Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

win32.agent.azpj


  • This topic is locked This topic is locked
2 replies to this topic

#1 Treant99

Treant99

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Location:New York
  • Local time:08:13 PM

Posted 12 September 2009 - 01:02 PM

I've searched around the forum and finally got log files to post based on tools others with my problem have used.

So far my anti-virus doesn't work, house call doesn't work, spyware remover doesn't work, my windows update doesn't work. MalwareBytes shuts down before scanning as does hijackthis, and root repeal only works with drivers and processes checked if I check anything else it freezes my system.

Trend micro system cleaner doesn't work either and the only thing that did work was Kaspersky which is what told me I have trojan-spy.win32.agent.azpj in my svchost.exe, global root directory, internet explorer and firefox.exe.

I'm running Windows XP home edition, and after my brother used it to download something I got infected and been at wits end ever since.

Here are the logs I have been able to come up with though.

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/09/12 13:37
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_nvatabus.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_nvatabus.sys
Address: 0xA38D0000 Size: 81920 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xB71FC000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA04A0000 Size: 49152 File Visible: No Signed: -
Status: -

Name: win32k.sys:1
Image Path: C:\WINDOWS\win32k.sys:1
Address: 0xB4C10000 Size: 20480 File Visible: No Signed: -
Status: -

Name: win32k.sys:2
Image Path: C:\WINDOWS\win32k.sys:2
Address: 0xF7537000 Size: 61440 File Visible: No Signed: -
Status: -

==EOF==


============================================================



SREngLOG


2009-09-12,13:22:02

System Repair Engineer 2.8.1.1279
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 3 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been selected:
	All Boot Items (Including Registry, Startup Folders, Services and so on)
	Browser Add-ons
	Running Processes (Including process model information)
	File Associations
	Winsock Provider
	Autorun.Inf
	HOSTS File
	Process Privileges Scan
	Scheduled Tasks
	Windows Security Update Check
	API HOOK
	Hidden Process


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
	<ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
	<WMPNSCFG><; C:\Program Files\Windows Media Player\WMPNSCFG.exe>  [(Verified)Microsoft Windows Component Publisher]
	<CashFiesta><; >  [N/A]
	<MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows Component Publisher]
	<PopRock><; C:\DOCUME~1\Treant\LOCALS~1\Temp\d.exe>  [File is missing]
	<Search Protection><; C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe>  [(Verified)Yahoo! Inc.]
	<Uniblue PowerSuite><; C:\Program Files\Uniblue\PowerSuite\PowerSuite.exe>  [(Verified)Uniblue Systems]
	<updateMgr><; "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1>  [File is missing]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
	<load><; ???
?>  [N/A]
	<run><; ???
?>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
	<Zune Launcher><"C:\Program Files\Zune\ZuneLauncher.exe">  [(Verified)Microsoft Corporation]
	<Verizon_McciTrayApp><C:\Program Files\Verizon\McciTrayApp.exe>  [Motive Communications, Inc.]
	<UfSeAgnt.exe><"C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe">  [(Verified)"Trend Micro, Inc."]
	<NVMixerTray><"C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe">  [NVIDIA Corporation]
	<SunJavaUpdateSched><"C:\Program Files\Java\jre6\bin\jusched.exe">  [(Verified)"Sun Microsystems, Inc."]
	<-FreedomNeedsReboot><; "C:\Program Files\Verizon\Verizon Internet Security Suite\ZkRunOnceR.exe">  [(Verified)Radialpoint]
	<Adobe Photo Downloader><; >  [N/A]
	<Adobe Reader Speed Launcher><; "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe">  [(Verified)"Adobe Systems, Incorporated"]
	<AOL Spyware Protection><; "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe">  [File is missing]
	<AOLDialer><; C:\Program Files\Common Files\AOL\ACS\AOLDial.exe>  [File is missing]
	<HostManager><; C:\Program Files\Common Files\AOL\1124661959\EE\AOLHostManager.exe>  [File is missing]
	<iTunesHelper><; >  [N/A]
	<Kernel and Hardware Abstraction Layer><; KHALMNPR.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
	<Logitech Hardware Abstraction Layer><; KHALMNPR.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
	<LXSUPMON><; C:\WINDOWS\system32\LXSUPMON.EXE RUN>  [File is missing]
	<Motive SmartBridge><; >  [N/A]
	<Pure Networks Port Magic><; >  [N/A]
	<QuickTime Task><; "C:\Program Files\QuickTime\qttask.exe" -atboottime>  [File is missing]
	<Verizon Custom Uninstall Tracking><; >  [N/A]
	<VerizonServicepoint.exe><; "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN>  [(Verified)Radialpoint]
	<YSearchProtection><; "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe">  [(Verified)Yahoo! Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
	<shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
	<Userinit><C:\WINDOWS\system32\UserInit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
	<AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
	<UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
	<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
	<PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
	<CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
	<WebCheck><C:\WINDOWS\system32\webcheck.dll>  [(Verified)Microsoft Windows]
	<SysTray><C:\WINDOWS\System32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
	<UPnPMonitor><C:\WINDOWS\system32\upnpui.dll>  [(Verified)Microsoft Windows Component Publisher]
	<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
	<WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
	<WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
	<WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
	<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
	<WinlogonNotify: LBTWlgn><c:\program files\common files\logitech\bluetooth\LBTWlgn.dll>  [(Verified)Logitech]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
	<WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
	<WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
	<WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
	<WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
	<WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
	<WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
	<WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
	<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\System32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
	<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\System32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
	<Internet Explorer Version Update><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
	<Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
	<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
	<Browser Customizations><"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
	<Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
	<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
	<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
	<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
	<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
	<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
	<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
	<Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
	<Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
	<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
	<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [(Verified)Microsoft Corporation]

==================================
Startup Folders
N/A

==================================
Services
[Application Management / AppMgmt][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[Canon Camera Access Library 8 / CCALib8][Running/Auto Start]
  <C:\Program Files\Canon\CAL\CALMAIN.exe><Canon Inc.>
[dvpapi / dvpapi][Running/Auto Start]
  <"C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe"><Authentium, Inc.>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
  <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[CA Pest Patrol Realtime Protection Service / ITMRTSVC][Running/Auto Start]
  <"C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe"><CA, Inc.>
[Java Quick Starter / JavaQuickStarterService][Stopped/Auto Start]
  <"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Sun Microsystems, Inc.>
[Logitech Bluetooth Service / LBTServ][Stopped/Manual Start]
  <C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe><Logitech, Inc.>
[LexBce Server / LexBceS][Running/Auto Start]
  <C:\WINDOWS\system32\LEXBCES.EXE><Lexmark International, Inc.>
[LicCtrl Service / LicCtrlService][Running/Auto Start]
  <C:\WINDOWS\runservice.exe><N/A>
[npkcmsvc / npkcmsvc][Running/Auto Start]
  <C:\Nexon\Mabinogi\npkcmsvc.exe><INCA Internet Co., Ltd.>
[PDAgent / PDAgent][Running/Auto Start]
  <"C:\Program Files\Raxco\PerfectDisk\PDAgent.exe"><Raxco Software, Inc.>
[PDEngine / PDEngine][Running/Manual Start]
  <"C:\Program Files\Raxco\PerfectDisk\PDEngine.exe"><Raxco Software, Inc.>
[Verizon Internet Security Suite / Radialpoint Security Services][Stopped/Disabled]
  <"C:\Program Files\Verizon\Verizon Internet Security Suite\RpsSecurityAware.exe"><Radialpoint Inc.>
[Verizon Internet Security Suite Update Service / RPSUpdaterR][Stopped/Manual Start]
  <C:\Program Files\Verizon\Verizon Internet Security Suite\rpsupdaterR.exe><Verizon>
[Verizon Internet Security Suite Firewall / RP_FWS][Stopped/Auto Start]
  <C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe><Verizon>
[Trend Micro Central Control Component / SfCtlCom][Stopped/Auto Start]
  <"C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe"><Trend Micro Inc.>
[Trend Micro Unauthorized Change Prevention Service / TMBMServer][Stopped/Auto Start]
  <"C:\Program Files\Trend Micro\BM\TMBMSRV.exe" /service><Trend Micro Inc.>
[Trend Micro Personal Firewall / TmPfw][Stopped/Manual Start]
  <C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe><Trend Micro Inc.>
[Trend Micro Proxy Service / tmproxy][Stopped/Manual Start]
  <"C:\Program Files\Trend Micro\Internet Security\TmProxy.exe"><Trend Micro Inc.>
[Viewpoint Manager Service / Viewpoint Manager Service][Running/Auto Start]
  <"C:\Program Files\Viewpoint\Common\ViewpointService.exe"><Viewpoint Corporation>
[Windows Live Setup Service / WLSetupSvc][Stopped/Manual Start]
  <"C:\Program Files\Windows Live\installer\WLSetupSvc.exe"><Microsoft Corporation>

==================================
Drivers
[AC2003 / AC2003][Stopped/Manual Start]
  <System32\Drivers\AC2003.sys><ABIT Computer Corp.>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Dynamic Virus Protection / CSS DVP][Running/Auto Start]
  <system32\DRIVERS\css-dvp.sys><Authentium, Inc.>
[ICM532A / DCamUSBUVT][Stopped/Manual Start]
  <System32\Drivers\usbuvt.sys><IC Media Corporation>
[dump_wmimmc / dump_wmimmc][Stopped/Manual Start]
  <\??\C:\Nexon\Mabinogi\GameGuard\dump_wmimmc.sys><N/A>
[ENDETECT / ENDETECT][Stopped/Manual Start]
  <\??\C:\PROGRA~1\DSLTOO~1\DSLTOO~1\app\ENDETECT.SYS><N/A>
[GMSIPCI / GMSIPCI][Stopped/Manual Start]
  <\??\D:\INSTALL\GMSIPCI.SYS><N/A>
[L2XPSR / L2XPSR][Stopped/Manual Start]
  <\??\C:\PROGRA~1\DSLTOO~1\DSLTOO~1\app\L2XPSR.SYS><N/A>
[Logitech SetPoint Keyboard Driver / L8042Kbd][Stopped/Manual Start]
  <system32\DRIVERS\L8042Kbd.sys><Logitech, Inc.>
[SetPoint PS/2 Mouse Filter Driver / L8042mou][Stopped/Manual Start]
  <system32\DRIVERS\L8042mou.Sys><N/A>
[Logitech SetPoint KMDF HID Filter Driver / LHidFilt][Running/Manual Start]
  <system32\DRIVERS\LHidFilt.Sys><Logitech, Inc.>
[Logitech SetPoint KMDF Mouse Filter Driver / LMouFilt][Running/Manual Start]
  <system32\DRIVERS\LMouFilt.Sys><Logitech, Inc.>
[SetPoint Mouse Filter Driver / LMouKE][Stopped/Manual Start]
  <system32\DRIVERS\LMouKE.Sys><N/A>
[LOGNT / LOGNT][Stopped/Manual Start]
  <\??\C:\PROGRA~1\DSLTOO~1\DSLTOO~1\app\lognt.sys><N/A>
[Memctl / Memctl][Stopped/Manual Start]
  <\??\C:\Program Files\ABIT\FlashMenu\Memctl.sys><N/A>
[MREMPR5 NDIS Protocol Driver / MREMPR5][Stopped/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS><Motive, Inc.>
[MRENDIS5 NDIS Protocol Driver / MRENDIS5][Stopped/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS><Motive, Inc.>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\C:\Nexon\Mabinogi\npkcrypt.sys><N/A>
[npkcusb / npkcusb][Stopped/Manual Start]
  <\??\C:\Nexon\Mabinogi\npkcusb.sys><N/A>
[NPPTNT2 / NPPTNT2][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npptNT2.sys><INCA Internet Co., Ltd.>
[NTSTPL1 / NTSTPL1][Stopped/Manual Start]
  <\??\C:\PROGRA~1\DSLTOO~1\DSLTOO~1\app\NTSTPL1.SYS><N/A>
[nvatabus / nvatabus][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\nvatabus.sys><NVIDIA Corporation>
[Service for NVIDIA(R) nForce(TM) Audio Enumerator / nvax][Running/Manual Start]
  <system32\drivers\nvax.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENET][Running/Manual Start]
  <System32\DRIVERS\NVENET.sys><NVIDIA Corporation>
[Service for NVIDIA(R) nForce(TM) Audio / nvnforce][Running/Manual Start]
  <system32\drivers\nvapu.sys><NVIDIA Corporation>
[NVIDIA nForce AGP Bus Filter / nv_agp][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\nv_agp.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[BlackBerry Smartphone / RimUsb][Stopped/Manual Start]
  <System32\Drivers\RimUsb.sys><Research In Motion Limited>
[rootrepeal / rootrepeal][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\rootrepeal.sys><N/A>
[rootrepeal.bat / rootrepeal.bat][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\rootrepeal.bat.sys><N/A>
[Radialpoint Filter (x86) / RPPKT][Running/Manual Start]
  <system32\DRIVERS\rp_pkt32.sys><Radialpoint, Inc.>
[Security Services Driver (x86) / RPSKT][Running/Auto Start]
  <system32\DRIVERS\rp_skt32.sys><Radialpoint, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[Silicon Image SiI 3112 SATARaid Controller / SI3112r][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\SI3112r.sys><Silicon Image, Inc>
[SATALink driver accelerator / SiFilter][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[SoC PC-Camera / SoC PC-Camera Service][Stopped/Manual Start]
  <system32\DRIVERS\pfc027.sys><>
[TAPBIND / TAPBIND][Stopped/Manual Start]
  <\??\C:\PROGRA~1\DSLTOO~1\DSLTOO~1\app\TAPBIND1.SYS><N/A>
[tmactmon / tmactmon][Stopped/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\tmactmon.sys><Trend Micro Inc.>
[Trend Micro Common Firewall Service / tmcfw][Running/Manual Start]
  <system32\DRIVERS\TM_CFW.sys><Trend Micro Inc.>
[tmcomm / tmcomm][Stopped/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\tmcomm.sys><N/A>
[tmevtmgr / tmevtmgr][Stopped/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\tmevtmgr.sys><Trend Micro Inc.>
[TMPassthruMP / TMPassthruMP][Stopped/Manual Start]
  <system32\DRIVERS\TMPassthru.sys><N/A>
[tmpreflt / tmpreflt][Running/Auto Start]
  <system32\DRIVERS\tmpreflt.sys><Trend Micro Inc.>
[Trend Micro TDI Driver / tmtdi][Running/System Start]
  <system32\DRIVERS\tmtdi.sys><Trend Micro Inc.>
[tmxpflt / tmxpflt][Running/Auto Start]
  <system32\DRIVERS\tmxpflt.sys><Trend Micro Inc.>
[LGE CDMA Composite USB Device / usbbus][Stopped/Manual Start]
  <system32\DRIVERS\lgusbbus.sys><LG Electronics Inc.>
[LGE CDMA USB Serial Port / UsbDiag][Stopped/Manual Start]
  <system32\DRIVERS\lgusbdiag.sys><LG Electronics Inc.>
[USBIO Driver (usbio.sys) / USBIO][Stopped/Manual Start]
  <System32\Drivers\usbio.sys><Thesycon GmbH, Germany>
[LGE CDMA USB Modem / USBModem][Stopped/Manual Start]
  <system32\DRIVERS\lgusbmodem.sys><LG Electronics Inc.>
[vsapint / vsapint][Running/Auto Start]
  <system32\DRIVERS\vsapint.sys><Trend Micro Inc.>
[WAN Miniport (ATW) / wanatw][Stopped/Manual Start]
  <system32\DRIVERS\wanatw4.sys><America Online, Inc.>
[Winbond GPIO Driver1 / WBHWDOCT][Stopped/Manual Start]
  <System32\drivers\WBHWDOCT.sys><Winbond Electronics Corp.>
[WINFLASH / WINFLASH][Stopped/Manual Start]
  <\??\C:\Program Files\ABIT\FlashMenu\WinFlash.sys><N/A>
[X4HSX32 / X4HSX32][Running/Auto Start]
  <\??\C:\Program Files\GameTap\bin\Release\X4HSX32.Sys><Exent Technologies Ltd.>

==================================
Browser Add-ons
[&Yahoo! Toolbar Helper]
  {02478D38-C3F9-4EFB-9B51-7695ECA05670} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[PopKill Class]
  {3C060EA2-E6A9-4E49-A530-D4657B8C449A} <C:\Program Files\Verizon\Verizon Internet Security Suite\pkR.dll, (Signed) Radialpoint Inc.>
[Verizon Broadband Toolbar]
  {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} <, >
[Yahoo! IE Services Button]
  {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} <C:\Program Files\Yahoo!\Common\yiesrvc.dll, (Signed) Yahoo! Inc.>
[]
  {7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[Windows Live Sign-in Helper]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[Java(tm) Plug-In 2 SSV Helper]
  {DBC80044-A445-435b-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, (Signed) Sun Microsystems, Inc.>
[JQSIEStartDetectorImpl Class]
  {E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[Yahoo! IE Services Button]
  {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} <C:\Program Files\Yahoo!\Common\yiesrvc.dll, (Signed) Yahoo! Inc.>
[AIM]
  {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} <C:\Program Files\AIM\aim.exe, (Signed) America Online, Inc.>
[ICQ Lite]
  {B863453A-26C3-4e1f-A54D-A2CD196348E9} <C:\Program Files\ICQLite\ICQLite.exe, ICQ Ltd.>
[Real.com]
  {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} <C:\WINDOWS\system32\Shdocvw.dll, (Signed) Microsoft Corporation>
[]
  {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[Yahoo! Toolbar]
  {EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[Verizon Broadband Toolbar]
  {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} <, >
[Support.com Configuration Class]
  {01113300-3E00-11D2-8470-0060089874ED} <C:\WINDOWS\Downloaded Program Files\tgctlcm.dll, N/A>
[HouseCall Control]
  {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} <C:\WINDOWS\DOWNLO~1\CONFLICT.1\xscan60.ocx, N/A>
[Facebook Photo Uploader 5 Control]
  {0CCA191D-13A6-4E29-B746-314DEE697D83} <C:\WINDOWS\Downloaded Program Files\PhotoUploader5.ocx, (Signed) The Facebook>
[Shockwave ActiveX Control]
  {166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\Adobe\Director\SwDir.dll, (Signed) Adobe Systems, Inc.>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, (Signed) Microsoft Corporation>
[Trend Micro ActiveX Scan Agent 6.6]
  {215B8138-A3CF-44C5-803F-8226143CFC0A} <C:\WINDOWS\Downloaded Program Files\CONFLICT.2\Housecall_ActiveX.dll, N/A>
[Shockwave ActiveX Control]
  {233C1507-6A77-46A4-9443-F871F945D258} <C:\WINDOWS\system32\Adobe\Director\swdir.dll, (Signed) Adobe Systems, Inc.>
[DownloadManager Control]
  {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} <, >
[Installation Support]
  {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} <C:\Program Files\Yahoo!\Common\Yinsthelper.dll, (Signed) Yahoo! Inc.>
[MySpace Uploader Control]
  {48DD0448-9209-4F81-9F6D-D83562940134} <C:\WINDOWS\Downloaded Program Files\MySpaceUploader.ocx, MySpace, Inc.>
[MSN Photo Upload Tool]
  {4F1E5B1A-2A80-42CA-8532-2D05CB959537} <C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, N/A>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[System Requirements Lab Class]
  {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} <C:\WINDOWS\Downloaded Program Files\sysreqlab2.dll, N/A>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[Housecall ActiveX 6.5]
  {6E5A37BF-FD42-463A-877C-4EB7002E68AE} <C:\WINDOWS\Downloaded Program Files\Housecall_ActiveX.dll, N/A>
[NVIDIA Smart Scan]
  {74DBCB52-F298-4110-951D-AD2FF67BC8AB} <, >
[Facebook Photo Uploader 5 Control]
  {8100D56A-5661-482C-BEE8-AFECE305D968} <C:\WINDOWS\Downloaded Program Files\PhotoUploader55.ocx, (Signed) The Facebook>
[Verizon Wireless Media Upload]
  {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} <, >
[Java Plug-in 1.6.0_16]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[]
  {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} <, >
[Java Plug-in 1.6.0_07]
  {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_16]
  {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_16]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_16.dll, (Signed) Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx, (Signed) Adobe Systems, Inc.>
[CPlayFirstDinerDashControl Object]
  {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} <C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80.dll, N/A>
[]
  {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} <, >
[]
  {E2883E8F-472F-4FB0-9522-AC9BF37916A7} <, >
[]
  {00000000-0000-0000-0000-000000000000} <, >
[]
  {00000001-0000-0010-8000-00AA00389B71} <, >
[Yahoo! Lightweight version checker]
  {0006DA31-617C-4CE3-A3B6-73BE64DA63D9} <C:\Program Files\Yahoo!\Common\YVerGlance.dll, (Signed) Yahoo! Inc.>
[]
  {0006F033-0000-0000-C000-000000000046} <, >
[]
  {0006F03A-0000-0000-C000-000000000046} <, >
[IERJCtl Class]
  {00CEDC01-864D-11D3-908D-00C0F03B3EDC} <C:\Program Files\Real\RealPlayer\ierjplug.dll, RealNetworks, Inc.>
[Microsoft Works Imaging Server]
  {00E1DB59-6EFD-4CE7-8C0A-2DA3BCAAD9C6} <C:\Program Files\Microsoft Works\wkimgsrv.dll, (Signed) Microsoft® Corporation>
[Support.com Configuration Class]
  {01113300-3E00-11D2-8470-0060089874ED} <C:\WINDOWS\Downloaded Program Files\tgctlcm.dll, N/A>
[&Yahoo! Toolbar Helper]
  {02478D38-C3F9-4EFB-9B51-7695ECA05670} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[]
  {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <, >
[MetaStreamCtl Class]
  {03F998B2-0E00-11D3-A498-00104B6EB52E} <C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream_0305000D.dll, Viewpoint Corporation>
[]
  {0468C085-CA5B-11D0-AF08-00609797F0E0} <, >
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[]
  {0874A484-B3C0-432B-9312-628531081045} <, >
[McciNetSMTP Class]
  {08A3018D-4E94-4B14-BE09-E188C04BF3A1} <C:\Program Files\Common Files\Motive\McciNetX.dll, Motive Communications, Inc.>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\System32\msjava.dll, Microsoft Corporation>
[BDA Tuning Model MPEG2 Tune Request]
  {0955AC62-BF2E-4CBA-A2B9-A63F772D46CF} <C:\WINDOWS\system32\msvidctl.dll, (Signed) Microsoft Corporation>
[]
  {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} <, >
[Facebook Photo Uploader 5 Control]
  {0CCA191D-13A6-4E29-B746-314DEE697D83} <C:\WINDOWS\Downloaded Program Files\PhotoUploader5.ocx, (Signed) The Facebook>
[PeerDraw Class]
  {10072CEC-8CC1-11D1-986E-00A0C955B42E} <%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll, (Signed) N/A>
[McciUtilsFile2 Class]
  {13DD78D3-2194-419A-85AB-6EAF19E4B754} <C:\Program Files\Common Files\Motive\McciUtilsX.dll, Motive Communications, Inc.>
[Shockwave ActiveX Control]
  {166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\Adobe\Director\SwDir.dll, (Signed) Adobe Systems, Inc.>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, (Signed) Microsoft Corporation>
[SuperBuddy Class]
  {189504B8-50D1-4AA8-B4D6-95C8F58A6414} <C:\Program Files\America Online 9.0\sb.dll, America Online, Inc.>
[InformationCardSigninHelper Class]
  {19916E01-B44E-4E31-94A4-4696DF46157B} <C:\WINDOWS\system32\icardie.dll, (Signed) Microsoft Corporation>
[MetaStreamCtl Class]
  {1B00725B-C455-4DE6-BFB6-AD540AD427CD} <C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream_0305000D.dll, Viewpoint Corporation>
[]
  {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} <, >
[]
  {1E5B2693-D348-4CA7-8364-4F5E51BF9C6D} <, >
[MailClientConfigHelper Class]
  {1EBA8D52-542A-4097-91E0-69589E258ABA} <C:\Program Files\Common Files\Motive\McciAppsX.dll, Motive Communications, Inc.>
[Trend Micro ActiveX Scan Agent 6.6]
  {215B8138-A3CF-44C5-803F-8226143CFC0A} <C:\WINDOWS\Downloaded Program Files\CONFLICT.2\Housecall_ActiveX.dll, N/A>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[Shockwave ActiveX Control]
  {233C1507-6A77-46A4-9443-F871F945D258} <C:\WINDOWS\system32\Adobe\Director\swdir.dll, (Signed) Adobe Systems, Inc.>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[MailNewsAccountParameters Class]
  {264641C3-D215-4773-8437-EC658D6EDB10} <C:\Program Files\Common Files\Motive\McciAppsX.dll, Motive Communications, Inc.>
[]
  {2670000A-7350-4F3C-8081-5663EE0C6C49} <, >
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XSL Template]
  {2933BF94-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[McciLog Class]
  {2C1A5446-45E1-412F-BF68-EBFBB8405A1B} <C:\Program Files\Common Files\Motive\McciLogX.dll, Motive Communications, Inc.>
[]
  {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} <, >
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[McciNetPing Class]
  {2E13BB93-7F91-4DFB-B754-5135B0453D22} <C:\Program Files\Common Files\Motive\McciNetX.dll, Motive Communications, Inc.>
[McciSysNetWirelessEncryptionConstant Class]
  {2EF50893-29FE-4827-9AFC-64082D71442A} <C:\Program Files\Common Files\Motive\McciSysNetX.dll, Motive Communications, Inc.>
[RealPlayer RAM Download Handler]
  {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[HtmlDlgSafeHelper Class]
  {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, (Signed) Microsoft Corporation>
[Installation Support]
  {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} <C:\Program Files\Yahoo!\Common\Yinsthelper.dll, (Signed) Yahoo! Inc.>
[McciSysNetAdapterCriteriaConstant Class]
  {31C7C77A-BC11-41DC-8DA2-8224600DB0AD} <C:\Program Files\Common Files\Motive\McciSysNetX.dll, Motive Communications, Inc.>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, (Signed) Microsoft Corporation>
[AccountDataDictionary Class]
  {339AE6CA-DFE4-4C4B-B628-C05AC7E2462E} <C:\Program Files\Common Files\Motive\McciAppsX.dll, Motive Communications, Inc.>
[]
  {343CE214-9998-4B21-A151-FFE970167297} <, >
[McciSysDisk Class]
  {350D02A9-62C4-4B9A-9114-AF9ABE5053BA} <C:\Program Files\Common Files\Motive\McciSysX.dll, Motive Communications, Inc.>
[McciSysIdentification Class]
  {35FE37C0-96D9-4A37-976A-4EBFB653DDEA} <C:\Program Files\Common Files\Motive\McciSysX.dll, Motive Communications, Inc.>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, (Signed) Microsoft Corporation>
[PopKill Class]
  {3C060EA2-E6A9-4E49-A530-D4657B8C449A} <C:\Program Files\Verizon\Verizon Internet Security Suite\pkR.dll, (Signed) Radialpoint Inc.>
[McciEventStatRetriever Class]
  {3EEC59CC-1F1E-42AC-9E9D-32BAC3D126D1} <C:\Program Files\Common Files\Motive\McciEventX.dll, Motive Communications, Inc.>
[]
  {4063BE15-3B08-470D-A0D5-B37161CFFD69} <, >
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[MySpace Uploader Control]
  {48DD0448-9209-4F81-9F6D-D83562940134} <C:\WINDOWS\Downloaded Program Files\MySpaceUploader.ocx, MySpace, Inc.>
[Verizon Broadband Toolbar]
  {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} <, >
[]
  {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} <, >
[Microsoft Terminal Services Client Control (redist)]
  {4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[McciUtilsSpecialFolder Class]
  {4EC99A0B-E57C-4FBE-B9C4-8428424FBF88} <C:\Program Files\Common Files\Motive\McciUtilsX.dll, Motive Communications, Inc.>
[Microsoft Terminal Services Client Control (redist)]
  {4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[]
  {4F07F79F-087F-42CF-8B36-7A88D06088E9} <C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC8~1.DLL, (Signed) Microsoft Corporation>
[McciSysNetWirelessAccessTypeConstant Class]
  {50D19FFC-9FFF-468A-B32F-8748E96D395A} <C:\Program Files\Common Files\Motive\McciSysNetX.dll, Motive Communications, Inc.>
[McciSysSCM Class]
  {528BF874-2681-4CE3-8C62-AA0D3BC0A719} <C:\Program Files\Common Files\Motive\McciSysX.dll, Motive Communications, Inc.>
[McciUtilsPath Interface]
  {545F0C50-D82C-423E-90F5-B64B8FDA2289} <C:\Program Files\Common Files\Motive\McciUtilsX.dll, Motive Communications, Inc.>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[isInstalled Class]
  {5852F5ED-8BF4-11D4-A245-0080C6F74284} <C:\Program Files\Java\jre6\bin\wsdetect.dll, Sun Microsystems, Inc.>
[YahooBridge Class]
  {58916BE6-BAFF-4F33-AEFE-B2AA03FE4C86} <C:\Program Files\Yahoo!\Messenger\YahooBridgeLib.dll, Fog Creek Software, Inc.>
[Yahoo! IE Services Button]
  {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} <C:\Program Files\Yahoo!\Common\yiesrvc.dll, (Signed) Yahoo! Inc.>
[McciUtilsDirectory2 Class]
  {637E07C0-56A8-41E5-85E8-52DAE23F3091} <C:\Program Files\Common Files\Motive\McciUtilsX.dll, Motive Communications, Inc.>
[MCCWrapperObj Class]
  {63BAECA2-9E3C-45DE-B2B1-BBC5FA99958E} <C:\Program Files\Common Files\Motive\MCCWrapper_DSR.dll, Motive Communications, Inc.>
[McciNetPOP3 Class]
  {63C75619-EC16-4095-9B0A-E615E47B3978} <C:\Program Files\Common Files\Motive\McciNetX.dll, Motive Communications, Inc.>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[YahooTaggedBM Class]
  {65D886A2-7CA7-479B-BB95-14D1EFB7946A} <C:\Program Files\Yahoo!\Common\YIeTagBm.dll, (Signed) Yahoo! Inc.>
[System Requirements Lab Class]
  {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} <C:\WINDOWS\Downloaded Program Files\sysreqlab2.dll, N/A>
[DivXBrowserPlugin Object]
  {67DABFBF-D0AB-41FA-9C46-CC0F21721616} <, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[]
  {6FD31ED6-7C94-4BBC-8E95-F927F4D3A949} <, >
[McciUtilsPlatform2 Class]
  {71FFA580-18B2-4B76-8D43-EB3DBBC2DC87} <C:\Program Files\Common Files\Motive\McciUtilsX.dll, Motive Communications, Inc.>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
[Windows Script Host Shell Object]
  {72C24DD5-D70A-438B-8A42-98424B88AFB8} <C:\WINDOWS\System32\wshom.ocx, (Signed) Microsoft Corporation>
[Microsoft Terminal Services Client Control (redist)]
  {7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[NVIDIA Smart Scan]
  {74DBCB52-F298-4110-951D-AD2FF67BC8AB} <, >
[Microsoft Terminal Services Client Control (redist)]
  {7584c670-2274-4efb-b00b-d6aaba6d3850} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <, >
[McciUtilsFileProcessor Class]
  {76947A08-DFBC-48F3-977F-5612E575B6B1} <C:\Program Files\Common Files\Motive\McciUtilsX.dll, Motive Communications, Inc.>
[COM+ Transaction Context Component]
  {7999FC25-D3C6-11CF-ACAB-00A024A55AEF} <C:\WINDOWS\system32\comsvcs.dll, (Signed) Microsoft Corporation>
[]
  {7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[Yahoo! Installer Plugin for Widgets]
  {7EC7B6C5-25BD-4586-A641-D2ACBB6629DD} <C:\Program Files\Yahoo!\Common\YDPCTL.dll, (Signed) Yahoo! Inc.>
[]
  {7FC1B346-83E6-4774-8D20-1A6B09B0E737} <, >
[McciUtilsFileInfo Class]
  {807AC6CA-2C63-4FBD-93CB-34C0B57B0ABD} <C:\Program Files\Common Files\Motive\McciUtilsX.dll, Motive Communications, Inc.>
[Facebook Photo Uploader 5 Control]
  {8100D56A-5661-482C-BEE8-AFECE305D968} <C:\WINDOWS\Downloaded Program Files\PhotoUploader55.ocx, (Signed) The Facebook>
[GameTap Browser Helper]
  {8341852B-7120-4F19-8FB1-D1BAABEC000C} <C:\PROGRA~1\GameTap\bin\Release\BROWSE~1.OCX, (Signed) Turner Broadcasting System, Inc. ("TBS")>
[YDPProxy Class]
  {836FFDEA-A437-4CA2-AA9E-C79B7293D70E} <C:\Program Files\Yahoo!\Common\YDPCTL.dll, (Signed) Yahoo! Inc.>
[]
  {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} <, >
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[XML DOM Document 4.0]
  {88D969C0-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[Free Threaded XML DOM Document 4.0]
  {88D969C1-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XSL Template 4.0]
  {88D969C3-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML HTTP 4.0]
  {88D969C5-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML DOM Document 5.0]
  {88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, (Signed) Microsoft Corporation>
[Free Threaded XML DOM Document 5.0]
  {88D969E6-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, (Signed) Microsoft Corporation>
[XSL Template 5.0]
  {88D969E8-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, (Signed) Microsoft Corporation>
[XML HTTP 5.0]
  {88D969EA-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, (Signed) Microsoft Corporation>
[XML DOM Document 6.0]
  {88D96A05-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[Free Threaded XML DOM Document 6.0]
  {88D96A06-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XSL Template 6.0]
  {88D96A08-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XML HTTP 6.0]
  {88D96A0A-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[Java Plug-in 1.6.0_16]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[RegConfig Class]
  {8B7D2210-CC81-4F59-A486-4409FB485D4A} <C:\Program Files\Verizon\vzTCPConfig.dll, (Signed) Verizon Internet Solutions>
[McciSysCPU Class]
  {8E36CB36-A412-42D1-ACA5-AF073D99D0B4} <C:\Program Files\Common Files\Motive\McciSysX.dll, Motive Communications, Inc.>
[McciSM Class]
  {8FD68625-2346-418A-8899-67CB36B1917F} <C:\Program Files\Common Files\Motive\McciSMX.dll, Motive Communications, Inc.>
[]
  {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <, >
[Windows Live Sign-in Helper]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[Microsoft Terminal Services Client Control (redist)]
  {9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[Yahoo! Webcam Viewer]
  {9D39223E-AE8E-11D4-8FD3-00D0B7730277} <C:\Program Files\Yahoo!\Messenger\ywcvwr.dll, Yahoo! Inc.>
[Skype Detection Object]
  {9E385F0A-0BA2-430C-96AA-4399C5E40F6C} <, >
[McciSysNetWirelessEncryptionStatusConstant Class]
  {A3F0EDA5-A97A-458B-B73A-52CC0D25F408} <C:\Program Files\Common Files\Motive\McciSysNetX.dll, Motive Communications, Inc.>
[McciUtilsRegistry Class]
  {A6FF3C3C-F33A-4269-9300-2682DB3B3441} <C:\Program Files\Common Files\Motive\McciUtilsX.dll, Motive Communications, Inc.>
[]
  {A7327C09-B521-4EDB-8509-7D2660C9EC98} <, >
[WMEncProfileManager Class]
  {A8D3AD02-7508-4004-B2E9-AD33F087F43C} <C:\Program Files\Windows Media Components\Encoder\WMEX.dll, Microsoft Corporation>
[McciUtilsCryptoUtils Class]
  {A98CDA82-48AA-4818-9831-779212F322C9} <C:\Program Files\Common Files\Motive\McciUtilsX.dll, Motive Communications, Inc.>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, (Signed) Microsoft Corporation>
[Yahoo! Mail Attachment Control]
  {AA218328-0EA8-4D70-8972-E987A9190FF4} <C:\Program Files\Yahoo!\Common\YMMAPI.dll, (Signed) Yahoo! Inc.>
[McciSysWindowsFirewall Class]
  {AC132E8F-7B65-405B-A833-507DD795237F} <C:\Program Files\Common Files\Motive\McciSysX.dll, Motive Communications, Inc.>
[]
  {AC9E2541-2814-11D5-BC6D-00B0D0A1DE45} <, >
[]
  {AD6B80C5-616D-4E4A-94A5-3FD0D8B5DBC1} <, >
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, (Signed) N/A>
[]
  {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} <, >
[]
  {B69003B3-C55E-4B48-836C-BC5946FC3B28} <C:\Program Files\Messenger\msgsc.dll, (Signed) Microsoft Corporation>
[]
  {B863453A-26C3-4E1F-A54D-A2CD196348E9} <, >
[AIM OLE Automation Protocol Handler]
  {BAEB32D0-732D-11D2-8BF4-0060B0A4A9EA} <, >
[McciHTTPClient Class]
  {BB3B91F7-1070-4BFD-AA42-6C523B9162B9} <C:\Program Files\Common Files\Motive\McciHTTPX.dll, Motive Communications, Inc.>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, (Signed) Microsoft Corporation>
[&Discuss]
  {BDEADE7F-C265-11D0-BCED-00A0C90AB50F} <shdocvw.dll, Microsoft Corporation>
[WebBrowserConfigHelper Class]
  {C55DCDBF-2690-4E6D-BDE2-9BE47B1B1BBE} <C:\Program Files\Common Files\Motive\McciAppsX.dll, Motive Communications, Inc.>
[Microsoft Office 12 Authorization Control]
  {C9712B19-838B-45A5-ABF2-9A315DDDED50} <C:\PROGRA~1\MICROS~2\Office12\AUTHZAX.DLL, (Signed) Microsoft Corporation>
[Adobe PDF Reader]
  {CA8A9780-280D-11CF-A24D-444553540000} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll, (Signed) Adobe Systems, Inc.>
[Deployment Toolkit]
  {CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} <C:\WINDOWS\system32\deploytk.dll, (Signed) Sun Microsystems, Inc.>
[McciUtilsPrivileges Class]
  {CC20493B-D31E-428E-A4D0-E3852EE334B2} <C:\Program Files\Common Files\Motive\McciUtilsX.dll, Motive Communications, Inc.>
[AUDIO__MID Moniker Class]
  {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__WAV Moniker Class]
  {CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__AVI Moniker Class]
  {CD3AFA88-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__MPEG Moniker Class]
  {CD3AFA89-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[]
  {CD67F990-D8E9-11D2-98FE-00C0F0318AFE} <, >
[SecurityManager Class]
  {CEDDF50D-9FA7-41A8-BCD0-6350D1ED2306} <C:\Program Files\Common Files\Motive\BJAXSecurityManager.dll, Motive Communications, Inc.>
[]
  {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} <, >
[Microsoft Url Search Hook]
  {CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[Msxml]
  {CFC399AF-D876-11D0-9C10-00C04FC99C8E} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Windows Live Sign-in Control]
  {D2517915-48CE-4286-970F-921E881B8C5C} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[]
  {D27CDB6E-AE6D-11CF-96B8-444553538000} <, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx, (Signed) Adobe Systems, Inc.>
[Yahoo! VersionInfo]
  {D5184A39-CBDF-4A4F-AC1A-7A45A852C883} <C:\Program Files\Yahoo!\Common\YVerInfo.dll, (Signed) Yahoo! Inc.>
[MessengerChecker Class]
  {DA4F543C-C8A9-4E88-9A79-548CBB46F18F} <C:\Program Files\Yahoo!\Messenger\YPagerChecker.dll, (Signed) Yahoo! Inc.>
[Java(tm) Plug-In 2 SSV Helper]
  {DBC80044-A445-435B-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, (Signed) Sun Microsystems, Inc.>
[Yahoo! Webcam Upload]
  {DCE2F8B1-A520-11D4-8FD0-00D0B7730277} <C:\Program Files\Yahoo!\Messenger\ywcupl.dll, Yahoo! Inc.>
[]
  {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <, >
[McciSysProcess Class]
  {DEF05203-B9AE-491A-B5D6-8E41D9D02FC7} <C:\Program Files\Common Files\Motive\McciSysX.dll, Motive Communications, Inc.>
[]
  {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} <, >
[McciNetTcpClientSocket Class]
  {E0537AC6-146B-499E-8680-917BAE9706A1} <C:\Program Files\Common Files\Motive\McciNetX.dll, Motive Communications, Inc.>
[WebBrowserType Class]
  {E0FEE963-BB53-4215-81AD-B28C77384644} <C:\Program Files\Common Files\Motive\McciAppsX.dll, Motive Communications, Inc.>
[]
  {E13AAC70-70AE-4988-808C-B267F2C20E79} <, >
[]
  {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC8~1.DLL, (Signed) Microsoft Corporation>
[McciSysRAM Class]
  {E29CA232-286B-423C-A67B-B9E5A32ECF00} <C:\Program Files\Common Files\Motive\McciSysX.dll, Motive Communications, Inc.>
[]
  {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[]
  {E53458D2-5A83-4BD1-8DE2-EEEBE73BAB77} <, >
[]
  {E596DF5F-4239-4D40-8367-EBADF0165917} <, >
[Messenger Class]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <, >
[WebViewFolderIcon Class]
  {E5DF9D10-3B52-11D1-83E8-00A0C90DC849} <C:\WINDOWS\System32\webvw.dll, (Signed) Microsoft Corporation>
[MailClientType Class]
  {E7352BAC-43C4-44B0-92A7-CF57D71983DA} <C:\Program Files\Common Files\Motive\McciAppsX.dll, Motive Communications, Inc.>
[JQSIEStartDetectorImpl Class]
  {E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[]
  {E8BB94CB-7C06-445D-8DBC-6E4CCAC1F905} <, >
[McciUtilsFileDirectoryCodes Class]
  {EA277CDC-A2CE-4FB1-A757-284F7C7650D6} <C:\Program Files\Common Files\Motive\McciUtilsX.dll, Motive Communications, Inc.>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[Yahoo! Toolbar]
  {EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[]
  {F06608C7-1874-4EEA-B3B2-DF99EBB144B8} <C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC8~1.DLL, (Signed) Microsoft Corporation>
[McciSysModuleInfo Class]
  {F4B4E3B3-7019-418F-A983-2902DB0998E2} <C:\Program Files\Common Files\Motive\McciSysX.dll, Motive Communications, Inc.>
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[Free Threaded XML DOM Document 3.0]
  {F5078F33-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XSL Template 3.0]
  {F5078F36-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[Free Threaded XML DOM Document]
  {F6D90F12-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[McciSysNetNetwork Class]
  {F7808D00-B85D-4584-8255-A6E52B042FDE} <C:\Program Files\Common Files\Motive\McciSysNetX.dll, Motive Communications, Inc.>
[]
  {F8AD5AA5-D966-4667-9DAF-2561D68B2012} <, >
[McciUtilsGUIDGen Class]
  {F8FA8430-B094-462D-9376-32E521B0DA6F} <C:\Program Files\Common Files\Motive\McciUtilsX.dll, Motive Communications, Inc.>
[]
  {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[IERPCtl Class]
  {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} <C:\Program Files\Real\RealPlayer\rpplugins\ierpplug.dll, RealNetworks, Inc.>
[&AOL Toolbar search]
  <res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML, N/A>
[E&xport to Microsoft Excel]
  <res://E:\Office12\EXCEL.EXE/3000, N/A>
[Send Image to Phone]
  <http://www.freeringers.net/ezimage.php, N/A>

==================================
Running Processes
[PID: 1044 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1196 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1224 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
	[C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4129]
	[c:\program files\common files\logitech\bluetooth\LBTWlgn.dll]  [Logitech, Inc., 4.24.99]
	[c:\program files\common files\logitech\bluetooth\LBTServ.dll]  [Logitech, Inc., 4.24.99]
	[C:\Program Files\CA\PPRT\bin\CACheck.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAHook.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAServer.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\CA\PPRT\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 1276 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
	[C:\Program Files\CA\PPRT\bin\CACheck.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAHook.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAServer.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\CA\PPRT\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 1288 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[PID: 1480 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4129]
	[C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2500]
[PID: 1496 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[C:\Program Files\CA\PPRT\bin\CACheck.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAHook.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAServer.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\CA\PPRT\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 1592 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[\\?\globalroot\Device\__max++>\A0A13826.x86.dll]  [N/A, ]
	[C:\Program Files\CA\PPRT\bin\CACheck.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAHook.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAServer.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\CA\PPRT\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 1748 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[\\?\globalroot\Device\__max++>\A0A13826.x86.dll]  [N/A, ]
	[C:\Program Files\CA\PPRT\bin\CACheck.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAHook.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAServer.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\CA\PPRT\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 1780 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[C:\Program Files\CA\PPRT\bin\CACheck.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAHook.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAServer.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\CA\PPRT\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 196 / Treant][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4129]
	[C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2500]
[PID: 264 / Treant][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
	[C:\Program Files\CA\PPRT\bin\CACheck.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAHook.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAServer.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\CA\PPRT\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
	[\\?\globalroot\Device\__max++>\A0A13826.x86.dll]  [N/A, ]
	[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 8.1.0.0]
	[C:\Program Files\Yahoo!\Common\YMMAPI.dll]  [Yahoo! Inc., 2005, 1, 1, 12]
	[C:\Program Files\ICQLite\ICQLiteShell.dll]  [, 20, 34, 2321, 0]
	[C:\Program Files\Verizon\Verizon Internet Security Suite\AVCntxtR.dll]  [Radialpoint Inc., 6.0.3.27063]
	[C:\Program Files\Trend Micro\Internet Security\Tmdshell.dll]  [Trend Micro Inc., 16.05.0.1015]
	[C:\Program Files\Trend Micro\Internet Security\SfPxSt32.dll]  [Trend Micro Inc., 16.10.0.1079]
	[C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
	[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 8.0.0.2006102200]
	[C:\Program Files\HighMAT CD Writing Wizard\HMTCD.dll]  [, 1.1.1905.1]
[PID: 404 / NETWORK SERVICE][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[C:\Program Files\CA\PPRT\bin\CACheck.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAHook.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAServer.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\CA\PPRT\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
	[\\?\globalroot\Device\__max++>\A0A13826.x86.dll]  [N/A, ]
[PID: 528 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[\\?\globalroot\Device\__max++>\A0A13826.x86.dll]  [N/A, ]
	[C:\Program Files\CA\PPRT\bin\CACheck.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAHook.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAServer.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\CA\PPRT\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 744 / SYSTEM][C:\WINDOWS\system32\LEXBCES.EXE]  [Lexmark International, Inc., 7.1]
	[C:\WINDOWS\system32\lexp2p32.dll]  [Lexmark International, Inc., 7.1]
	[C:\WINDOWS\system32\lex2kusb.dll]  [Lexmark International, Inc., 7.1]
[PID: 780 / SYSTEM][C:\WINDOWS\system32\LEXPPS.EXE]  [Lexmark International, Inc., 7.1]
	[\\?\globalroot\Device\__max++>\A0A13826.x86.dll]  [N/A, ]
	[C:\WINDOWS\system32\LEXBCE.DLL]  [Lexmark International, Inc., 7.1]
[PID: 1776 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[C:\Program Files\CA\PPRT\bin\CACheck.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAHook.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAServer.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\CA\PPRT\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 1324 / SYSTEM][C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe]  [Authentium, Inc., 4,94,107,521]
[PID: 2028 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[C:\Program Files\CA\PPRT\bin\CACheck.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAHook.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAServer.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\CA\PPRT\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 116 / SYSTEM][C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAServer.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\CA\PPRT\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 236 / SYSTEM][C:\WINDOWS\runservice.exe]  [N/A, ]
	[C:\WINDOWS\mmfs.dll]  [, 2.0.10.2]
[PID: 332 / SYSTEM][C:\Nexon\Mabinogi\npkcmsvc.exe]  [INCA Internet Co., Ltd., 2007, 8, 2, 1]
[PID: 348 / SYSTEM][C:\Program Files\Raxco\PerfectDisk\PDAgent.exe]  [Raxco Software, Inc., 8, 0, 0, 57]
	[C:\Program Files\Raxco\PerfectDisk\PDCommon.dll]  [Raxco Software, Inc., 8, 0, 0, 57]
	[C:\Program Files\Raxco\PerfectDisk\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\Raxco\PerfectDisk\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
	[C:\Program Files\Raxco\PerfectDisk\PDDb.dll]  [, 8, 0, 0, 57]
	[C:\Program Files\Raxco\PerfectDisk\sqlite3.dll]  [, 8, 0, 0, 57]
	[C:\Program Files\Raxco\PerfectDisk\PDLangEN.dll]  [Raxco Software, Inc., 8, 0, 0, 57]
	[C:\Program Files\Raxco\PerfectDisk\PDEngineps.dll]  [Raxco Software, Inc., 8, 0, 0, 57]
[PID: 972 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[C:\Program Files\CA\PPRT\bin\CACheck.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAHook.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAServer.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\CA\PPRT\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 1060 / SYSTEM][C:\Program Files\Viewpoint\Common\ViewpointService.exe]  [Viewpoint Corporation, 2, 0, 0, 54]
[PID: 1352 / SYSTEM][C:\WINDOWS\system32\ZuneBusEnum.exe]  [Microsoft Corporation, 3.1.620.0 (ZUNE_DORADO_V3.01_RTM(pegblder).081110-1150)]
	[\\?\globalroot\Device\__max++>\A0A13826.x86.dll]  [N/A, ]
[PID: 2100 / NETWORK SERVICE][C:\Program Files\Windows Media Player\WMPNetwk.exe]  [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
	[\\?\globalroot\Device\__max++>\A0A13826.x86.dll]  [N/A, ]
[PID: 2376 / SYSTEM][C:\Program Files\Canon\CAL\CALMAIN.exe]  [Canon Inc., 8, 2, 0, 1]
[PID: 2424 / SYSTEM][C:\Program Files\Raxco\PerfectDisk\PDEngine.exe]  [Raxco Software, Inc., 8, 0, 0, 57]
	[C:\Program Files\Raxco\PerfectDisk\PDCommon.dll]  [Raxco Software, Inc., 8, 0, 0, 57]
	[C:\Program Files\Raxco\PerfectDisk\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\Raxco\PerfectDisk\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
	[C:\Program Files\Raxco\PerfectDisk\PDDb.dll]  [, 8, 0, 0, 57]
	[C:\Program Files\Raxco\PerfectDisk\sqlite3.dll]  [, 8, 0, 0, 57]
	[C:\Program Files\Raxco\PerfectDisk\PDLangEN.dll]  [Raxco Software, Inc., 8, 0, 0, 57]
	[C:\Program Files\Raxco\PerfectDisk\PDEngineps.dll]  [Raxco Software, Inc., 8, 0, 0, 57]
[PID: 2736 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
	[\\?\globalroot\Device\__max++>\A0A13826.x86.dll]  [N/A, ]
[PID: 3584 / Treant][C:\Program Files\Zune\ZuneLauncher.exe]  [Microsoft Corporation, 3.1.620.0 (ZUNE_DORADO_V3.01_RTM(pegblder).081110-1150)]
[PID: 3628 / SYSTEM][C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe]  [Viewpoint Corporation, 2, 0, 0, 54]
	[C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrCore.dll]  [Viewpoint Corporation, 2, 0, 0, 54]
[PID: 584 / Treant][C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe]  [NVIDIA Corporation, 1.0.444]
	[C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerENU.dll]  [NVIDIA Corporation, 1.0.444]
	[C:\Program Files\Common Files\NVIDIA Shared\Audio\NVAudioMod.dll]  [NVIDIA Corporation, 1.0.444]
[PID: 1160 / Treant][C:\Program Files\Java\jre6\bin\jusched.exe]  [Sun Microsystems, Inc., 6.0.160.1]
[PID: 2240 / Treant][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 2688 / Treant][C:\Program Files\Windows Media Player\WMPNSCFG.exe]  [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[PID: 544 / Treant][C:\Program Files\Mozilla Firefox\firefox.exe]  [Mozilla Corporation, 1.9.1.3]
	[C:\Program Files\Mozilla Firefox\xul.dll]  [Mozilla Foundation, 1.9.1.3]
	[C:\Program Files\Mozilla Firefox\sqlite3.dll]  [sqlite.org, 3.6.10]
	[C:\Program Files\Mozilla Firefox\MOZCRT19.dll]  [Mozilla Foundation, 8.00.0000]
	[C:\Program Files\Mozilla Firefox\js3250.dll]  [Netscape Communications Corporation, 4.0]
	[C:\Program Files\Mozilla Firefox\nspr4.dll]  [Mozilla Foundation, 4.8]
	[C:\Program Files\Mozilla Firefox\smime3.dll]  [Mozilla Foundation, 3.12.3.1 Basic ECC]
	[C:\Program Files\Mozilla Firefox\nss3.dll]  [Mozilla Foundation, 3.12.3.1 Basic ECC]
	[C:\Program Files\Mozilla Firefox\nssutil3.dll]  [Mozilla Foundation, 3.12.3.1]
	[C:\Program Files\Mozilla Firefox\plc4.dll]  [Mozilla Foundation, 4.8]
	[C:\Program Files\Mozilla Firefox\plds4.dll]  [Mozilla Foundation, 4.8]
	[C:\Program Files\Mozilla Firefox\ssl3.dll]  [Mozilla Foundation, 3.12.3.1 Basic ECC]
	[C:\Program Files\Mozilla Firefox\xpcom.dll]  [Mozilla Foundation, 1.9.1.3]
	[C:\Program Files\CA\PPRT\bin\CACheck.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAHook.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAServer.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\CA\PPRT\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
	[C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll]  [Mozilla Foundation, 1.9.1.3]
	[\\?\globalroot\Device\__max++>\A0A13826.x86.dll]  [N/A, ]
	[C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll]  [Mozilla Foundation, 1.9.1.3]
	[C:\Program Files\Mozilla Firefox\softokn3.dll]  [Mozilla Foundation, 3.12.3.1 Basic ECC]
	[C:\Program Files\Mozilla Firefox\nssdbm3.dll]  [Mozilla Foundation, 3.12.3.1 Basic ECC]
	[C:\Program Files\Mozilla Firefox\freebl3.dll]  [Mozilla Foundation, 3.12.3.1 Basic ECC]
	[C:\Program Files\Mozilla Firefox\nssckbi.dll]  [Mozilla Foundation, 1.75]
	[C:\Program Files\Mozilla Firefox\plugins\npnul32.dll]  [mozilla.org, 1, 0, 0, 15]
	[C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll]  [Sun Microsystems, Inc., 6.0.160.1]
	[C:\PROGRA~1\Java\jre6\bin\client\jvm.dll]  [Sun Microsystems, Inc., 14.2.0.01]
	[C:\PROGRA~1\Java\jre6\bin\verify.dll]  [Sun Microsystems, Inc., 6.0.160.1]
	[C:\PROGRA~1\Java\jre6\bin\java.dll]  [Sun Microsystems, Inc., 6.0.160.1]
	[C:\PROGRA~1\Java\jre6\bin\hpi.dll]  [Sun Microsystems, Inc., 6.0.160.1]
	[C:\PROGRA~1\Java\jre6\bin\zip.dll]  [Sun Microsystems, Inc., 6.0.160.1]
	[C:\Program Files\Java\jre6\bin\jp2native.dll]  [, ]
	[C:\Program Files\Java\jre6\bin\deploy.dll]  [Sun Microsystems, Inc., 6.0.160.1]
	[C:\Program Files\Java\jre6\bin\msvcr71.dll]  [Microsoft Corporation, 7.10.3052.4]
	[C:\Program Files\Java\jre6\bin\net.dll]  [Sun Microsystems, Inc., 6.0.160.1]
	[C:\Program Files\Java\jre6\bin\nio.dll]  [Sun Microsystems, Inc., 6.0.160.1]
	[C:\Program Files\Java\jre6\bin\regutils.dll]  [Sun Microsystems, Inc., 6.0.160.1]
[PID: 2956 / Treant][C:\Program Files\Java\jre6\bin\java.exe]  [Sun Microsystems, Inc., 6.0.160.1]
	[C:\Program Files\Java\jre6\bin\msvcr71.dll]  [Microsoft Corporation, 7.10.3052.4]
	[C:\Program Files\Java\jre6\bin\client\jvm.dll]  [Sun Microsystems, Inc., 14.2.0.01]
	[C:\Program Files\Java\jre6\bin\verify.dll]  [Sun Microsystems, Inc., 6.0.160.1]
	[C:\Program Files\Java\jre6\bin\java.dll]  [Sun Microsystems, Inc., 6.0.160.1]
	[C:\Program Files\Java\jre6\bin\hpi.dll]  [Sun Microsystems, Inc., 6.0.160.1]
	[C:\Program Files\Java\jre6\bin\zip.dll]  [Sun Microsystems, Inc., 6.0.160.1]
	[C:\Program Files\Java\jre6\bin\jp2native.dll]  [, ]
	[C:\Program Files\Java\jre6\bin\deploy.dll]  [Sun Microsystems, Inc., 6.0.160.1]
	[C:\Program Files\Java\jre6\bin\regutils.dll]  [Sun Microsystems, Inc., 6.0.160.1]
	[C:\Program Files\Java\jre6\bin\net.dll]  [Sun Microsystems, Inc., 6.0.160.1]
	[C:\Program Files\Java\jre6\bin\nio.dll]  [Sun Microsystems, Inc., 6.0.160.1]
	[C:\Program Files\Java\jre6\bin\awt.dll]  [Sun Microsystems, Inc., 6.0.160.1]
	[C:\Program Files\Java\jre6\bin\fontmanager.dll]  [Sun Microsystems, Inc., 6.0.160.1]
	[\\?\globalroot\Device\__max++>\A0A13826.x86.dll]  [N/A, ]
	[C:\Documents and Settings\Treant\Local Settings\Temp\jkos-Treant\binaries\kosglue-7.0.26.0.dll]  [Kaspersky Lab, 7.0.26.0]
	[C:\Documents and Settings\Treant\Local Settings\Temp\jkos-Treant\binaries\kave.dll]  [Kaspersky Lab., 5, 0, 1, 86]
	[C:\Documents and Settings\Treant\Local Settings\Temp\jkos-Treant\binaries\FSSync.dll]  [Kaspersky Lab, 6.0.5.678]
[PID: 452 / Treant][C:\WINDOWS\system32\wuauclt.exe]  [(Verified) Microsoft Corporation, 7.2.6001.788 (winmain_oob/wu_wsuswlc(wmbla).081016-1330)]
[PID: 3380 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[C:\Program Files\CA\PPRT\bin\CACheck.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAHook.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\CAServer.dll]  [CA, Inc., 1.1.0.32]
	[C:\Program Files\CA\PPRT\bin\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\CA\PPRT\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 2860 / Treant][C:\WINDOWS\system32\wscntfy.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
[PID: 2816 / Treant][C:\Documents and Settings\Treant\My Documents\Downloads\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.1.1279]
[PID: 3968 / Treant][C:\Documents and Settings\Treant\My Documents\Downloads\sreng2\SRE37896b96.EXE]  [Smallfrogs Studio, 2.8.1.1279]
	[C:\Documents and Settings\Treant\My Documents\Downloads\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
	[\\?\globalroot\Device\__max++>\A0A13826.x86.dll]  [N/A, ]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1	   localhost

==================================
Process Privileges Scan
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 236, C:\WINDOWS\RUNSERVICE.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1060, C:\PROGRAM FILES\VIEWPOINT\COMMON\VIEWPOINTSERVICE.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2376, C:\PROGRAM FILES\CANON\CAL\CALMAIN.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 584, C:\PROGRAM FILES\NVIDIA CORPORATION\NVMIXER\NVMIXERTRAY.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3448, C:\DOCUMENTS AND SETTINGS\TREANT\LOCAL SETTINGS\TEMP\JKOS-TREANT\BINARIES\SCANNINGPROCESS.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2816, C:\DOCUMENTS AND SETTINGS\TREANT\MY DOCUMENTS\DOWNLOADS\SRENG2\SRENGLDR.EXE]

==================================
Scheduled Tasks
[Enabled] User_Feed_Synchronization-{090D7BDC-827F-4964-9E20-AE9A39EB520D}.job
		C:\WINDOWS\system32\msfeedssync.exe 
[Enabled] Uniblue SpyEraser.job
		C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe 
[Enabled] Uniblue SpeedUpMyPC.job
		C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe 
[Enabled] Uniblue SpeedUpMyPC Nag.job
		C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe 
[Enabled] MP Scheduled Scan.job
		C:\Program Files\Windows Defender\MpCmdRun.exe 
[Enabled] {BB65B0FB-5712-401b-B616-E69AC55E2757}.job
		C:\DOCUME~1\Treant\LOCALS~1\Temp\d.exe 
[Enabled] {7B02EF0B-A410-4938-8480-9BA26420A627}.job
		C:\WINDOWS\msb.exe 

==================================
Windows Security Update Check
KB934737,  Excel Viewer 2003 Service Pack 3 (SP3) 
KB940157,  Windows Search 4.0 for Windows XP (KB940157) 
KB954478,  Security Update for Office 2003 (KB954478) MS08-052
KB953404,  Security Update for Microsoft Office 2003 (KB953404) MS08-055
KB961118,  Update for Windows XP (KB961118) 
KB961118,  Windows Live Essentials 
KB963673,  Update for the 2007 Microsoft Office System Help for Common Features (KB963673) 
KB963670,  Update for Microsoft Office OneNote 2007 Help (KB963670) 
KB963671,  Update for Microsoft Script Editor Help (KB963671) 
KB931125,  Update for Root Certificates [May 2009] (KB931125) 
KB963678,  Update for Microsoft Office Excel 2007 Help (KB963678) 
KB963669,  Update for Microsoft Office PowerPoint 2007 Help (KB963669) 
KB963665,  Update for Microsoft Office Word 2007 Help (KB963665) 
KB953195,  The 2007 Microsoft Office Suite Service Pack 2 (SP2) 
KB951847,  Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86 
KB971633,  Security Update for Windows XP (KB971633) MS09-028
KB963707,  Update to .NET Framework 3.5 Service Pack 1 for the .NET Framework Assistant 1.0 x86 (KB963707) 
KB973346,  Cumulative Security Update for ActiveX Killbits for Windows XP (KB973346) MS09-032
KB973346,  Office Live add-in 1.4 
KB972260,  Cumulative Security Update for Internet Explorer 8 for Windows XP (KB972260) MS09-034
KB970363,  Microsoft Silverlight (KB970363) 
KB968389,  Update for Windows XP (KB968389) 
KB971557,  Security Update for Windows XP (KB971557) MS09-038
KB973869,  Security Update for Windows XP (KB973869) MS09-037
KB956744,  Security Update for Windows XP (KB956744) MS09-044
KB973354,  Security Update for Windows XP (KB973354) MS09-037
KB973507,  Security Update for Windows XP (KB973507) MS09-037
KB960859,  Security Update for Windows XP (KB960859) MS09-042
KB973815,  Security Update for Windows XP (KB973815) MS09-037
KB971657,  Security Update for Windows XP (KB971657) MS09-041
KB973874,  Update for Internet Explorer 8 Compatibility View List for Windows XP (KB973874) 
KB961371,  Security Update for Windows XP (KB961371) MS09-029
KB956844,  Security Update for Windows XP (KB956844) MS09-046
KB890830,  Windows Malicious Software Removal Tool - September 2009 (KB890830) 
KB971961,  Security Update for Jscript 5.8 for Windows XP (KB971961) MS09-045

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================


==================================================================



Win32Diag

Log file is located at: C:\Documents and Settings\Treant\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...



Found mount point : C:\WINDOWS\$hf_mig$\KB912812\KB912812

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB916281\KB916281

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB918899\KB918899

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB920213\KB920213

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB924496\KB924496

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB925486\KB925486

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB932168\KB932168

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB933729\KB933729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB943460\KB943460

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB956744\KB956744

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB956844\KB956844

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB960859\KB960859

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB961371-v2\KB961371-v2

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB971557\KB971557

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB971633\KB971633

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB971657\KB971657

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB971961-IE8\KB971961-IE8

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB972260-IE8\KB972260-IE8

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB973346\KB973346

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB973354\KB973354

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB973507\KB973507

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB973815\KB973815

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB973869\KB973869

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\addins\addins

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\Temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\temp\temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\tmp\tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\AU_Temp\AU_Temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Config\Config

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Connection Wizard\Connection Wizard

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Debug\UserMode\UserMode

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imejp\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imejp98\imejp98

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109511090400000000000F01FEC\12.0.4518\12.0.4518

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109B10090400000000000F01FEC\12.0.4518\12.0.4518

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109F100A0C00000000000F01FEC\12.0.4518\12.0.4518

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109F100C0400000000000F01FEC\12.0.4518\12.0.4518

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\1F3B805BA42A0C233B0158879691FE82\2.1.21022\2.1.21022

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\java\trustlib\trustlib

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Minidump\Minidump

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\msapps\msinfo\msinfo

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\msdownld.tmp\msdownld.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\mui\mui

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\PCHEALTH\ERRORREP\QHEADLES\QHEADLES

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\PCHEALTH\ERRORREP\QSIGNOFF\QSIGNOFF

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\PCHEALTH\HELPCTR\BATCH\BATCH

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\PCHEALTH\HELPCTR\Config\CheckPoint\CheckPoint

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\PCHEALTH\HELPCTR\HelpFiles\HelpFiles

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\PCHEALTH\HELPCTR\InstalledSKUs\InstalledSKUs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\PCHEALTH\HELPCTR\System\DFS\DFS

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\PCHEALTH\HELPCTR\Temp\Temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Registration\CRMLog\CRMLog

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\Downloaded

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Sun\Java\Deployment\Deployment

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SxsCaPendDel\SxsCaPendDel

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1025\1025

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1028\1028

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1031\1031

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1037\1037

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1041\1041

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1042\1042

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1054\1054

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\2052\2052

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\3076\3076

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\3com_dmi\3com_dmi

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\Adobe\update\update

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TempDir\TempDir

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\RCCBakup\RCCBakup

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates\Certificates

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs\CRLs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs\CTLs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Desktop\Desktop

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Favorites\Favorites

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Application Data

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\Temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\My Documents\My Documents

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\NetHood\NetHood

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\PrintHood\PrintHood

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Recent\Recent

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\dhcp\dhcp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\drivers\disdn\disdn

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINDOWS\system32\eventlog.dll

[1] 2004-08-04 03:56:42 55808 C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll (Microsoft Corporation)

[1] 2008-04-13 20:11:53 56320 C:\WINDOWS\ServicePackFiles\i386\eventlog.dll (Microsoft Corporation)

[1] 2008-04-13 20:11:53 61952 C:\WINDOWS\system32\eventlog.dll ()

[2] 2008-04-13 20:11:53 56320 C:\WINDOWS\system32\logevent.dll (Microsoft Corporation)



Found mount point : C:\WINDOWS\system32\export\export

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\inetsrv\inetsrv

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\log\log

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINDOWS\system32\MRT.exe

[1] 2009-08-28 14:38:22 24689600 C:\WINDOWS\system32\MRT.exe ()



Found mount point : C:\WINDOWS\system32\mui\dispspec\dispspec

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\html\ispsgnup\ispsgnup

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\html\oemcust\oemcust

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\html\oemhw\oemhw

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\html\oemreg\oemreg

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\sample\sample

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\ShellExt\ShellExt

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\spool\PRINTERS\PRINTERS

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\wbem\mof\bad\bad

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\wbem\mof\good\good

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\wbem\snmp\snmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\wins\wins

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\xircom\xircom

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview2\graphics\graphics

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\assets\graphics\Includes\Includes

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\viewmgr\viewmgr

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\vmgr\323942\323942

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp2\Temp2

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\WinSxS\InstallTemp\InstallTemp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2

Mount point destination : \Device\__max++>\^



Finished!




Thanks in advance.

BC AdBot (Login to Remove)

 


#2 Treant99

Treant99
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Location:New York
  • Local time:08:13 PM

Posted 15 September 2009 - 07:42 PM

Please close this topic, I decided to try a few fixes that worked for someone else. I needed full control of the infected PC, and was prepared to reformat as a last resort anyway.. I just couldn't wait any longer so gave it a shot.

I'm now able to run my Trendmicro internet suite, and malwarebytes with no flaws. Also all online scanners (kaspersky, eset and housecall), show my system as clean.

My thanks go especially to fenzodahl512 who's solution I followed from another topic.

#3 SifuMike

SifuMike

    malware expert


  • Staff Emeritus
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:05:13 PM

Posted 19 September 2009 - 08:59 PM

Since your problem appears to be resolved, this thread will now be closed.
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users