Thread: System Doctor 2006
View Single Post
Old 04-21-2007, 10:07 PM   #4 (permalink)
Tayrsdad
Registered User
 
Join Date: Apr 2007
Posts: 20
OS: XP


Re: System Doctor 2006
System Scanner Log:

Deckard's System Scanner v20070411.38
Run by Todd on 2007-04-21 at 21:47:09
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 3 Restore Point(s) --
3: 2007-04-22 03:47:14 UTC - RP3 - Deckard's System Scanner Restore Point
2: 2007-04-21 17:58:26 UTC - RP2 - System Checkpoint
1: 2007-04-19 00:54:50 UTC - RP1 - System Checkpoint


Backed up registry hives.

Performed disk cleanup.


-- HijackThis (run as Todd.exe) ------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 9:48:40 PM, on 4/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\WINDOWS\system32\lexpps.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Documents and Settings\Todd\Desktop\dss.exe
C:\PROGRA~1\HIJACK~1\Todd.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us.mcafee.com/root/landingpag...stempopup=true (obfuscated)
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {D34F5D71-99E4-4D96-91CA-F4104F69B8AE} - C:\Program Files\Video AX Object\bpvol.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: Big Shot Roulette TM by pogo - http://game1.pogo.com/applet-6.9.1.3...ette-en_US.cab
O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.9.4.4...jack-en_US.cab
O16 - DPF: Blackjack Carnival by pogo - http://game1.pogo.com/applet-6.8.4.5...ack2-en_US.cab
O16 - DPF: Blooop by pogo - http://game1.pogo.com/applet-6.9.4.4...cade-en_US.cab
O16 - DPF: ConferenceRoom Java Client - http://chat.strictlyhosting.com:8080/java/cr.cab
O16 - DPF: Euchre by pogo - http://game1.pogo.com/applet-6.9.1.3...chre-en_US.cab
O16 - DPF: Hangman Hijinks by pogo - http://game1.pogo.com/applet-6.9.2.2...gman-en_US.cab
O16 - DPF: High Stakes Poker by pogo - http://game1.pogo.com/applet-6.9.1.3...oker-en_US.cab
O16 - DPF: Hog Heaven Slots by pogo - http://game1.pogo.com/applet-6.9.2.2...ancy-en_US.cab
O16 - DPF: Lost Temple Poker by pogo - http://game1.pogo.com/applet-6.9.2.3...oker-en_US.cab
O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-8.0.0.2...ong2-en_US.cab
O16 - DPF: Makeover Madness by pogo - http://game1.pogo.com/applet-6.9.3.4...hoes-en_US.cab
O16 - DPF: Payday Freecell Solitaire by pogo - http://game1.pogo.com/applet-6.9.4.4...ell2-en_US.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://game1.pogo.com/applet-6.9.2.2...heel-en_US.cab
O16 - DPF: Shuffle Bump by pogo - http://game1.pogo.com/applet-6.9.2.4...puck-en_US.cab
O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.8.4.5...hies-en_US.cab
O16 - DPF: Tumble Bees by pogo - http://game1.pogo.com/applet-6.9.4.4...bee2-en_US.cab
O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.9.3.2...lass-en_US.cab
O16 - DPF: {1C78AB3F-A857-482E-80C0-3A1E5238A565} - file://C:\install.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/...6/mcinsctl.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe


-- HijackThis Fixed Entries (C:\PROGRA~1\HIJACK~1\backups\) --------------------

backup-20070421-110158-608 O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.downloadcontrol.com/files...reeInstall.cab

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 agp440 (Intel AGP Bus Filter) - c:\windows\\systemroot\system32\drivers\agp440.sys (file missing)
R1 Cdr4_xp - c:\windows\system32\drivers\cdr4_xp.sys
R1 Cdralw2k - c:\windows\system32\drivers\cdralw2k.sys
R1 cdudf_xp - c:\windows\system32\drivers\cdudf_xp.sys
R1 MPFP - c:\windows\system32\drivers\mpfp.sys
R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys
R1 pwd_2k - c:\windows\system32\drivers\pwd_2k.sys
R1 UdfReadr_xp - c:\windows\system32\drivers\udfreadr_xp.sys
R2 dsunidrv (DellSupport UniDriver) - c:\windows\system32\drivers\dsunidrv.sys
R2 mdmxsdk - c:\windows\system32\drivers\mdmxsdk.sys
R2 PfModNT - c:\windows\system32\pfmodnt.sys
R3 aeaudio - c:\windows\system32\drivers\aeaudio.sys
R3 HSF_DP - c:\windows\system32\drivers\hsf_dp.sys
R3 HSFHWBS2 - c:\windows\system32\drivers\hsfhwbs2.sys
R3 mmc_2K - c:\windows\system32\drivers\mmc_2k.sys
R3 MODEMCSA (Unimodem Streaming Filter Device) - c:\windows\system32\drivers\modemcsa.sys
R3 P16X (Creative SB Live! Series (WDM)) - c:\windows\system32\drivers\p16x.sys
R3 smwdm - c:\windows\system32\drivers\smwdm.sys
R3 winachsf - c:\windows\system32\drivers\hsf_cnxt.sys

S3 DSproct - c:\program files\dellsupport\gtaction\triggers\dsproct.sys
S3 dvd_2K - c:\windows\system32\drivers\dvd_2k.sys
S3 EL90XBC (3Com EtherLink XL 90XB/C Adapter Driver) - c:\windows\system32\drivers\el90xbc5.sys
S3 i81x - c:\windows\system32\drivers\i81xnt5.sys
S3 iAimFP0 - c:\windows\system32\drivers\wadv01nt.sys
S3 iAimFP1 - c:\windows\system32\drivers\wadv02nt.sys
S3 iAimFP2 - c:\windows\system32\drivers\wadv05nt.sys
S3 iAimFP3 - c:\windows\system32\drivers\wsiintxx.sys
S3 iAimFP4 - c:\windows\system32\drivers\wvchntxx.sys
S3 iAimTV0 - c:\windows\system32\drivers\watv01nt.sys
S3 iAimTV1 - c:\windows\system32\drivers\watv02nt.sys
S3 iAimTV2 - c:\windows\system32\drivers\watv03nt.sys (file missing)
S3 iAimTV3 - c:\windows\system32\drivers\watv04nt.sys
S3 iAimTV4 - c:\windows\system32\drivers\wch7xxnt.sys
S4 cbidf - c:\windows\system32\drivers\cbidf2k.sys
S4 dac2w2k - c:\windows\system32\drivers\dac2w2k.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S3 DSBrokerService - "c:\program files\dellsupport\brkrsvc.exe"


-- Scheduled Tasks -------------------------------------------------------------

2007-03-30 23:46:04 280 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job<APPLES~1.JOB>
2007-02-14 16:54:03 348 --a------ C:\WINDOWS\Tasks\McDefragTask.job<MCDEFR~1.JOB>


-- Files created between 2007-03-21 and 2007-04-21 -----------------------------

2007-04-21 10:53:12 79360 --a------ C:\WINDOWS\system32\swxcacls.exe
2007-04-21 10:53:12 40960 --a------ C:\WINDOWS\system32\swsc.exe
2007-04-21 10:53:12 135168 --a------ C:\WINDOWS\system32\swreg.exe
2007-04-21 10:53:12 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-04-21 10:53:12 53248 --a------ C:\WINDOWS\system32\Process.exe
2007-04-21 10:53:12 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-04-21 01:51:03 0 d-------- C:\hijackthis<HIJACK~1>
2007-04-18 17:31:31 1688 --a------ C:\WINDOWS\system32\tmp.reg
2007-04-18 17:31:28 0 d--h----- C:\WINDOWS\PIF
2007-04-18 01:20:13 0 d-------- C:\Documents and Settings\Administrator\Application Data\Lavasoft
2007-04-18 01:19:20 1048576 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-04-17 20:59:24 0 d-------- C:\Program Files\Video AX Object<VIDEOA~1>
2007-04-10 10:10:15 0 d-------- C:\Program Files\DellSupport<DELLSU~1>


-- Find3M Report ---------------------------------------------------------------

2007-04-11 0914 7680 --a-s---- C:\WINDOWS\system32\yuspej.dll
2007-04-10 10:10:42 0 d--h----- C:\Documents and Settings\Todd\Application Data\Gtek
2007-04-03 20:22:27 0 d-------- C:\Documents and Settings\Todd\Application Data\IGN_DLM
2007-03-24 15:27:02 21840 --a----ct C:\WINDOWS\system32\SIntfNT.dll
2007-03-24 15:27:02 17212 --a----ct C:\WINDOWS\system32\SIntf32.dll
2007-03-24 15:27:01 12067 --a----ct C:\WINDOWS\system32\SIntf16.dll
2007-03-22 21:24:13 0 d-------- C:\Program Files\McAfee
2007-03-21 22:39:21 0 d-------- C:\Program Files\Apple Software Update<APPLES~1>
2007-03-21 21:39:59 0 d-------- C:\Program Files\Winamp
2007-03-19 20:40:39 0 d-------- C:\Program Files\iTunes
2007-03-19 20:40:32 0 d-------- C:\Program Files\iPod
2007-03-19 17:10:08 0 d-------- C:\Program Files\Webshots
2007-03-17 07:43:01 292864 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-15 12:23:16 497496 --a------ C:\WINDOWS\system32\XceedZip.dll
2007-03-15 12:19:58 526184 --a------ C:\WINDOWS\system32\XceedCry.dll
2007-03-08 21:56:33 0 d-------- C:\Program Files\QuickTime<QUICKT~1>
2007-03-08 09:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 09:36:28 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 09:36:28 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 07:47:48 1843584 --a------ C:\WINDOWS\system32\win32k.sys
2007-02-05 14:17:02 185344 --a------ C:\WINDOWS\system32\upnphost.dll


-- Registry Dump ---------------------------------------------------------------


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Logitech Utility"="Logi_MwX.Exe"
"Lexmark X1100 Series"="\"C:\\Program Files\\Lexmark X1100 Series\\lxbkbmgr.exe\""
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~2.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader Speed Launch"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ATI CATALYST System Tray.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\ATI CATALYST System Tray.lnk"
"backup"="C:\\WINDOWS\\pss\\ATI CATALYST System Tray.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\ATITEC~1\\ATI.ACE\\CLI.exe SystemTray"
"item"="ATI CATALYST System Tray"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Digital Line Detect.lnk"
"backup"="C:\\WINDOWS\\pss\\Digital Line Detect.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\DIGITA~1\\DLG.exe "
"item"="Digital Line Detect"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Event Planner Reminders Tray Icon.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Event Planner Reminders Tray Icon.lnk"
"backup"="C:\\WINDOWS\\pss\\Event Planner Reminders Tray Icon.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Sierra\\Planner\\Plnrnote.exe "
"item"="Event Planner Reminders Tray Icon"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Kodak EasyShare software.lnk"
"backup"="C:\\WINDOWS\\pss\\Kodak EasyShare software.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Kodak\\KODAKE~1\\bin\\EASYSH~1.EXE -hx"
"item"="Kodak EasyShare software"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MiniMavis.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\MiniMavis.lnk"
"backup"="C:\\WINDOWS\\pss\\MiniMavis.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\BRODER~1\\MAVISB~1\\MINIMA~1.EXE Main"
"item"="MiniMavis"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DirectCD"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Roxio\\Easy CD Creator 5\\DirectCD\\DirectCD.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CLIStart"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="atiptaxx"
"hkey"="HKLM"
"command"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\diagent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="diagent"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Creative\\SBLive\\Diagnostics\\diagent.exe\" startup"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WkUFind"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Microsoft Shared\\Works Shared\\WkUFind.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mnyexpr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Microsoft Money\\System\\mnyexpr.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsgCenterExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RealOneMessageCenter"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\RealOneMessageCenter.exe\" -osboot"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="C:\\Program Files\\Java\\jre1.5.0_03\\bin\\jusched.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeUpdateManager"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_8 -reboot 1"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPodService"=dword:00000003
"Ati HotKey Poller"=dword:00000002
"KodakCCS"=dword:00000003
"ATI Smart"=dword:00000002
"iPod Service"=dword:00000003
"WMPNetworkSvc"=dword:00000003


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{3baa1ad8-ee49-4772-bf0b-f55083e0f7aa}"="ephemeran"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
@=""
"NoCDBurning"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"SpecifyDefaultButtons"=dword:00000000
"Btn_Search"=dword:00000000
"NoBandCustomize"=dword:00000000
"NoToolbarCustomize"=dword:00000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\MCODS

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0



-- End of Deckard's System Scanner: finished at 2007-04-21 at 21:49:07 ---------
Attached Files
File Type: txt extra.txt (17.7 KB, 1 views)
Tayrsdad is offline