Main.txt:Deckard's System Scanner v20071014.68
Run by HP_Administrator on 2008-04-14 20:52:31
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
86: 2008-04-15 03:52:40 UTC - RP585 - Deckard's System Scanner Restore Point
85: 2008-04-14 17:58:21 UTC - RP584 - Restore Operation
84: 2008-04-14 07:01:40 UTC - RP583 - Restore Operation
83: 2008-04-13 22:48:10 UTC - RP582 - Removed Knight Online
82: 2008-04-12 21:19:53 UTC - RP581 - Software Distribution Service 3.0
-- First Restore Point --
1: 2008-01-14 22:20:00 UTC - RP500 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as HP_Administrator.exe) ------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:56:14 PM, on 4/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\BrmfBAgS.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Nexon\Mabinogi\npkcmsvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\LVCOMS.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\HP_Administrator\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\HP_Administrator.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktopR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapps.yahoo.com/customize/.../search/ie.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://red.clientapps.yahoo.com/customize/...//www.yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://att.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://att.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://red.clientapps.yahoo.com/customize/...//www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapps.yahoo.com/customize/.../search/ie.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://red.clientapps.yahoo.com/customize/...//www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://att.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktopR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://red.clientapps.yahoo.com/customize/...//www.yahoo.comR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\webhelper.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [LVComs] C:\WINDOWS\system32\LVCOMS.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.10\AMVConverter\grab.html
O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 4.10\MediaManager\grab.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: ActiveGS.cab -
http://www.virtualapple.org/activegs.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) -
http://www.symantec.com/techsupp/asa/ctrl/SymAData.cabO16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) -
http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cabO16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) -
http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cabO16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) -
http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\WEBACC~1\FASTSE~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Brother BidiAgent Service for Resource manager (brmfbags) - Brother Industries, Ltd. - C:\WINDOWS\system32\BrmfBAgS.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - C:\Nexon\Mabinogi\npkcmsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
--
End of file - 15712 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 BootScreen - c:\windows\\systemroot\system32\drivers\vidstub.sys (file missing)
R1 ELhid - c:\windows\system32\drivers\elhid.sys <Not Verified; Intel Corporation; Intel® Quick Resume Technology>
R1 ELkbd - c:\windows\system32\drivers\elkbd.sys <Not Verified; Intel Corporation; Intel® Quick Resume Technology>
R1 ELmon - c:\windows\system32\drivers\elmon.sys <Not Verified; Intel Corporation; Intel® Quick Resume Technology>
R1 ELmou - c:\windows\system32\drivers\elmou.sys <Not Verified; Intel Corporation; Intel® Quick Resume Technology>
R1 VETFDDNT (VET Floppy Boot Sector Monitor) - c:\windows\system32\drivers\vetfddnt.sys <Not Verified; Computer Associates International, Inc.; Computer Associates Antivirus>
R1 VET-FILT (VET File System Filter) - c:\windows\system32\drivers\vet-filt.sys <Not Verified; Computer Associates International, Inc.; Computer Associates Antivirus>
R1 VETMONNT (VET File Monitor) - c:\windows\system32\drivers\vetmonnt.sys <Not Verified; Computer Associates International, Inc.; Computer Associates Antivirus>
R1 VET-REC (VET File System Recognizer) - c:\windows\system32\drivers\vet-rec.sys <Not Verified; Computer Associates International, Inc.; Computer Associates Antivirus>
S0 ftsata2 - c:\windows\system32\drivers\ftsata2.sys (file missing)
S0 PxHelp20 - c:\windows\system32\drivers\pxhelp20.sys (file missing)
S2 npkcrypt - c:\nexon\mabinogi\npkcrypt.sys (file missing)
S3 BVRPMPR5 (BVRPMPR5 NDIS Protocol Driver) - e:\instal~e\core\bvrpmpr5.sys (file missing)
S3 kaspersky1 - c:\program files\kaspersky engine 5.3.311 (public version)\kaspersky.sys (file missing)
S3 MotDev (Motorola Inc. USB Device) - c:\windows\system32\drivers\motodrv.sys <Not Verified; Motorola Inc; Motorola USB Composite Driver>
S3 NPF (NetGroup Packet Filter Driver) - c:\windows\system32\drivers\npf.sys <Not Verified; Politecnico di Torino; NPF Driver>
S3 usbsermpt (Motorola USB Modem Driver for MPT) - c:\windows\system32\drivers\usbsermpt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows ® 2000 Operating System>
S3 XDva041 - c:\windows\system32\xdva041.sys (file missing)
S3 XDva045 - c:\windows\system32\xdva045.sys (file missing)
S3 XDva049 - c:\windows\system32\xdva049.sys (file missing)
S3 XDva054 - c:\windows\system32\xdva054.sys (file missing)
S3 XDva062 - c:\windows\system32\xdva062.sys (file missing)
S3 XDva078 - c:\windows\system32\xdva078.sys (file missing)
S3 XTrapD12 - c:\windows\system32\xtrapd12.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 ELService (Intel® Quick Resume Technology Drivers) - "c:\program files\intel\inteldh\intel® quick resume technology\elservice.exe" <Not Verified; Intel Corporation; Intel® Quick Resume Technology>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>
S3 rpcapd (Remote Packet Capture Protocol v.0 (experimental)) - "c:\program files\winpcap\rpcapd.exe" -d -f "c:\program files\winpcap\rpcapd.ini"
S3 YPCService - c:\windows\system32\ypcser~1.exe <Not Verified; Yahoo! Inc.; YPCService Module>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-04-14 11:42:54 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
2008-04-01 10:01:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-03-14 and 2008-04-14 -----------------------------
2008-04-14 20:50:54 0 d-------- C:\Program Files\Trend Micro
2008-03-29 17:22:42 0 d-------- C:\Program Files\HearMe
2008-03-23 00:14:23 0 d-------- C:\Program Files\Common Files\INCA Shared
-- Find3M Report ---------------------------------------------------------------
2008-04-14 11:38:36 12 --a------ C:\WINDOWS\bthservsdp.dat
2008-04-14 00:12:57 0 d-------- C:\Program Files\Starcraft
2008-04-14 00:10:09 0 d-------- C:\Program Files\Windows NT
2008-04-14 00:05:10 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-13 23:35:50 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\SiteAdvisor
2008-04-13 10:44:48 12133 --a------ C:\Documents and Settings\HP_Administrator\Application Data\.googlewebacchosts
2008-04-08 18:35:58 0 d-------- C:\Program Files\Java
2008-04-01 09:40:37 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\Yahoo!
2008-03-23 00:14:23 0 d-------- C:\Program Files\Common Files
2008-03-08 21:36:12 0 d-------- C:\Program Files\LimeWire
2008-02-23 18:50:09 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\Intuit
2008-02-23 18:45:32 0 d-------- C:\Program Files\Common Files\AnswerWorks 4.0
2008-02-23 18:44:35 0 d-------- C:\Program Files\Quicken
2008-02-23 18:35:36 0 d-------- C:\Program Files\TurboTax
2008-02-22 13:43:37 0 d-------- C:\Program Files\Google
2008-02-19 01:38:31 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\Any Video Converter
2008-02-16 19:50:21 0 d-------- C:\Program Files\AIM6
2008-02-01 18:43:29 967 --a----c- C:\WINDOWS\ScUnin.pif
2008-02-01 18:43:29 94208 --a------ C:\WINDOWS\ScUnin.exe <Not Verified; Blizzard Entertainment; Starcraft Uninstaller>
2008-02-01 18:43:29 47761 --a------ C:\WINDOWS\scunin.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [08/05/2005 02:56 PM]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [02/21/2006 04:59 PM]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [10/22/2006 01:22 PM]
"nwiz"="nwiz.exe" [10/22/2006 01:22 PM C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [01/11/2006 10:23 AM C:\WINDOWS\RTHDCPL.EXE]
"HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [06/01/2005 04:35 PM]
"DMAScheduler"="c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe" [11/01/2005 03:01 AM]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [07/22/2005 04:14 PM]
"@"="" []
"PCDrProfiler"="" []
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [11/09/2005 10:29 AM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [05/08/2007 05:24 PM]
"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [09/10/2002 09:26 PM]
"Motive SmartBridge"="C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe" [10/03/2006 03:47 PM]
"KBD"="C:\HP\KBD\KBD.EXE" [02/02/2005 04:44 PM]
"CaAvTray"="C:\Program Files\Yahoo!\Antivirus\CAVTray.exe" [07/10/2006 10:17 PM]
"CAVRID"="C:\Program Files\Yahoo!\Antivirus\CAVRID.exe" [07/10/2006 10:17 PM]
"YOP"="C:\PROGRA~1\Yahoo!\YOP\yop.exe" [04/22/2005 07:49 PM]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [08/09/2004 02:00 PM]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [08/09/2004 02:00 PM]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [08/09/2004 02:00 PM]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/09/2004 02:00 PM]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/09/2004 02:00 PM]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [09/28/2006 01:16 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [10/22/2006 01:22 PM]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []
"LogonStudio"="C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" [09/03/2002 06:38 PM]
"DXM6Patch_981116"="C:\WINDOWS\p_981116.exe" [11/30/1998 06:04 PM]
"LVComs"="C:\WINDOWS\system32\LVCOMS.EXE" [05/02/2000 10:04 AM]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [11/03/2006 07:20 PM]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [03/17/2005 03:25 PM]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [03/17/2005 03:45 PM]
"BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" [06/28/2006 08:46 AM]
"ControlCenter3"="C:\Program Files\Brother\ControlCenter3\brctrcen.exe" [06/29/2006 01:18 PM]
"BluetoothAuthenticationAgent"="bthprops.cpl" [08/04/2004 01:56 AM C:\WINDOWS\system32\bthprops.cpl]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [04/27/2007 09:41 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/09/2004 02:00 PM]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [08/18/2005 11:49 AM]
"Aim6"="" []
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [01/04/2005 12:50 PM]
"EasyLinkAdvisor"="C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" [03/15/2007 07:16 PM]
"P2kAutostart"="" []
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe
C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [3/16/2005 8:16:50 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 11:05:26 PM]
AT&T Self Support Tool.lnk - C:\Program Files\SBC Self Support Tool\bin\matcli.exe [7/8/2006 2:53:55 PM]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [5/12/2005 12:23:26 AM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 2:01:04 AM]
Run Google Web Accelerator.lnk - C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe [7/9/2007 10:24:38 PM]
Updates From HP.lnk - C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe [3/12/2006 12:04:45 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\WEBACC~1\FASTSE~1.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Post-it® Software Notes Lite.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Post-it® Software Notes Lite.lnk
backup=C:\WINDOWS\pss\Post-it® Software Notes Lite.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Administrator^Start Menu^Programs^Startup^Yahoo! Widget Engine.lnk]
path=C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\Yahoo! Widget Engine.lnk
backup=C:\WINDOWS\pss\Yahoo! Widget Engine.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Administrator^Start Menu^Programs^Startup^?
.lnk]
path=C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\
?.lnk
backup=C:\WINDOWS\pss\
?.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iLike]
C:\Program Files\iLike\1.1.13\ilikesidebar.exe /checkforupdate
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
"C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"c:\valve\steam\steam.exe" -silent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPod Service"=3 (0x3)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{39bc125d-8bdf-11db-a477-0015f2f1a5f9}]
AutoRun\command- J:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ed3be614-2afc-11db-a319-0015f2f1a5f9}]
AutoRun\command- K:\servet.exe
-- End of Deckard's System Scanner: finished at 2008-04-14 20:57:09 ------------
Extra.txt:Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® D CPU 2.80GHz
CPU 1: Intel® Pentium® D CPU 2.80GHz
Percentage of Memory in Use: 46%
Physical Memory (total/avail): 1022.39 MiB / 542.43 MiB
Pagefile Memory (total/avail): 2456.06 MiB / 2090.25 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1924.88 MiB
C: is Fixed (NTFS) - 177.75 GiB total, 137.8 GiB free.
D: is Fixed (FAT32) - 8.53 GiB total, 0.46 GiB free.
E: is CDROM (Unformatted)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is CDROM (No Media)
K: is Removable (FAT)
\\.\PHYSICALDRIVE0 - ST3200827AS - 186.31 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 177.75 GiB - C:
\PARTITION1 - Unknown - 8.55 GiB - D:
\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device
\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device
\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device
\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device
\\.\PHYSICALDRIVE5 - Memorex TD Classic 003B USB Device - 980.53 MiB - 1 partition
\PARTITION0 - Win95 w/Extended Int 13 - 980.98 MiB - K:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
AV: Anti-Virus - SBC Yahoo! Online Protection v7.0.7.4 (Computer Associates)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"="C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe:*:Enabled:Updates from HP"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"="C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe:*:Enabled:Updates from HP"
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"="C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe:*:Enabled:Earthlink"
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
"C:\\Documents and Settings\\HP_Administrator\\My Documents\\Downloads\\MapleStory\\Patcher.exe"="C:\\Documents and Settings\\HP_Administrator\\My Documents\\Downloads\\MapleStory\\Patcher.exe:*:Enabled:Patcher MFC ??
?"
"C:\\Documents and Settings\\HP_Administrator\\My Documents\\Downloads\\MapleStory\\NewPatcher.exe"="C:\\Documents and Settings\\HP_Administrator\\My Documents\\Downloads\\MapleStory\\NewPatcher.exe:*:Enabled:Patcher MFC ??
?"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\MAIET\\Gunz\\GunzLauncher.exe"="C:\\Program Files\\MAIET\\Gunz\\GunzLauncher.exe:*:Enabled:GunzLauncher"
"C:\\Program Files\\AIM\\AIM95_c0\\aim.exe"="C:\\Program Files\\AIM\\AIM95_c0\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\AIM\\AIM95_c1\\aim.exe"="C:\\Program Files\\AIM\\AIM95_c1\\aim.exe:*:Enabled:AOL Instant Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Enabled:AIM"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Documents and Settings\\HP_Administrator\\My Documents\\Downloads\\Games\\MapleStory\\Patcher.exe"="C:\\Documents and Settings\\HP_Administrator\\My Documents\\Downloads\\Games\\MapleStory\\Patcher.exe:*:Enabled:Patcher MFC ??
?"
"C:\\ijji\\ENGLISH\\Gunbound Revolution\\GunBound.gme"="C:\\ijji\\ENGLISH\\Gunbound Revolution\\GunBound.gme:*:Enabled:GunBound"
"C:\\Program Files\\DAP\\DAP.exe"="C:\\Program Files\\DAP\\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
"C:\\Documents and Settings\\HP_Administrator\\My Documents\\My Completed Downloads\\utorrent.exe"="C:\\Documents and Settings\\HP_Administrator\\My Documents\\My Completed Downloads\\utorrent.exe:*:Enabled:µTorrent"
"C:\\ijji\\ENGLISH\\u_sf\\soldierfront.exe"="C:\\ijji\\ENGLISH\\u_sf\\soldierfront.exe:*:Enabled:soldierfront"
"C:\\Documents and Settings\\HP_Administrator\\My Documents\\Downloads\\Games\\MapleStory\\NewPatcher.exe"="C:\\Documents and Settings\\HP_Administrator\\My Documents\\Downloads\\Games\\MapleStory\\NewPatcher.exe:*:Enabled:Patcher MFC ??
?"
"C:\\Program Files\\LittleFighter2\\LF2_v1.9c\\lf2.exe"="C:\\Program Files\\LittleFighter2\\LF2_v1.9c\\lf2.exe:*:Enabled:lf2"
"C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\ttax.exe"="C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\updatemgr.exe"="C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\\Documents and Settings\\HP_Administrator\\My Documents\\Programs\\Games\\MapleStory\\Patcher.exe"="C:\\Documents and Settings\\HP_Administrator\\My Documents\\Programs\\Games\\MapleStory\\Patcher.exe:*:Enabled:Patcher MFC ??
?"
"C:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"="C:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Nexon\\MapleStory\\Patcher.exe"="C:\\Nexon\\MapleStory\\Patcher.exe:*:Enabled:Patcher MFC ??
?"
"C:\\Nexon\\MapleStory\\NewPatcher.exe"="C:\\Nexon\\MapleStory\\NewPatcher.exe:*:Enabled:Patcher MFC ??
?"
"C:\\Program Files\\China Cyber Port\\English\\czero.exe"="C:\\Program Files\\China Cyber Port\\English\\czero.exe:*:Enabled:Condition Zero Launcher"
"C:\\Program Files\\SnzoGame\\SnzoGame.exe"="C:\\Program Files\\SnzoGame\\SnzoGame.exe:*:Disabled:SnzoGame"
"C:\\Nexon\\MapleStory\\MapleStory.exe"="C:\\Nexon\\MapleStory\\MapleStory.exe:*:Disabled:MapleStory"
"C:\\Nexon\\KartRider\\NMService.exe"="C:\\Nexon\\KartRider\\NMService.exe:*:Enabled:Nexon Messenger Core"
"C:\\Program Files\\Starcraft\\StarCraft.exe"="C:\\Program Files\\Starcraft\\StarCraft.exe:*:Enabled:Starcraft"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:*:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:*:Enabled:ActiveSync Application"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Microsoft Games\\Halo Trial\\halo.exe"="C:\\Program Files\\Microsoft Games\\Halo Trial\\halo.exe:*:Enabled:Halo"
"C:\\Program Files\\TurboTax\\Premier 2007\\32bit\\ttax.exe"="C:\\Program Files\\TurboTax\\Premier 2007\\32bit\\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\\Program Files\\TurboTax\\Premier 2007\\32bit\\updatemgr.exe"="C:\\Program Files\\TurboTax\\Premier 2007\\32bit\\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\HP_Administrator\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_11\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=CHEN
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\HP_Administrator
LOGONSERVER=\\CHEN
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\;;C:\PROGRA~1\COMMON~1\MUVEET~1\030625;C:\PROGRA~1\COMMON~1\MUVEET~1\030625
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0404
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_11\lib\ext\QTJava.zip
SESSIONNAME=Console
SonicCentral=c:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp
USERDOMAIN=CHEN
USERNAME=HP_Administrator
USERPROFILE=C:\Documents and Settings\HP_Administrator
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
HP_Administrator
(admin)Administrator
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\PROGRA~1\SBCSEL~1\CustomUninstall.exe SBC
--> C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
--> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
--> MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
--> MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
5 Card Slingo from HP Media Center (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\AF012B1F-AFCE-45DB-8D6C-8AB06ADC1D6F\Uninstall.exe"
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 7.0.7 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos 1.0 --> MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
Agere Systems PCI-SV92PP Soft Modem --> agrsmdel
AIM 6 --> C:\Program Files\AIM6\uninst.exe
AIM+ (remove only) --> "C:\Program Files\AIM+\uninst.exe"
AnswerWorks 4.0 Runtime - English --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}\setup.exe" -l0x9 -removeonly
Any Video Converter 2.5.3 --> "C:\Program Files\Any Video Converter\unins000.exe"
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ArcSoft PhotoStudio 5.5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x9
AstroPop Deluxe from HP Media Center (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\E44A47AF-C94B-4E3F-81A0-979FBA9DAC57\Uninstall.exe"
AT&T Self Support Tool --> C:\WINDOWS\Motive\SBC\MCCUninst.exe
AT&T Yahoo! Applications --> C:\PROGRA~1\Yahoo!\common\uninstall.exe
AusLogics Disk Defrag --> "C:\Program Files\AusLogics Disk Defrag\unins000.exe"
AVIConverter CHN-EN Package --> C:\Program Files\AVIConverter\uninst.exe
Barnyard Invasion from HP Media Center (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\049D60AF-B425-4F8A-BD66-9D8C1B519D59\Uninstall.exe"
Bejeweled 2 Deluxe from HP Media Center (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\47D5A62B-1B41-4DB1-8267-ADA434FA782B\Uninstall.exe"
Big Biz Tycoon 2 --> C:\WINDOWS\unvise32.exe C:\Program Files\Activision Value\Big Biz Tycoon 2\uninstal.log
Blackhawk Striker 2 from HP Media Center (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\758619C0-7C97-42BB-B1E9-775F72FDAD1E\Uninstall.exe"
Blasterball 2 from HP Media Center (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\D2DACBCD-E1FE-4C32-A49B-1EB0743D1E79\Uninstall.exe"
Blasterball 2 Remix from HP Media Center (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\0C84A7C5-2762-4932-96BF-44A77202DCC3\Uninstall.exe"
Boggle Supreme from HP Media Center (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\90EA5584-4290-407B-B8F2-D6E6D65A4796\Uninstall.exe"
Bookworm Deluxe from HP Media Center (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\E59F75D0-A38B-40F4-ABA2-CA35A7735473\Uninstall.exe"
BootSkin --> C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\UNWISE.EXE C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\INSTALL.LOG
Bounce Symphony from HP Media Center (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\5DAA9E44-1B31-41CD-88A8-228EDED6E36E\Uninstall.exe"
BroadJump Client Foundation --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\BroadJump\Client Foundation\Uninst.isu" -c"C:\Program Files\BroadJump\Client Foundation\RmvBJCFD.dll" -b"CFD" -h"CFD" -a
Brother MFL-Pro Suite --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}\Setup.exe" -l0x9 Brunin03.dllBrunin03.dll
Brother MFL-Pro Suite --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}\Setup.exe" -l0x9 Brunin03.dll -removeonly
Canon MP160 User Registration --> C:\Program Files\Canon\IJEREG\MP160\UNINST.EXE
Chuzzle Deluxe from HP Media Center (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\BA42B721-D70B-4412-ABA6-057B5823FDE9\Uninstall.exe"
Continuum 0.40 --> "C:\Program Files\Continuum\unins000.exe"
Crystal Maze from HP Media Center (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\3D61540E-C88C-4358-B6A1-DC26648F2A3D\Uninstall.exe"
Customer Experience Enhancement --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Drivers Instal
