Deckard's System Scanner v20071014.68 Run by Linda Hall on 2008-01-28 07:28:01 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 89: 2008-01-28 12:29:11 UTC - RP499 - Deckard's System Scanner Restore Point 88: 2008-01-21 17:48:32 UTC - RP498 - System Checkpoint 87: 2008-01-19 15:43:34 UTC - RP497 - System Checkpoint 86: 2008-01-18 14:43:34 UTC - RP496 - System Checkpoint 85: 2008-01-17 13:43:35 UTC - RP495 - System Checkpoint -- First Restore Point -- 1: 2007-10-24 20:46:20 UTC - RP411 - System Checkpoint Backed up registry hives. Performed disk cleanup. [color=red]Percentage of Memory in Use: 76% (more than 75%).[/color] [color=red]Total Physical Memory: 255 MiB (512 MiB recommended).[/color] -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-01-28 07:32:24 Platform: Windows XP Service Pack 2 (5.01.2600) MSIE: Internet Explorer (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\SYSTEM32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\SYSTEM32\services.exe C:\WINDOWS\SYSTEM32\lsass.exe C:\WINDOWS\SYSTEM32\svchost.exe C:\WINDOWS\SYSTEM32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\WINDOWS\SYSTEM32\spoolsv.exe C:\WINDOWS\SYSTEM32\$sys$filesystem\$sys$DRMServer.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\CDProxyServ.exe C:\WINDOWS\SYSTEM32\CTsvcCDA.EXE C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\WINDOWS\explorer.exe C:\WINDOWS\SYSTEM32\nvsvc32.exe C:\WINDOWS\SYSTEM32\svchost.exe C:\Program Files\Video Add-on\icthis.exe C:\Program Files\Video Add-on\isfmntr.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Video Add-on\icmntr.exe C:\WINDOWS\SYSTEM32\ctfmon.exe C:\Program Files\Video Add-on\isfmm.exe C:\WINDOWS\SYSTEM32\rundll32.exe C:\WINDOWS\SYSTEM32\msiexec.exe C:\Program Files\Video Add-on\isfmm.exe F:\Cleaning tools\dss.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\NppBHO.dll O2 - BHO: (no name) - {21ECA600-72B5-4E66-BB2E-573C92CBD8D6} - C:\Program Files\Video Add-on\isfmdl.dll O2 - BHO: {b4f89efb-1884-91ab-38b4-850812e94dd2} - {2dd49e21-8058-4b83-ba19-4881bfe98f4b} - C:\WINDOWS\system32\ispkcqlb.dll (file missing) O2 - BHO: (no name) - {4583C29A-0573-4634-A597-0091F9011CC1} - C:\WINDOWS\system32\iypxdnlr.dll (file missing) O2 - BHO: 0 - {54BEC793-1168-40AA-BCB3-35942D9D7455} - C:\Program Files\ComPlus Applications\vikixe171.dll (file missing) O2 - BHO: (no name) - {6d8b4d4c-d670-4ef0-9c80-9d14780232fc} - C:\WINDOWS\system32\dmldit.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7B4880CD-8DA9-4976-AEAB-855D14B241ED} - C:\WINDOWS\inf\ilbidsk.dll (file missing) O2 - BHO: DeskalertsBHO - {A3C4A35F-2E92-4539-8F7F-5A0117F914A3} - C:\Program Files\DeskAlerts\deskbar.dll (file missing) O2 - BHO: (no name) - {C473B33C-E0CF-4F5F-B69B-429F92D15235} - C:\WINDOWS\system32\iypxdnlr.dll (file missing) O2 - BHO: (no name) - {E7C6E6CA-279B-4FE8-9A31-6B7F1FE89BE5} - C:\WINDOWS\SYSTEM32\ssqpn.dll O2 - BHO: (no name) - {E99FAB2B-3BB0-4A4F-EE54-37761E6003C9} - C:\WINDOWS\system32\bcdxkbd.dll (file missing) O2 - BHO: (no name) - {EA9FAB29-3BC3-3F4B-EE2B-4F76626903CC} - C:\WINDOWS\system32\bcdxkbd.dll (file missing) O2 - BHO: (no name) - {EC95A57E-6DCB-394D-E52B-4F76626902C2} - C:\WINDOWS\system32\ipf.dll (file missing) O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8685CC} - C:\Program Files\Helper\1201009972.dll O2 - BHO: (no name) - {F7AB9D71-FF48-4F95-A14F-FCFB685E0AA2} - C:\WINDOWS\system32\iypxdnlr.dll (file missing) O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\UIBHO.dll O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Video Add-on\icthis.exe O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Video Add-on\isfmntr.exe O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolgate.com/redirect.php (file missing) O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolgate.com/redirect.php (file missing) O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL O20 - Winlogon Notify: dmldit - C:\WINDOWS\system32\dmldit.dll (file missing) O20 - Winlogon Notify: khfeecd - C:\WINDOWS\system32\khfeecd.dll (file missing) O20 - Winlogon Notify: mnapqmtl - C:\WINDOWS\system32\mnapqmtl.dll (file missing) O20 - Winlogon Notify: ssqpn - C:\WINDOWS\SYSTEM32\ssqpn.dll O20 - Winlogon Notify: vturo - C:\WINDOWS\system32\vturo.dll (file missing) O22 - SharedTaskScheduler: aposiopetic - {91316323-2ad5-4794-9589-52a2eaa60a68} - C:\WINDOWS\SYSTEM32\shlahsd.dll O23 - Service: Plug and Play Device Manager ($sys$DRMServer) - First 4 Internet Ltd - C:\WINDOWS\SYSTEM32\$sys$filesystem\$sys$DRMServer.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: XCP CD Proxy (CD_Proxy) - Unknown owner - C:\WINDOWS\CDProxyServ.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\SYSTEM32\CTsvcCDA.EXE O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\nvsvc32.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O24 - Desktop Component 0: - C:\Program Files\ComPlus Applications\zysoma.html -- End of file - 7479 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 $sys$cor - c:\windows\system32\drivers\$sys$cor.sys R1 $sys$crater - c:\windows\system32\$sys$filesystem\crater.sys R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys S3 o1394bul - c:\documents and settings\taylor\local settings\temp\o1394bul.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 $sys$DRMServer (Plug and Play Device Manager) - c:\windows\system32\$sys$filesystem\$sys$drmserver.exe R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" R2 CD_Proxy (XCP CD Proxy) - c:\windows\cdproxyserv.exe S2 cmdService (Command Service) - S2 DomainService - S2 Network Monitor - -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2008-01-22 03:30:00 436 --a------ C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job 2008-01-17 16:57:26 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job -- Files created between 2007-12-28 and 2008-01-28 ----------------------------- 2008-01-28 07:09:22 185686 ---hs---- C:\WINDOWS\system32\npqss.ini2 2008-01-28 07:01:18 0 dr-h----- C:\Documents and Settings\Linda Hall\Recent 2008-01-22 12:21:13 0 d-------- C:\Program Files\Norton 360 2008-01-22 12:17:35 0 d-------- C:\Program Files\Symantec 2008-01-22 12:17:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec 2008-01-22 12:16:42 0 d-------- C:\Program Files\Common Files\Symantec Shared 2008-01-22 11:34:12 89664 --a------ C:\WINDOWS\system32\wgyjfxom.dll 2008-01-22 08:53:14 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-01-22 08:53:10 0 d-------- C:\Program Files\VirusProtect 3.9 2008-01-22 08:52:52 0 d-------- C:\Program Files\Helper 2008-01-22 08:52:38 0 d-------- C:\Program Files\Video Add-on 2008-01-18 18:49:26 88128 --a------ C:\WINDOWS\system32\toqtuahu.dll -- Find3M Report --------------------------------------------------------------- 2008-01-27 20:50:55 183608 --ahs---- C:\WINDOWS\system32\npqss.bak1 2008-01-27 20:50:41 183608 --ahs---- C:\WINDOWS\system32\npqss.bak2 2008-01-22 12:21:02 0 d-------- C:\Program Files\Common Files 2008-01-22 11:42:20 0 d-------- C:\Program Files\LimeWire 2008-01-22 08:52:43 13312 --a-s---- C:\WINDOWS\system32\shlahsd.dll 2008-01-18 14:47:11 0 d-------- C:\Documents and Settings\Linda Hall\Application Data\LimeWire 2007-12-26 12:34:02 0 d-------- C:\Documents and Settings\Linda Hall\Application Data\Adobe 2007-12-11 06:57:27 0 d-------- C:\Program Files\WinPop 2007-12-11 06:57:26 0 d-------- C:\Program Files\Windows NT 2007-12-02 16:58:07 932 --a------ C:\WINDOWS\system32\winpfz32.sys 2007-11-30 19:04:53 0 d-------- C:\Documents and Settings\Linda Hall\Application Data\Skype 2007-11-03 15:31:06 87616 --a------ C:\WINDOWS\system32\etkhbygb.dll -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{21ECA600-72B5-4E66-BB2E-573C92CBD8D6}] 01/28/2008 06:55 AM 11776 --a------ C:\Program Files\Video Add-on\isfmdl.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2dd49e21-8058-4b83-ba19-4881bfe98f4b}] C:\WINDOWS\system32\ispkcqlb.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4583C29A-0573-4634-A597-0091F9011CC1}] C:\WINDOWS\system32\iypxdnlr.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54BEC793-1168-40AA-BCB3-35942D9D7455}] C:\Program Files\ComPlus Applications\vikixe171.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6d8b4d4c-d670-4ef0-9c80-9d14780232fc}] C:\WINDOWS\system32\dmldit.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7B4880CD-8DA9-4976-AEAB-855D14B241ED}] C:\WINDOWS\inf\ilbidsk.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3C4A35F-2E92-4539-8F7F-5A0117F914A3}] C:\Program Files\DeskAlerts\deskbar.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C473B33C-E0CF-4F5F-B69B-429F92D15235}] C:\WINDOWS\system32\iypxdnlr.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E7C6E6CA-279B-4FE8-9A31-6B7F1FE89BE5}] 08/12/2007 05:58 PM 231520 --a------ C:\WINDOWS\system32\ssqpn.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E99FAB2B-3BB0-4A4F-EE54-37761E6003C9}] C:\WINDOWS\system32\bcdxkbd.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EA9FAB29-3BC3-3F4B-EE2B-4F76626903CC}] C:\WINDOWS\system32\bcdxkbd.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EC95A57E-6DCB-394D-E52B-4F76626902C2}] C:\WINDOWS\system32\ipf.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F10587E9-0E47-4CBE-84AE-7DD20B8685CC}] 01/22/2008 08:52 AM 15872 --a------ C:\Program Files\Helper\1201009972.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F7AB9D71-FF48-4F95-A14F-FCFB685E0AA2}] C:\WINDOWS\system32\iypxdnlr.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{821F87FF-8245-4972-9E28-732E92EC2F51}"= C:\Program Files\VSToolbar\VSToolBar.dll [ ] "{C4DFA6F3-1245-41E5-8E60-7D31427F01B3}"= C:\Program Files\Video Add-on\ictmdl.dll [01/22/2008 08:52 AM 73728] [-HKEY_CLASSES_ROOT\CLSID\{821F87FF-8245-4972-9E28-732E92EC2F51}] [-HKEY_CLASSES_ROOT\CLSID\{C4DFA6F3-1245-41E5-8E60-7D31427F01B3}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [07/17/2007 08:54 PM] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 02:56 AM] C:\Documents and Settings\Linda Hall\Start Menu\Programs\Startup\ DESKTOP.INI [3/20/2004 12:58:38 PM] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ DESKTOP.INI [9/10/2004 1:52:16 PM] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "NoDispBackgroundPage"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] @= [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run] "some"=C:\Program Files\Video Add-on\icthis.exe "start"=C:\Program Files\Video Add-on\isfmntr.exe [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] Source= C:\Program Files\ComPlus Applications\zysoma.html FriendlyName= [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{91316323-2ad5-4794-9589-52a2eaa60a68}"= C:\WINDOWS\system32\shlahsd.dll [01/22/2008 08:52 AM 13312] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dmldit] dmldit.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\khfeecd] khfeecd.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mnapqmtl] mnapqmtl.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqpn] C:\WINDOWS\system32\ssqpn.dll 08/12/2007 05:58 PM 231520 C:\WINDOWS\SYSTEM32\ssqpn.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vturo] vturo.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bcmwltry] bcmwltry.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\conscorr] C:\WINDOWS\conscorr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla] C:\WINDOWS\system32\dla\tfswctrl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDSentry] C:\WINDOWS\System32\DSentry.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C84 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE /P23 "EPSON Stylus C84 Series" /O6 "USB001" /M "Stylus C84" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\removecpl] RemoveCpl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg] C:\WINDOWS\UpdReg.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vckefch] C:\WINDOWS\System32\qfoqgj.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Win Server Updt] C:\WINDOWS\wupdt.exe *Newly Created Service* - COMHOST -- End of Deckard's System Scanner: finished at 2008-01-28 07:36:44 ------------