Hello! As the title of the thread indicates, I have a very confusing System Startup tool entry. It's the first one listed and it isn't colored (green, yellow or red). Under the Key column it says HK_LM:Run (Current system). There is nothing under the Value or Command Line columns. When I click on the information bar on the right side of the screen it seems to give me conflicting information. Here is what it says:
Current filename:

Database status: Not required - virus, spyware, malware or other resource hog
Value:
Filename: system32.exe

Description
Added by the _AGOBOT-KU_ WORM! Note - has a blank entry under the Startup Item/Name field

Source: Paul Collins Startup list
____________________

Current filename:

Database status: Not required - virus, spyware, malware or other resource hog
Value:
Filename: pathex.exe

Description
Added by the _MKMOOSE-A_ WORM! Note - has a blank entry under the Startup Item/Name field

Source: Paul Collins Startup list
____________________

Current filename:

Database status: Not required - virus, spyware, malware or other resource hog
Value:
Filename: svchost.exe

Description
Added by the _DELF-UX_ TROJAN! Note - this is not the legitimate _svchost.exe_ process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in the Winnt or Windows folder. Note - has a blank entry under the Startup Item/Name field

Source: Paul Collins Startup list
____________________

Current filename:

Database status: Not required - virus, spyware, malware or other resource hog
Value:
Filename: MSPF.EXE

Description
Added by a variant of the _SDBOT_ WORM! This file is located in the Winnt or Windows folder. Note - has a blank entry under the Startup Item/Name field

Source: Paul Collins Startup list
____________________

Current filename:

Database status: Not required - virus, spyware, malware or other resource hog
Value:
Filename: dllvirtual.exe

Description
Added by the _DADOBRA-IW_ TROJAN! Note - has a blank entry under the Startup Item/Name field

Source: Paul Collins Startup list
____________________

Current filename:

Database status: Not required - virus, spyware, malware or other resource hog
Value:
Filename: dllvirtual.dll

Description
Added by the _DADOBRA-IW_ TROJAN! Note - has a blank entry under the Startup Item/Name field

Source: Paul Collins Startup list
____________________

Current filename:

Database status: Not required - virus, spyware, malware or other resource hog
Value:
Filename: dllvirtual.js

Description
Added by the _DADOBRA-IW_ TROJAN! Note - has a blank entry under the Startup Item/Name field

Source: Paul Collins Startup list
____________________


Is this entry ALL of these things or could it just be any one in particular? How do I know if this is malicious or just a resource hog? Or is it just a false positive? If I knew the path(s) of the culprit(s) it would be easier to decide if I should get rid of it or not.
I scanned my computer using Norton Antivirus 2005, Ad-Aware 2007, Spybot Search and Destroy 1.5.2.20 and ZoneAlarm Pro's spyware scanner. All came up clean. Except for ZoneAlarm Pro's built-in spyware scanner which detected something called Mozy Filter which I believe is a false positive for my MozyHome backup software. I also use SpywareBlaster 4.0.
I have Windows XP SP2 which is current with all the security updates.
If anyone can help me I will truly appreciate it! If more information is needed, please let me know!
Thanks!
Oh, one more thing. I noticed that my ZoneAlarm Pro firewall seems to be blocking svchost.exe. But based on the source and destination IP addresses it seems like this is the legit svchost.exe.