Deckard's System Scanner v20071014.68
Run by Jamie on 2008-06-17 07:06:35
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
66: 2008-06-17 14:06:43 UTC - RP241 - Deckard's System Scanner Restore Point
65: 2008-06-17 10:00:27 UTC - RP240 - Software Distribution Service 3.0
64: 2008-06-17 07:27:52 UTC - RP239 - ComboFix created restore point
63: 2008-06-17 06:51:36 UTC - RP238 - ComboFix created restore point
62: 2008-06-16 10:00:36 UTC - RP237 - Software Distribution Service 3.0
-- First Restore Point --
1: 2008-04-10 00:31:51 UTC - RP176 - Software Distribution Service 3.0
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 503 MiB (512 MiB recommended).
-- HijackThis (run as Jamie.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:07:56 AM, on 6/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\InterMute\SpySubtract\SpySub.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Documents and Settings\Jamie\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Jamie.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\NppBho.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\UIBHO.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {156BF4B7-AE3A-4365-BD88-95A75AF8F09D} (HPSDDX Class) -
http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
--
End of file - 11261 bytes
-- File Associations -----------------------------------------------------------
.js - JSFile - DefaultIcon - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe",2
.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
S3 catchme - c:\docume~1\jamie\locals~1\temp\catchme.sys (file missing)
S3 RimUsb (BlackBerry Device) - c:\windows\system32\drivers\rimusb.sys (file missing)
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 VzFw (VAIO Entertainment File Import Service) - c:\program files\common files\sony shared\vaio entertainment platform\vzcdb\vzfw.exe
R3 Vcsw (VAIO Entertainment UPnP Client Adapter) - c:\program files\common files\sony shared\vaio entertainment platform\vcsw\vcsw.exe -runbyscm
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-06-14 16:38:13 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2005-09-12 18:17:36 258 --a------ C:\WINDOWS\Tasks\Registration reminder 1.job
-- Files created between 2008-05-17 and 2008-06-17 -----------------------------
2008-06-17 01:11:47 0 d-------- C:\Documents and Settings\Jamie\Application Data\Malwarebytes
2008-06-17 01:11:45 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-17 01:11:45 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-17 00:32:22 166 --a------ C:\Start_.cmd
2008-06-16 23:51:11 68096 --a------ C:\WINDOWS\zip.exe
2008-06-16 23:51:11 49152 --a------ C:\WINDOWS\VFind.exe
2008-06-16 23:51:11 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-06-16 23:51:11 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-06-16 23:51:11 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-06-16 23:51:11 98816 --a------ C:\WINDOWS\sed.exe
2008-06-16 23:51:11 80412 --a------ C:\WINDOWS\grep.exe
2008-06-16 23:51:11 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-06-16 22:46:42 0 d-------- C:\WINDOWS\ERUNT
2008-06-16 22:45:31 0 dr------- C:\Documents and Settings\Administrator\Favorites
2008-06-16 22:45:31 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-06-16 22:45:31 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-06-16 22:45:31 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-06-16 22:45:31 0 d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2008-06-16 22:45:31 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sony Corporation
2008-06-16 22:45:31 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-06-16 22:45:31 0 d-------- C:\Documents and Settings\Administrator\Application Data\Intuit
2008-06-16 22:45:31 0 d-------- C:\Documents and Settings\Administrator\Application Data\InterMute
2008-06-16 22:45:31 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-06-16 22:45:31 0 d-------- C:\Documents and Settings\Administrator\Application Data\Apple Computer
2008-06-16 22:45:31 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-06-16 22:45:30 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-06-16 22:45:30 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-06-16 22:45:30 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-06-16 22:45:30 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-06-16 22:45:30 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-06-16 22:45:30 1048576 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-06-16 22:45:30 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-06-16 22:45:30 0 dr------- C:\Documents and Settings\Administrator\My Documents
2008-06-16 22:45:30 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-06-16 22:15:45 0 d-------- C:\Program Files\Trend Micro
2008-06-15 19:48:49 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-15 19:45:26 1693 --a------ C:\WINDOWS\system32\clbinit.dll
2008-06-15 16:24:56 0 d--h----- C:\$AVG8.VAULT$
2008-06-15 16:21:40 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-06-15 16:21:02 0 d-------- C:\Program Files\AVG
2008-06-15 16:21:00 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-06-15 12:33:32 0 d--hs---- C:\WINDOWS\ftpcache
2008-06-15 12:25:09 0 d-------- C:\WINDOWS\system32\netrax06
2008-06-15 10:08:11 0 d-------- C:\Documents and Settings\Jamie\Application Data\InterVideo
2008-06-15 08:22:19 0 d-------- C:\Documents and Settings\Jamie\Application Data\vlc
2008-06-15 08:19:51 0 d-------- C:\Program Files\VideoLAN
-- Find3M Report ---------------------------------------------------------------
2008-06-17 07:08:22 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-06-15 19:41:35 0 d-------- C:\Documents and Settings\Jamie\Application Data\Azureus
2008-06-15 17:45:05 0 d-------- C:\Program Files\altpayV2
2008-06-15 17:01:07 0 d-------- C:\Program Files\MediaPipe
2008-06-15 12:24:15 0 d-------- C:\Program Files\Common Files
2008-06-14 16:42:58 0 d-------- C:\Program Files\Azureus
2008-06-14 14:54:25 0 d-------- C:\Documents and Settings\Jamie\Application Data\Adobe
2008-06-14 14:29:23 0 d-------- C:\Documents and Settings\Jamie\Application Data\Image Zone Express
2008-06-14 13:57:13 0 d-------- C:\Documents and Settings\Jamie\Application Data\Sony Corporation
2008-05-30 17:02:17 0 d-------- C:\Program Files\Symantec
2008-04-27 08:49:44 0 d-------- C:\Program Files\Norton 360
2008-04-18 19:24:01 0 d-------- C:\Documents and Settings\Jamie\Application Data\Symantec
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [06/29/2004 07:06 AM C:\WINDOWS\AGRSMMSG.exe]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [09/09/2004 10:10 PM]
"High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe" [08/12/2004 06:45 PM C:\WINDOWS\system32\Hdaudpropshortcut.exe]
"VAIO Recovery"="C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe" []
"SoundMan"="SOUNDMAN.EXE" [11/02/2004 03:53 PM C:\WINDOWS\SOUNDMAN.EXE]
"AlcWzrd"="ALCWZRD.EXE" [11/29/2004 03:00 PM C:\WINDOWS\ALCWZRD.EXE]
"Alcmtr"="ALCMTR.EXE" [10/13/2004 05:00 PM C:\WINDOWS\ALCMTR.EXE]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [02/08/2005 11:36 AM]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [02/08/2005 11:32 AM]
"VZRemoteCommander"="C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe" [01/31/2005 11:10 AM]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe" [12/14/2004 09:07 AM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [09/13/2004 12:49 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [10/25/2006 04:58 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [10/30/2006 07:36 AM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [07/17/2007 06:54 PM]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [01/29/2008 05:38 PM]
"webHancer Agent"="C:\Program Files\webHancer\Programs\whagent.exe" []
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [06/15/2008 04:21 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 09:24 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 05:00 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [11/4/2004 4:28:24 PM]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [11/4/2004 4:50:52 PM]
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [12/17/2002 6:23:32 PM]
SpySubtract.lnk - C:\Program Files\InterMute\SpySubtract\SpySub.exe [3/7/2005 5:47:53 PM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"disableregistrytools"=0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\clbdriver.sys]
@="driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk
backup=C:\WINDOWS\pss\America Online 9.0 Tray Icon.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreateCD_Reminder]
C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Update 2]
"C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
*Newly Created Service* - COMHOST
-- End of Deckard's System Scanner: finished at 2008-06-17 07:09:30 ------------