Thread: My DSS log
View Single Post
Old 04-22-2007, 10:07 PM   #2 (permalink)
The Arto
Registered User
 
The Arto's Avatar
 
Join Date: Apr 2007
Posts: 29
OS: xp


My DSS log
Hey guys...I completed all of the 5 steps. My problem exist with endless pop-ups and outer info and my computer running incredibly slow. Like I said, I've done the 5 steps before posting this and hope you can help finish fixing this. During the Panda/Activescan it found and disinfected 3 viruses: Virus:Trj/Downloader.NYN, Virus:Trj/Cimuz.EN, and Virus:Trj/Kazlite.A. I hope this is enough info to help you help me. THank you in advance...your help is much appreciated becuase I don't want to get a new comp over this.

Branden

here is the contents of the main.txt from my DSS scan:

Deckard's System Scanner v20070411.38
Run by Owner on 2007-04-22 at 22:50:29
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
70: 2007-04-23 03:50:35 UTC - RP1043 - Deckard's System Scanner Restore Point
69: 2007-04-23 03:47:25 UTC - RP1042 - Software Distribution Service 2.0
68: 2007-04-23 00:58:30 UTC - RP1041 - Installed Ad-Aware SE Personal
67: 2007-04-22 02:17:47 UTC - RP1040 - Removed pressplay
66: 2007-04-21 13:40:34 UTC - RP1039 - System Checkpoint


-- First Restore Point --
1: 2007-01-23 23:33:19 UTC - RP974 - System Checkpoint


Backed up registry hives.

Performed disk cleanup.


-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 10:53:04 PM, on 4/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\SK9910DM.EXE
C:\WINNT\GWMDMMSG.exe
C:\WINNT\System32\hkcmd.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\PopUp Killer\PopUpKiller.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\WINNT\updater.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINNT\DOBE~1\dvdplay.exe
C:\WINNT\?ystem\n?pdb.exe
C:\Program Files\Ipwindows\ipwins.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\wscntfy.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINNT\system32\wuauclt.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\PROGRA~1\HIJACK~1\Owner.exe
C:\Program Files\Messenger\msmsgs.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.net
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {1557B435-8242-4686-9AA3-9265BF7525A4} - C:\WINNT\system32\uirlrffw.dll
O2 - BHO: (no name) - {3F9D0C61-737D-44D1-BD80-91AF857061CC} - C:\WINNT\system32\cbxyaab.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {659CF94F-108F-6425-F24F-1AE33AE4FE9C} - C:\WINNT\system32\aochsz.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7786EF98-6143-4274-97D8-D8AA4059DA46} - C:\WINNT\system32\vtsqr.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {CC46F77B-FD92-46AC-ADDF-8B4CE70E0EE7} - C:\WINNT\system32\vklnwaim.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Hot Key Kbd 9910 Daemon] SK9910DM.EXE
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [Keyboard Preload Check] C:\OEMDRVRS\KEYB\Preload.exe /DEVID: /CLASS:Keyboard /RunValue:"Keyboard Preload Check"
O4 - HKLM\..\Run: [GWMDMpi] C:\WINNT\GWMDMpi.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [PopUpKiller] C:\Program Files\PopUp Killer\PopUpKiller.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [xloadnet] "C:\Program Files\xloadnet\xloadnet.exe"
O4 - HKLM\..\Run: [runner1] C:\WINNT\updater.exe 61A847B5BBF72810329B385473F001F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Ltho] "C:\WINNT\DOBE~1\dvdplay.exe" -vt yazb
O4 - HKCU\..\Run: [Pqdmwmrx] C:\WINNT\?ystem\n?pdb.exe
O4 - HKCU\..\Run: [IpWins] C:\Program Files\Ipwindows\ipwins.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.sxload.net (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O20 - Winlogon Notify: cbxyaab - C:\WINNT\SYSTEM32\cbxyaab.dll
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: vtsqr - C:\WINNT\system32\vtsqr.dll
O20 - Winlogon Notify: WgaLogon - C:\WINNT\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINNT\system32\WPDShServiceObj.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe


-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 Cdr4_xp - c:\winnt\system32\drivers\cdr4_xp.sys
R1 Cdralw2k - c:\winnt\system32\drivers\cdralw2k.sys
R1 cdudf_xp - c:\winnt\system32\drivers\cdudf_xp.sys
R1 pwd_2k - c:\winnt\system32\drivers\pwd_2k.sys
R1 Sk9920nt (PS/2 Keyboard Filter Driver for NT 4.0) - c:\winnt\system32\drivers\sk9920nt.sys
R1 UdfReadr_xp - c:\winnt\system32\drivers\udfreadr_xp.sys
R2 ASCTRM - c:\winnt\system32\drivers\asctrm.sys
R3 aeaudio - c:\winnt\system32\drivers\aeaudio.sys
R3 GTWModem (GTW V.92 Voicemodem) - c:\winnt\system32\drivers\gwmdm.sys
R3 ialm - c:\winnt\system32\drivers\ialmnt5.sys
R3 mmc_2K - c:\winnt\system32\drivers\mmc_2k.sys
R3 MODEMCSA (Unimodem Streaming Filter Device) - c:\winnt\system32\drivers\modemcsa.sys
R3 Sk99202k (PS/2 Keyboard Filter Driver for Win2000) - c:\winnt\system32\drivers\sk99202k.sys
R3 smwdm - c:\winnt\system32\drivers\smwdm.sys

S3 ac97intc (Intel(r) 82801 Audio Driver Install Service (WDM)) - c:\winnt\system32\drivers\ac97intc.sys
S3 BCMModem (BCM V.90 56K Modem) - c:\winnt\system32\drivers\bcmdm.sys
S3 dvd_2K - c:\winnt\system32\drivers\dvd_2k.sys
S3 PCDRDRV (Pcdr Helper Driver) - c:\atf\qctest\pcdoc\pcdrdrv.sys (file missing)
S3 WpdUsb - c:\winnt\system32\drivers\wpdusb.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S2 spupdsvc (Windows Service Pack Installer update service) - c:\winnt\system32\spupdsvc.exe


-- Scheduled Tasks -------------------------------------------------------------

2007-04-22 22:53:00 364 --a------ C:\WINNT\Tasks\Symantec NetDetect.job<SYMANT~1.JOB>
2007-04-20 20:00:00 464 --a------ C:\WINNT\Tasks\Norton AntiVirus - Scan my computer.job<NORTON~1.JOB>
2007-04-16 2100 284 --a------ C:\WINNT\Tasks\AppleSoftwareUpdate.job<APPLES~1.JOB>


-- Files created between 2007-03-22 and 2007-04-22 -----------------------------

2007-04-22 22:26:58 21312 --a------ C:\WINNT\choice.exe
2007-04-22 22:26:29 0 d-------- C:\ie-spyad
2007-04-22 22:21:10 0 d-------- C:\Program Files\SpywareGuard<SPYWAR~2>
2007-04-22 22:13:06 0 d-------- C:\Program Files\SpywareBlaster<SPYWAR~1>
2007-04-22 20:44:36 0 d-------- C:\WINNT\system32\ActiveScan<ACTIVE~1>
2007-04-22 20:44:24 0 d-------- C:\WINNT\LastGood
2007-04-22 19:59:29 0 d-------- C:\Documents and Settings\Owner\Application Data\Lavasoft
2007-04-22 19:58:41 0 d-------- C:\Program Files\Lavasoft
2007-04-22 19:57:25 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard<WISEIN~1>
2007-04-22 19:16:01 123972 --a------ C:\WINNT\system32\wieyuvyi.dll
2007-04-22 18:50:25 0 d-------- C:\Program Files\Outerinfo<OUTERI~1>
2007-04-22 18:50:15 60928 --a------ C:\WINNT\system32\aochsz.dll
2007-04-22 09:02:41 0 d-------- C:\Program Files\Ipwindows<IPWIND~1>
2007-04-21 19:14:50 123972 --a------ C:\WINNT\system32\lcvijrkg.dll
2007-04-21 10:17:41 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-04-21 04:32:34 44544 -ra------ C:\WINNT\updater.exe
2007-04-20 19:14:33 123972 --a------ C:\WINNT\system32\hckbniif.dll
2007-04-20 19:14:30 1386433 ---hs---- C:\WINNT\system32\rqstv.bak2<RQSTV~2.BAK>
2007-04-20 07:11:38 76412 --a------ C:\WINNT\system32\gmnsnyov.dll
2007-04-20 07:11:33 49204 --a------ C:\WINNT\system32\uirlrffw.dll
2007-04-20 07:11:28 125460 --a------ C:\WINNT\system32\vklnwaim.dll
2007-04-20 07:11:10 123972 --a------ C:\WINNT\system32\vfntubfv.dll
2007-04-20 07:10:23 1373003 ---hs---- C:\WINNT\system32\rqstv.bak1<RQSTV~1.BAK>
2007-04-20 07:08:47 281172 ---hs---- C:\WINNT\system32\vtsqr.dll
2007-04-20 07:03:40 0 d-------- C:\Program Files\InetGet2
2007-04-20 07:01:12 2 --a------ C:\WINNT\system32\wnsapiicomsv32.exe<WNSAPI~1.EXE>
2007-04-20 07:00:31 40183 ---hs---- C:\Program Files\Common Files\Yazzle1281OinUninstaller.exe<YAZZLE~2.EXE>
2007-04-20 07:00:25 0 d-------- C:\WINNT\?dobe
2007-04-20 07:00:07 26694 --a------ C:\WINNT\system32\cbxyaab.dll
2007-04-20 06:55:58 32768 --a------ C:\WINNT\system32\a.exe
2007-04-02 14:10:40 146432 ---hs---- C:\Program Files\Common Files\Yazzle1281OinAdmin.exe<YAZZLE~1.EXE>


-- Find3M Report ---------------------------------------------------------------

2007-04-22 21:39:04 0 d-------- C:\Program Files\Winamp
2007-04-22 21:35:35 0 d-------- C:\Program Files\QuickTime<QUICKT~1>
2007-04-22 21:32:32 0 d-------- C:\Program Files\PopUp Killer<POPUPK~1>
2007-04-22 21:29:45 0 d-------- C:\Program Files\Norton AntiVirus<NORTON~1>
2007-04-22 21:27:20 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-04-22 21:19:26 0 d-------- C:\Program Files\Google
2007-04-22 21:18:43 0 d-------- C:\Program Files\Dell AIO Printer A920<DELLAI~1>
2007-04-22 21:17:58 0 d-------- C:\Program Files\Common Files\Symantec Shared<SYMANT~1>
2007-04-22 19:19:42 0 d-------- C:\Program Files\WildTangent<WILDTA~1>
2007-04-22 19:15:02 0 d-------- C:\Program Files\Viewpoint<VIEWPO~1>
2007-04-21 21:18:01 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-04-19 12:24:16 0 d-------- C:\Program Files\Gerge
2007-04-17 12:53:05 0 d-------- C:\Program Files\Java
2007-04-14 15:10:19 0 d-------- C:\Documents and Settings\Owner\Application Data\U3
2007-04-13 11:00:50 0 d---s---- C:\Documents and Settings\Owner\Application Data\Microsoft<MICROS~1>
2007-03-28 17:32:38 0 d-------- C:\Program Files\Full Tilt Poker.Net<FULLTI~1.NET>
2007-03-24 20:28:34 0 d-------- C:\Program Files\PartyGaming<PARTYG~1>
2007-03-17 08:43:01 292864 --a------ C:\WINNT\system32\winsrv.dll
2007-03-15 09:08:13 101438 --a------ C:\WINNT\b122.exe
2007-03-08 10:36:28 577536 --a------ C:\WINNT\system32\user32.dll
2007-03-08 10:36:28 40960 --a------ C:\WINNT\system32\mf3216.dll
2007-03-08 10:36:28 281600 --a------ C:\WINNT\system32\gdi32.dll
2007-03-08 08:47:48 1843584 --a------ C:\WINNT\system32\win32k.sys
2007-02-05 15:17:02 185344 --a------ C:\WINNT\system32\upnphost.dll


-- Registry Dump ---------------------------------------------------------------


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"
"Ltho"="\"C:\\WINNT\\DOBE~1\\dvdplay.exe\" -vt yazb"
"Pqdmwmrx"="C:\\WINNT\\?ystem\\n?pdb.exe"
"IpWins"="C:\\Program Files\\Ipwindows\\ipwins.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Hot Key Kbd 9910 Daemon"="SK9910DM.EXE"
"GWMDMMSG"="GWMDMMSG.exe"
"IgfxTray"="C:\\WINNT\\System32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINNT\\System32\\hkcmd.exe"
"Keyboard Preload Check"="C:\\OEMDRVRS\\KEYB\\Preload.exe /DEVID: /CLASS:Keyboard /RunValue:\"Keyboard Preload Check\""
"GWMDMpi"="C:\\WINNT\\GWMDMpi.exe"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"ccRegVfy"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccRegVfy.exe\""
"Microsoft Works Portfolio"="C:\\Program Files\\Microsoft Works\\WksSb.exe /AllUsers"
"PopUpKiller"="C:\\Program Files\\PopUp Killer\\PopUpKiller.EXE"
"Microsoft Works Update Detection"="C:\\Program Files\\Common Files\\Microsoft Shared\\Works Shared\\WkUFind.exe"
"WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""
"Dell AIO Printer A920"="\"C:\\Program Files\\Dell AIO Printer A920\\dlbkbmgr.exe\""
"xloadnet"="\"C:\\Program Files\\xloadnet\\xloadnet.exe\""
"runner1"="C:\\WINNT\\updater.exe 61A847B5BBF72810329B385473F001F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\InterVideo WinCinema Manager.lnk"
"backup"="C:\\WINNT\\pss\\InterVideo WinCinema Manager.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\DVD\\Common\\Bin\\WINCIN~1.EXE "
"item"="InterVideo WinCinema Manager"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DirectCD"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Roxio\\Easy CD Creator 5\\DirectCD\\DirectCD.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="aim"
"hkey"="HKCU"
"command"="C:\\Program Files\\AIM95\\aim.exe -cnetwait.odl"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Ares"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Ares\\Ares.exe\" -h"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Weather 3]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="The Weather Channel"
"hkey"="HKCU"
"command"="C:\\PROGRA~1\\THEWEA~1\\The Weather Channel.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iRiver Updater]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Updater"
"hkey"="HKLM"
"command"="C:\\Program Files\\iRiver\\iRiver Manager\\Updater\\Updater.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msnmsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebRebates0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WebRebates0"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Web_Rebates\\WebRebates0.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="winampa"
"hkey"="HKLM"
"command"="C:\\Program Files\\Winamp\\winampa.exe"
"inimapping"="0"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{3F9D0C61-737D-44D1-BD80-91AF857061CC}"=""
"{81559C35-8464-49F7-BB0E-07A383BEF910}"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cbxyaab
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtsqr

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0



-- End of Deckard's System Scanner: finished at 2007-04-22 at 22:54:43 ---------
Attached Files
File Type: txt extra.txt (10.8 KB, 1 views)
The Arto is offline