x86) - c:\windows\system32\drivers\avgwfpa.sys (file missing) R3 bowser - c:\windows\system32\drivers\bowser.sys (file missing) R3 BthEnum (Bluetooth Request Block Driver) - c:\windows\system32\drivers\bthenum.sys (file missing) R3 BthPan (Bluetooth Device (Personal Area Network)) - c:\windows\system32\drivers\bthpan.sys (file missing) R3 BTHUSB (Bluetooth Radio USB Driver) - c:\windows\system32\drivers\bthusb.sys (file missing) R3 DXGKrnl (LDDM Graphics Subsystem) - c:\windows\system32\drivers\dxgkrnl.sys (file missing) R3 fastfat (FAT12/16/32 File System Driver) - c:\windows\system32\drivers\fastfat.sys (file missing) R3 fdc (Floppy Disk Controller Driver) - c:\windows\system32\drivers\fdc.sys (file missing) R3 flpydisk (Floppy Disk Driver) - c:\windows\system32\drivers\flpydisk.sys (file missing) R3 HidBth (Microsoft Bluetooth HID Miniport) - c:\windows\system32\drivers\hidbth.sys (file missing) R3 HidUsb (Microsoft HID Class Driver) - c:\windows\system32\drivers\hidusb.sys (file missing) R3 HTTP - c:\windows\system32\drivers\http.sys (file missing) R3 iScsiPrt (iScsiPort Driver) - c:\windows\system32\drivers\msiscsi.sys (file missing) R3 ksthunk (Kernel Streaming Thunks) - c:\windows\system32\drivers\ksthunk.sys (file missing) R3 LHidFilt (Logitech SetPoint KMDF HID Filter Driver) - c:\windows\system32\drivers\lhidfilt.sys (file missing) R3 LMouFilt (Logitech SetPoint KMDF Mouse Filter Driver) - c:\windows\system32\drivers\lmoufilt.sys (file missing) R3 monitor (Microsoft Monitor Class Function Driver Service) - c:\windows\system32\drivers\monitor.sys (file missing) R3 mouhid (Mouse HID Driver) - c:\windows\system32\drivers\mouhid.sys (file missing) R3 mpsdrv (Windows Firewall Authorization Driver) - c:\windows\system32\drivers\mpsdrv.sys (file missing) R3 MRxDAV (WebDav Client Redirector Driver) - c:\windows\system32\drivers\mrxdav.sys (file missing) R3 mrxsmb (SMB MiniRedirector Wrapper and Engine) - c:\windows\system32\drivers\mrxsmb.sys (file missing) R3 mrxsmb10 (SMB 1.x MiniRedirector) - c:\windows\system32\drivers\mrxsmb10.sys (file missing) R3 mrxsmb20 (SMB 2.0 MiniRedirector) - c:\windows\system32\drivers\mrxsmb20.sys (file missing) R3 mssmbios (Microsoft System Management BIOS Driver) - c:\windows\system32\drivers\mssmbios.sys (file missing) R3 NdisTapi (Remote Access NDIS TAPI Driver) - c:\windows\system32\drivers\ndistapi.sys (file missing) R3 NdisWan (Remote Access NDIS WAN Driver) - c:\windows\system32\drivers\ndiswan.sys (file missing) R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers\ndproxy.sys (file missing) R3 Ntfs - c:\windows\system32\drivers\ntfs.sys (file missing) R3 NVENETFD (NVIDIA nForce Networking Controller Driver) - c:\windows\system32\drivers\nvmfdx64.sys (file missing) R3 nvlddmkm - c:\windows\system32\drivers\nvlddmkm.sys (file missing) R3 Parport (Parallel port driver) - c:\windows\system32\drivers\parport.sys (file missing) R3 PptpMiniport (WAN Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys (file missing) R3 Rasl2tp (WAN Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys (file missing) R3 RasPppoe (Remote Access PPPOE Driver) - c:\windows\system32\drivers\raspppoe.sys (file missing) R3 rdpdr (Terminal Server Device Redirector Driver) - c:\windows\system32\drivers\rdpdr.sys (file missing) R3 RDPWD (RDP Winstation Driver) - c:\windows\system32\drivers\rdpwd.sys (file missing) R3 RFCOMM (Bluetooth Device (RFCOMM Protocol TDI)) - c:\windows\system32\drivers\rfcomm.sys (file missing) R3 RTL8169 (Realtek 8169 NT Driver) - c:\windows\system32\drivers\rtlh64.sys (file missing) R3 Serenum (Serenum Filter Driver) - c:\windows\system32\drivers\serenum.sys (file missing) R3 srv - c:\windows\system32\drivers\srv.sys (file missing) R3 srv2 - c:\windows\system32\drivers\srv2.sys (file missing) R3 srvnet - c:\windows\system32\drivers\srvnet.sys (file missing) R3 swenum (Software Bus Driver) - c:\windows\system32\drivers\swenum.sys (file missing) R3 TDTCP - c:\windows\system32\drivers\tdtcp.sys (file missing) R3 tssecsrv (Terminal Services Security Filter Driver) - c:\windows\system32\drivers\tssecsrv.sys (file missing) R3 tunmp (Microsoft Tun Miniport Adapter Driver) - c:\windows\system32\drivers\tunmp.sys (file missing) R3 tunnel (Microsoft IPv6 Tunnel Miniport Adapter Driver) - c:\windows\system32\drivers\tunnel.sys (file missing) R3 umbus (UMBus Enumerator Driver) - c:\windows\system32\drivers\umbus.sys (file missing) R3 usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - c:\windows\system32\drivers\usbehci.sys (file missing) R3 usbhub (Microsoft USB Standard Hub Driver) - c:\windows\system32\drivers\usbhub.sys (file missing) R3 usbohci (Microsoft USB Open Host Controller Miniport Driver) - c:\windows\system32\drivers\usbohci.sys (file missing) R3 USBSTOR (USB Mass Storage Driver) - c:\windows\system32\drivers\usbstor.sys (file missing) R3 WUDFRd - c:\windows\system32\drivers\wudfrd.sys (file missing) R4 cdfs (CD/DVD File System Reader) - c:\windows\system32\drivers\cdfs.sys (file missing) S2 Hardlock - c:\windows\system32\drivers\hardlock.sys (file missing) S3 agp440 (Intel AGP Bus Filter) - c:\windows\system32\drivers\agp440.sys (file missing) S3 BrFiltLo (Brother USB Mass-Storage Lower Filter Driver) - c:\windows\system32\drivers\brfiltlo.sys (file missing) S3 BrFiltUp (Brother USB Mass-Storage Upper Filter Driver) - c:\windows\system32\drivers\brfiltup.sys (file missing) S3 BrUsbSer (Brother MFC USB Serial WDM Driver) - c:\windows\system32\drivers\brusbser.sys (file missing) S3 BTHPORT (Bluetooth Port Driver) - c:\windows\system32\drivers\bthport.sys (file missing) S3 DFUBTUSB (WIDCOMM USB Bluetooth Driver in DFU State) - c:\windows\system32\drivers\frmupgr.sys (file missing) S3 drmkaud (Microsoft Kernel DRM Audio Descrambler) - c:\windows\system32\drivers\drmkaud.sys (file missing) S3 E1G60 (Intel(R) PRO/1000 NDIS 6 Adapter Driver) - c:\windows\system32\drivers\e1g6032e.sys (file missing) S3 Filetrace - c:\windows\system32\drivers\filetrace.sys (file missing) S3 gagp30kx (Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) - c:\windows\system32\drivers\gagp30kx.sys (file missing) S3 IpFilterDriver (IP Traffic Filter Driver) - c:\windows\system32\drivers\ipfltdrv.sys (file missing) S3 IPMIDRV - c:\windows\system32\drivers\ipmidrv.sys (file missing) S3 IPNAT (IP Network Address Translator) - c:\windows\system32\drivers\ipnat.sys (file missing) S3 IRENUM (IR Bus Enumerator) - c:\windows\system32\drivers\irenum.sys (file missing) S3 Modem - c:\windows\system32\drivers\modem.sys (file missing) S3 MSKSSRV (Microsoft Streaming Service Proxy) - c:\windows\system32\drivers\mskssrv.sys (file missing) S3 MSPCLOCK (Microsoft Streaming Clock Proxy) - c:\windows\system32\drivers\mspclock.sys (file missing) S3 MSPQM (Microsoft Streaming Quality Manager Proxy) - c:\windows\system32\drivers\mspqm.sys (file missing) S3 MsRPC - c:\windows\system32\drivers\msrpc.sys (file missing) S3 MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter) - c:\windows\system32\drivers\mstee.sys (file missing) S3 NativeWifiP (NativeWiFi Filter) - c:\windows\system32\drivers\nwifi.sys (file missing) S3 Ndisuio (NDIS Usermode I/O Protocol) - c:\windows\system32\drivers\ndisuio.sys (file missing) S3 nv_agp (NVIDIA nForce AGP Bus Filter) - c:\windows\system32\drivers\nv_agp.sys (file missing) S3 QWAVEdrv (QWAVE driver) - c:\windows\system32\drivers\qwavedrv.sys (file missing) S3 sffp_mmc (SFF Storage Protocol Driver for MMC) - c:\windows\system32\drivers\sffp_mmc.sys (file missing) S3 sffp_sd (SFF Storage Protocol Driver for SDBus) - c:\windows\system32\drivers\sffp_sd.sys (file missing) S3 Tcpip6 (Microsoft IPv6 Protocol Driver) - c:\windows\system32\drivers\tcpip.sys (file missing) S3 TDPIPE - c:\windows\system32\drivers\tdpipe.sys (file missing) S3 uagp35 (Microsoft AGPv3.5 Filter) - c:\windows\system32\drivers\uagp35.sys (file missing) S3 uliagpkx (Uli AGP Bus Filter) - c:\windows\system32\drivers\uliagpkx.sys (file missing) S3 usbccgp (Microsoft USB Generic Parent Driver) - c:\windows\system32\drivers\usbccgp.sys (file missing) S3 usbprint (Microsoft USB PRINTER Class) - c:\windows\system32\drivers\usbprint.sys (file missing) S3 usbscan (USB Scanner Driver) - c:\windows\system32\drivers\usbscan.sys (file missing) S3 vga - c:\windows\system32\drivers\vgapnp.sys (file missing) S3 Wanarp (Remote Access IP ARP Driver) - c:\windows\system32\drivers\wanarp.sys (file missing) S3 xnacc (XBOX 360 Controller For Windows Driver Service) - c:\windows\system32\drivers\xnacc.sys (file missing) S3 xusb21 (Xbox 360 Wireless Receiver Driver Service 21) - c:\windows\system32\drivers\xusb21.sys (file missing) S4 adp94xx - c:\windows\system32\drivers\adp94xx.sys (file missing) S4 adpahci - c:\windows\system32\drivers\adpahci.sys (file missing) S4 adpu160m - c:\windows\system32\drivers\adpu160m.sys (file missing) S4 adpu320 - c:\windows\system32\drivers\adpu320.sys (file missing) S4 aic78xx - c:\windows\system32\drivers\djsvs.sys (file missing) S4 aliide - c:\windows\system32\drivers\aliide.sys (file missing) S4 amdide - c:\windows\system32\drivers\amdide.sys (file missing) S4 arc - c:\windows\system32\drivers\arc.sys (file missing) S4 arcsas - c:\windows\system32\drivers\arcsas.sys (file missing) S4 Brserid (Brother MFC Serial Port Interface Driver (WDM)) - c:\windows\system32\drivers\brserid.sys (file missing) S4 BrSerWdm (Brother WDM Serial driver) - c:\windows\system32\drivers\brserwdm.sys (file missing) S4 BrUsbMdm (Brother MFC USB Fax Only Modem) - c:\windows\system32\drivers\brusbmdm.sys (file missing) S4 BTHMODEM (Bluetooth Serial Communications Driver) - c:\windows\system32\drivers\bthmodem.sys (file missing) S4 circlass (Consumer IR Devices) - c:\windows\system32\drivers\circlass.sys (file missing) S4 cmdide - c:\windows\system32\drivers\cmdide.sys (file missing) S4 Compbatt (Microsoft Composite Battery Driver) - c:\windows\system32\drivers\compbatt.sys (file missing) S4 elxstor - c:\windows\system32\drivers\elxstor.sys (file missing) S4 HDAudBus (Microsoft UAA Bus Driver for High Definition Audio) - c:\windows\system32\drivers\hdaudbus.sys (file missing) S4 HidIr (Microsoft Infrared HID Driver) - c:\windows\system32\drivers\hidir.sys (file missing) S4 HpCISSs - c:\windows\system32\drivers\hpcisss.sys (file missing) S4 i2omp - c:\windows\system32\drivers\i2omp.sys (file missing) S4 i8042prt (i8042 Keyboard and PS/2 Mouse Port Driver) - c:\windows\system32\drivers\i8042prt.sys (file missing) S4 iaStorV (Intel RAID Controller Vista) - c:\windows\system32\drivers\iastorv.sys (file missing) S4 iirsp - c:\windows\system32\drivers\iirsp.sys (file missing) S4 intelide - c:\windows\system32\drivers\intelide.sys (file missing) S4 intelppm (Intel Processor Driver) - c:\windows\system32\drivers\intelppm.sys (file missing) S4 isapnp (PnP ISA/EISA Bus Driver) - c:\windows\system32\drivers\isapnp.sys (file missing) S4 iteatapi (ITEATAPI_Service_Install) - c:\windows\system32\drivers\iteatapi.sys (file missing) S4 iteraid (ITERAID_Service_Install) - c:\windows\system32\drivers\iteraid.sys (file missing) S4 LSI_FC - c:\windows\system32\drivers\lsi_fc.sys (file missing) S4 LSI_SAS - c:\windows\system32\drivers\lsi_sas.sys (file missing) S4 LSI_SCSI - c:\windows\system32\drivers\lsi_scsi.sys (file missing) S4 megasas - c:\windows\system32\drivers\megasas.sys (file missing) S4 mpio (Microsoft Multi-Path Bus Driver) - c:\windows\system32\drivers\mpio.sys (file missing) S4 Mraid35x - c:\windows\system32\drivers\mraid35x.sys (file missing) S4 msahci - c:\windows\system32\drivers\msahci.sys (file missing) S4 msdsm (Microsoft Multi-Path Device Specific Module) - c:\windows\system32\drivers\msdsm.sys (file missing) S4 nfrd960 - c:\windows\system32\drivers\nfrd960.sys (file missing) S4 nvraid - c:\windows\system32\drivers\nvraid.sys (file missing) S4 nvstor - c:\windows\system32\drivers\nvstor.sys (file missing) S4 ohci1394 (NEC FireWarden OHCI Compliant IEEE 1394 Host Controller) - c:\windows\system32\drivers\ohci1394.sys (file missing) S4 pcmcia - c:\windows\system32\drivers\pcmcia.sys (file missing) S4 Processor (Processor Driver) - c:\windows\system32\drivers\processr.sys (file missing) S4 ql2300 (QLogic Fibre Channel Miniport Driver) - c:\windows\system32\drivers\ql2300.sys (file missing) S4 ql40xx (QLogic iSCSI Miniport Driver) - c:\windows\system32\drivers\ql40xx.sys (file missing) S4 sbp2port (SBP-2 Transport/Protocol Bus Driver) - c:\windows\system32\drivers\sbp2port.sys (file missing) S4 sermouse (Serial Mouse Driver) - c:\windows\system32\drivers\sermouse.sys (file missing) S4 sffdisk (SFF Storage Class Driver) - c:\windows\system32\drivers\sffdisk.sys (file missing) S4 sfloppy (High-Capacity Floppy Disk Drive) - c:\windows\system32\drivers\sfloppy.sys (file missing) S4 SiSRaid2 - c:\windows\system32\drivers\sisraid2.sys (file missing) S4 SiSRaid4 - c:\windows\system32\drivers\sisraid4.sys (file missing) S4 Sym_hi - c:\windows\system32\drivers\sym_hi.sys (file missing) S4 Sym_u3 - c:\windows\system32\drivers\sym_u3.sys (file missing) S4 Symc8xx - c:\windows\system32\drivers\symc8xx.sys (file missing) S4 udfs - c:\windows\system32\drivers\udfs.sys (file missing) S4 uliahci - c:\windows\system32\drivers\uliahci.sys (file missing) S4 UlSata - c:\windows\system32\drivers\ulsata.sys (file missing) S4 ulsata2 - c:\windows\system32\drivers\ulsata2.sys (file missing) S4 usbcir (eHome Infrared Receiver (USBCIR)) - c:\windows\system32\drivers\usbcir.sys (file missing) S4 usbuhci (Microsoft USB Universal Host Controller Miniport Driver) - c:\windows\system32\drivers\usbuhci.sys (file missing) S4 viaide - c:\windows\system32\drivers\viaide.sys (file missing) S4 vsmraid - c:\windows\system32\drivers\vsmraid.sys (file missing) S4 WacomPen (Wacom Serial Pen HID Driver) - c:\windows\system32\drivers\wacompen.sys (file missing) S4 Wd (Microsoft Watchdog Timer Driver) - c:\windows\system32\drivers\wd.sys (file missing) S4 WmiAcpi (Microsoft Windows Management Interface for ACPI) - c:\windows\system32\drivers\wmiacpi.sys (file missing) S4 ws2ifsl (Winsock IFS driver) - c:\windows\system32\drivers\ws2ifsl.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 BBDemon (Backbone Service) - c:\program files (x86)\dassault systemes\b14\intel_a\code\bin\catsysdemon.exe -service R2 SamSs (Security Accounts Manager) - c:\windows\system32\lsass.exe (file missing) R2 slsvc (Software Licensing) - c:\windows\system32\slsvc.exe (file missing) R2 Spooler (Print Spooler) - c:\windows\system32\spoolsv.exe (file missing) R3 ProtectedStorage (Protected Storage) - c:\windows\system32\lsass.exe (file missing) S2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files (x86)\cyberlink\shared files\richvideo.exe" (file missing) S3 ALG (Application Layer Gateway Service) - c:\windows\system32\alg.exe (file missing) S3 DFSR (DFS Replication) - c:\windows\system32\dfsr.exe (file missing) S3 Fax - c:\windows\system32\fxssvc.exe (file missing) S3 KeyIso (CNG Key Isolation) - c:\windows\system32\lsass.exe (file missing) S3 MSDTC (Distributed Transaction Coordinator) - c:\windows\system32\msdtc.exe (file missing) S3 NBService - c:\program files (x86)\nero\nero 7\nero backitup\nbservice.exe S3 Netlogon - c:\windows\system32\lsass.exe (file missing) S3 RpcLocator (Remote Procedure Call (RPC) Locator) - c:\windows\system32\locator.exe (file missing) S3 SNMPTRAP (SNMP Trap) - c:\windows\system32\snmptrap.exe (file missing) S3 SolidWorks Licensing Service - "c:\program files (x86)\common files\solidworks shared\service\solidworkslicensing.exe" S3 UI0Detect (Interactive Services Detection) - c:\windows\system32\ui0detect.exe (file missing) S3 vds (Virtual Disk) - c:\windows\system32\vds.exe (file missing) S3 VSS (Volume Shadow Copy) - c:\windows\system32\vssvc.exe (file missing) S3 wbengine (Block Level Backup Engine Service) - "c:\windows\system32\wbengine.exe" (file missing) S3 wmiApSrv (WMI Performance Adapter) - c:\windows\system32\wbem\wmiapsrv.exe (file missing) -- Device Manager: Disabled ---------------------------------------------------- Class GUID: Description: Camera Device ID: USB\VID_046D&PID_092B\5&C3E0C06&0&1 Manufacturer: Name: Camera PNP Device ID: USB\VID_046D&PID_092B\5&C3E0C06&0&1 Service: -- Scheduled Tasks ------------------------------------------------------------- 2008-07-25 13:40:04 446 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{34CDC99C-4BC5-4870-A0F8-8F7DA7F22A9F}.job -- Files created between 2008-06-25 and 2008-07-25 ----------------------------- 2008-07-23 16:18:48 0 d-------- C:\Program Files (x86)\DWGeditor 2008-07-23 16:17:10 0 d-------- C:\Program Files (x86)\SolidWorks Installation Manager 2008-07-23 15:23:02 0 d-------- C:\Program Files (x86)\Common Files\eDrawings2007 2008-07-23 15:18:53 0 d-------- C:\Program Files (x86)\Common Files\SolidWorks Shared 2008-07-23 15:18:33 0 d-------- C:\Program Files (x86)\SolidWorks 2008-07-23 15:18:33 0 d-------- C:\Program Files (x86)\Common Files\Solidworks Data 2008-07-22 21:37:27 0 d-------- C:\Users\Justin Kahl\.housecall6.6 2008-07-22 13:30:12 0 d-------- C:\Windows\Sun 2008-07-22 05:44:52 0 d-------- C:\Program Files (x86)\Trend Micro 2008-07-22 05:41:36 0 dr------- C:\Users\Justin Kahl\Searches 2008-07-08 13:35:01 0 d--h----- C:\$AVG8.VAULT$ 2008-07-05 18:18:14 0 d-------- C:\Program Files (x86)\AVG 2008-07-05 18:18:13 0 d-------- C:\Users\All Users\avg8 2008-07-04 17:44:45 0 d-------- C:\Users\All Users\LogiShrd -- Find3M Report --------------------------------------------------------------- 2008-07-25 22:09:37 3141 --a------ C:\Windows\bthservsdp.dat 2008-07-25 14:02:16 0 d-------- C:\Program Files (x86)\CyberLink 2008-07-23 22:42:42 0 d-------- C:\Users\Justin Kahl\AppData\Roaming\SolidWorks 2008-07-23 17:11:41 0 d-------- C:\Users\Justin Kahl\AppData\Roaming\SolidWorksNewsReader 2008-07-23 16:29:36 0 d-------- C:\Users\Justin Kahl\AppData\Roaming\sldIM 2008-07-23 16:21:42 0 d-------- C:\Program Files (x86)\Common Files\InstallShield 2008-07-23 16:19:39 0 d-------- C:\Users\Justin Kahl\AppData\Roaming\DWGeditor 2008-07-23 15:23:02 0 d-------- C:\Program Files (x86)\Common Files 2008-07-22 21:31:20 0 d-------- C:\Program Files (x86)\Java 2008-07-22 17:23:08 0 d-------- C:\Program Files (x86)\Winamp 2008-07-22 06:11:27 0 d-------- C:\Program Files (x86)\QuickTime 2008-07-21 14:07:51 0 d-------- C:\Program Files (x86)\FLAC 2008-07-09 12:39:20 174 --ahs---- C:\Program Files (x86)\desktop.ini 2008-07-09 12:02:00 0 d-------- C:\Program Files (x86)\Windows Mail 2008-07-04 17:43:30 0 d-------- C:\Program Files (x86)\Winamp Remote 2008-07-04 00:55:20 0 d--h----- C:\Program Files (x86)\InstallShield Installation Information 2008-06-27 09:02:09 0 d-------- C:\Users\Justin Kahl\AppData\Roaming\U3 2008-06-10 13:23:20 0 d-------- C:\Users\Justin Kahl\AppData\Roaming\Winamp 2008-06-02 17:44:51 0 d-------- C:\Program Files (x86)\AudioConverter Studio 2008-06-01 22:55:05 0 d-------- C:\Program Files (x86)\PowerISO 2008-05-12 20:16:37 2543 --a------ C:\Windows\unins000.dat 2008-05-12 20:15:40 691545 --a------ C:\Windows\unins000.exe 2008-05-09 02:04:36 26311 --a------ C:\Users\Justin Kahl\AppData\Roaming\UserTile.png 2008-05-09 01:48:06 155648 --a------ C:\Windows\system32\WMIMPLEX.dll 2008-05-09 01:48:06 36864 --a------ C:\Windows\system32\maplec.dll -- Registry Dump --------------------------------------------------------------- -- Hosts ----------------------------------------------------------------------- 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.1001-search.info 127.0.0.1 1001-search.info 127.0.0.1 www.100888290cs.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100sexlinks.com 8733 more entries in hosts file. -- End of Deckard's System Scanner: finished at 2008-07-25 22:32:26 ------------