Geneste weergave | Lineaire weergave

AjLangevin · 02-12-2009, 15:49

Hello,
I am running a five or six year old Dell Dimension Desktop 3,000 Series with 512 MB of RAM, 30GB of internal memory, Windows XP Home Edition Service Pack 2, with a 500GB Western Digital MyBook Essential Edition External Hard Drive. Within the past couple of months, the system has been slowing down and I have been experiencing various problems with it. I haven't been to any odd sites (as in, I haven't changed where I'm going online) for over a year, yet two weeks ago, the entire system wouldn't boot (it didn't detect my internal Master drive, I fixed this by simply opening up the side panel and removing dust build-up). This week, the taskbar and start menu have been freezing, and various .exe files that normally run low-profile and in the background have been taking up too much RAM (svchost.exe being one of the more annoying ones, it recently got to around 85,000 under the memory usage column of Task Manager). I ran Ad-Aware Personal SE and a full system scan using AVG Free 8, but Ad-Aware was unable to update its definitions (and it hasn't been able to for a while...). Here's my HijackThis! Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:43:24, on 12/2/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Aynsley\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Styler\Styler.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://au.youtube.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/mywaybiz
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - V:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - V:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll (file missing)
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [Recordpad] "C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe" -logon
O4 - HKLM\..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "V:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "V:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Aynsley\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MemSkin+] "C:\Program Files\MemSkin+\MemSkinP.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Mikogo] "C:\Documents and Settings\Aynsley\Application Data\Mikogo\Mikogo-Host.exe"
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [WindowBlinds] C:\Program Files\Stardock\Object Desktop\WindowBlinds\WBInstall32.exe
O4 - Startup: Aim Interrupt.lnk = C:\Program Files\Aim Interrupt\Aim Interrupt.exe
O4 - Startup: Oneeko.lnk = C:\Program Files\Oneeko\ONEEKO.EXE
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: Styler.lnk = ?
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download with Xilisoft YouTube Video Converter - C:\Program Files\Xilisoft\YouTube Video Converter\upod_link.HTM
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Aynsley\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msg...b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...b31267.cab
O16 - DPF: {18B01F09-2965-11D3-9461-00A0C9B1E042} (FunnyVoiceCtl Class) - http://www.kiddonet.com/kiddonet/cards/FunnyVoice.ocx
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msg...b56986.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housec...hcImpl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...b31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMes...loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIn...b47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Ban...b31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...b56907.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default...uncher.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - V:\Program Files\EA Games\Need for Speed Undercover\PB\PnkBstrA.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

--
End of file - 19324 bytes

**Blackbird** · 02-12-2009, 18:55

Hi,

Welcome to the BlueMedicine forums! Icon_smile

1. Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily [color=blue]disable such programs or permit them to allow the changes.[/color]

Make sure you are connected to the Internet.
Double-click on mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
- Update Malwarebytes' Anti-Malware
- Launch Malwarebytes' Anti-Malware
Then click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan.

If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.

On the Scanner tab:

Make sure the "Perform Quick Scan" option is selected.
Then click on the Scan button.
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen:

Click on the Show Results button to see a list of any malware that was found.
Make sure that everything is checked, and click Remove Selected.
When removal is completed, a log report will open in Notepad.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
Exit MBAM when done.

Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

2. Download RSIT
Save it to your desktop.

Double click on RSIT to start the program.
Click Continue when the disclaimer window appears.
When the scan has been completed, two logfiles will be opened. Post the contents from log.txt (<<will be maximized) and info.txt (<<will be minimized) in your next reply.

AjLangevin · 02-12-2009, 22:05

Thank you for the reply!
Below is my MBAM log. However, I could not get RSIT to start. Whenever I double-click RSIT.exe, it pops up with an error that tells me that it's not a valid Win32 Application. I tried redownloading, but that didn't do anything. Here is my MBAM log anyway...

Malwarebytes' Anti-Malware 1.41
Database version: 3280
Windows 5.1.2600 Service Pack 2

12/2/2009 14:09:11
mbam-log-2009-12-02 (14-09-11).txt

Scan type: Quick Scan
Objects scanned: 123445
Time elapsed: 23 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 14
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\gamevance.linker.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7afdb136-8433-46af-9d8d-42ab37cccd0f} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9222ee90-928a-455e-9298-98d41f2f5ce3} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c9328120-16f7-4aa3-9408-60fd5bdcc37f} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d4ad2785-64dc-4c22-9c1d-62fa759ea137} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{5addfe10-9b32-4489-adc3-495750b7eaf9} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\fdkowvbp.bosv (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DataDisp32 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Gamevance (Adware.Gamevance) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\SYSTEM32\clbdll.dl_ (Rootkit.Clbd) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.

**Blackbird** · (Dit bericht is het laatst bewerkt op 02-12-2009 om 23:10 door Blackbird.)

Hi,

Ok, please try this instead: Icon_smile

Download OTL to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

AjLangevin · 03-12-2009, 02:50

OTL.txt:

OTL logfile created on: 12/2/2009 19:31:10 - Run 1
OTL by OldTimer - Version 3.1.11.4 Folder = C:\Documents and Settings\Aynsley\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

509.98 Mb Total Physical Memory | 203.63 Mb Available Physical Memory | 39.93% Memory free
1.21 Gb Paging File | 0.50 Gb Available in Paging File | 41.13% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 33.86 Gb Total Space | 5.82 Gb Free Space | 17.19% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 39.10 Mb Total Space | 31.85 Mb Free Space | 81.48% Space Free | Partition Type: FAT
Drive H: | 3.34 Gb Total Space | 0.33 Gb Free Space | 10.00% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded
Drive K: | 446.77 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive L: | 465.11 Gb Total Space | 320.14 Gb Free Space | 68.83% Space Free | Partition Type: NTFS

Computer Name: D3QPDQ71
Current User Name: Aynsley
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Aynsley\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Documents and Settings\Aynsley\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
PRC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
PRC - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe (Memeo)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe (WDC)
PRC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe (WDC)
PRC - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\Program Files\Styler\Styler.exe (ta2027)
PRC - C:\WINDOWS\SYSTEM32\igfxpers.exe (Intel Corporation)
PRC - C:\WINDOWS\SYSTEM32\hkcmd.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\stardock\SDMCP.exe (Stardock)
PRC - C:\WINDOWS\SYSTEM32\HPZipm12.exe (HP)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Aynsley\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (Stardock Corporation)
MOD - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
MOD - C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (Stardock.Net, Inc)
MOD - C:\WINDOWS\SYSTEM32\wbsys.dll (Stardock.Net, Inc)
MOD - C:\Program Files\Stardock\ObjectDock\DockShellHook.dll ()
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\Styler\StylerHelper.dll (ta2027)
MOD - C:\WINDOWS\SYSTEM32\mfc42.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (PnkBstrA) -- File not found
SRV - (iPod Service) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (avg8wd) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg8emc) -- C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (WDDMService) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (WDSmartWareBackgroundService) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe (Memeo)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (FileZilla Server) -- C:\Program Files\FileZilla Server\FileZilla Server.exe (FileZilla Project)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (IntuitUpdateService) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
SRV - (Adobe LM Service) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (Adobe Version Cue CS4) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
SRV - (WDBtnMgrSvc.exe) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe (WDC)
SRV - (aawservice) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft)
SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\SYSTEM32\HPZipm12.exe (HP)
SRV - (NetSvc) -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe (Intel® Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MSSQL$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (tdrpman228) Acronis Try&Decide and Restore Points filter (build 228) -- C:\WINDOWS\system32\DRIVERS\tdrpm228.sys (Acronis)
DRV - (timounter) -- C:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis)
DRV - (tifsfilter) -- C:\WINDOWS\SYSTEM32\DRIVERS\tifsfilt.sys (Acronis)
DRV - (snapman) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (GEARAspiWDM) -- C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (SCRCAMHRDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\SCRCAMHRDRV.sys (Windows ® Server 2003 DDK provider)
DRV - (WDC_SAM) -- C:\WINDOWS\SYSTEM32\DRIVERS\wdcsam.sys (Western Digital Technologies)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (PxHelp20) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (adfs) -- C:\WINDOWS\SYSTEM32\DRIVERS\adfs.sys (Adobe Systems, Inc.)
DRV - (mcdbus) -- C:\WINDOWS\SYSTEM32\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys ()
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS ()
DRV - (BANTExt) -- C:\WINDOWS\System32\Drivers\BANTExt.sys ()
DRV - (Cdralw2k) -- C:\WINDOWS\SYSTEM32\DRIVERS\cdralw2k.sys (Sonic Solutions)
DRV - (Cdr4_xp) -- C:\WINDOWS\SYSTEM32\DRIVERS\cdr4_xp.sys (Sonic Solutions)
DRV - (Secdrv) -- C:\WINDOWS\SYSTEM32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (dsunidrv) -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys (Gteko Ltd.)
DRV - (vmm) -- C:\WINDOWS\SYSTEM32\DRIVERS\VMM.sys (Microsoft Corporation)
DRV - (AVG Anti-Rootkit) -- C:\WINDOWS\System32\DRIVERS\avgarkt.sys (GRISOFT, s.r.o.)
DRV - (VPCNetS2) -- C:\WINDOWS\SYSTEM32\DRIVERS\VMNetSrv.sys (Microsoft Corporation)
DRV - (AvgArCln) -- C:\WINDOWS\SYSTEM32\DRIVERS\AvgArCln.sys (GRISOFT, s.r.o.)
DRV - (DSproct) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS (SuperAdBlocker, Inc.)
DRV - (ialm) -- C:\WINDOWS\SYSTEM32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (ASCTRM) -- C:\WINDOWS\SYSTEM32\DRIVERS\asctrm.sys (Windows ® 2000 DDK provider)
DRV - (smwdm) -- C:\WINDOWS\SYSTEM32\DRIVERS\smwdm.sys (Analog Devices, Inc.)
DRV - (HPZid412) -- C:\WINDOWS\SYSTEM32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZius12) -- C:\WINDOWS\SYSTEM32\DRIVERS\HPZius12.sys (HP)
DRV - (HPZipr12) -- C:\WINDOWS\SYSTEM32\DRIVERS\HPZipr12.sys (HP)
DRV - (CoachVc) -- C:\WINDOWS\SYSTEM32\DRIVERS\CoachVc.sys (FotoNation Inc.)
DRV - (CoachUsb) -- C:\WINDOWS\SYSTEM32\DRIVERS\CoachUsb.sys (FotoNation Inc.)
DRV - (senfilt) -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys (Creative Technology Ltd.)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (Ptilink) -- C:\WINDOWS\SYSTEM32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (symc810) -- C:\WINDOWS\SYSTEM32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (nv) -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS (NVIDIA Corporation)
DRV - (E100B) Intel® -- C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys (Intel Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://au.youtube.com/
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.0.4
FF - prefs.js..browser.search.selectedEngine: "AIM Search"
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query="
FF - prefs.js..browser.startup.homepage: "http://www.aol.com/?src=aim"

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/11/03 09:40:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/09/20 14:10:03 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/02 20:41:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.19\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/09/20 14:10:03 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.19\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/09/28 18:01:12 | 00,000,000 | ---D | M]

[2009/05/25 15:24:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aynsley\Application Data\Mozilla\Extensions
[2009/05/25 15:24:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aynsley\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2009/06/05 18:24:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aynsley\Application Data\Mozilla\Firefox\Profiles\2s3urar1.default\extensions
[2009/05/25 18:41:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aynsley\Application Data\Mozilla\Firefox\Profiles\2s3urar1.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2008/06/21 17:44:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aynsley\Application Data\Mozilla\Firefox\Profiles\2s3urar1.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/06/05 18:24:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aynsley\Application Data\Mozilla\Firefox\Profiles\2s3urar1.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/02/15 13:12:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aynsley\Application Data\Mozilla\Firefox\Profiles\2s3urar1.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2007/09/18 19:25:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aynsley\Application Data\Mozilla\Firefox\Profiles\2s3urar1.default\extensions\redshift_V2@shift-themes.com
[2009/09/16 20:10:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aynsley\Application Data\Mozilla\Firefox\Profiles\c2skpp3m.VOLKS\extensions
[2009/06/03 18:51:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aynsley\Application Data\Mozilla\Firefox\Profiles\c2skpp3m.VOLKS\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009/09/05 10:39:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aynsley\Application Data\Mozilla\Firefox\Profiles\c2skpp3m.VOLKS\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/02/15 14:02:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aynsley\Application Data\Mozilla\Firefox\Profiles\c2skpp3m.VOLKS\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2009/06/22 19:08:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aynsley\Application Data\Mozilla\Firefox\Profiles\c2skpp3m.VOLKS\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/02/15 14:02:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aynsley\Application Data\Mozilla\Firefox\Profiles\c2skpp3m.VOLKS\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
[2009/02/15 13:13:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aynsley\Application Data\Mozilla\Firefox\Profiles\c2skpp3m.VOLKS\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2009/02/15 14:02:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aynsley\Application Data\Mozilla\Firefox\Profiles\c2skpp3m.VOLKS\extensions\nasanightlaunch@example.com
[2008/08/29 17:33:30 | 00,002,108 | ---- | M] () -- C:\Documents and Settings\Aynsley\Application Data\Mozilla\Firefox\Profiles\2s3urar1.default\searchplugins\youtube-video-search.xml
[2009/09/16 20:10:01 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/02 20:41:34 | 00,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2007/04/16 12:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

O1 HOSTS File: (60 bytes) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - V:\Program Files\Adobe\Adobe Contribute CS4\contributeieplugin.dll File not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (ST) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O2 - BHO: (MSNToolBandBHO) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll File not found
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - V:\Program Files\Adobe\Adobe Contribute CS4\contributeieplugin.dll File not found
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll (StyleFantasist)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] V:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] V:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\SYSTEM32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\SYSTEM32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\SYSTEM32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LogonStudio] C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe (Stardock and Luca Saggese)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [Recordpad] C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe (WDC)
O4 - HKCU..\Run: [Aim6] C:\Program Files\AIM6\aim6.exe (AOL LLC)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Aynsley\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [MemSkin+] C:\Program Files\MemSkin+\MemSkinP.exe (TheSteve Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe File not found
O4 - HKCU..\Run: [Mikogo] C:\Documents and Settings\Aynsley\Application Data\Mikogo\Mikogo-Host.exe (Mikogo)
O4 - HKCU..\Run: [Orb] C:\Program Files\Winamp Remote\bin\OrbTray.exe (Orb Networks)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKCU..\Run: [WindowBlinds] C:\Program Files\Stardock\Object Desktop\WindowBlinds\WBInstall32.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
O4 - Startup: C:\Documents and Settings\Aynsley\Start Menu\Programs\Startup\Aim Interrupt.lnk = C:\Program Files\Aim Interrupt\Aim Interrupt.exe (nada)
O4 - Startup: C:\Documents and Settings\Aynsley\Start Menu\Programs\Startup\Oneeko.lnk = C:\Program Files\Oneeko\ONEEKO.EXE File not found
O4 - Startup: C:\Documents and Settings\Aynsley\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock)
O4 - Startup: C:\Documents and Settings\Aynsley\Start Menu\Programs\Startup\Styler.lnk = C:\Documents and Settings\Aynsley\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll File not found
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Aynsley\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 36 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/housec...hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e...vc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://spaces.msn.com//PhotoUpload/MsnPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstal...s-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fla...rashim.cab (Reg Error: Key error.)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn.com/download/MsnMes...loader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/auto...s-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstal...s-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstal...s-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} http://www.live365.com/players/play365.cab (Live365Player Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sho...wflash.cab (Shockwave Flash Object)
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} http://zone.msn.com/bingame/feed/default...uncher.cab (SproutLauncherCtrl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (wbsys.dll) - C:\WINDOWS\System32\wbsys.dll (Stardock.Net, Inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\WINDOWS\system32\logonuiX.exe) - C:\WINDOWS\SYSTEM32\logonuiX.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\MCPClient: DllName - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll - C:\Program Files\Common Files\stardock\MCPStub.dll (Stardock)
O20 - Winlogon\Notify\WBSrv: DllName - C:\Program Files\Stardock\Object Desktop\WindowBlinds\WBSrv.dll - C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll (Stardock Corporation)
O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\Program Files\Common Files\stardock\MCPCore.dll (Stardock)
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/10/05 10:32:56 | 00,000,398 | ---- | M] () - G:\AUTOEXEC.UP -- [ FAT ]
O32 - AutoRun File - [2004/10/05 10:32:56 | 00,000,398 | ---- | M] () - G:\AUTOEXEC.BAT -- [ FAT ]
O32 - AutoRun File - [2004/05/20 17:05:22 | 00,001,858 | ---- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2009/06/18 16:12:18 | 00,000,088 | R--- | M] () - K:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (/r) - File not found
O34 - HKLM BootExecute: (\??\V Icon_smile

- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Documents and Settings\Aynsley\Desktop\CAQFG1A3.
File not found -- C:\Documents and Settings\Aynsley\Desktop\CA7U8FZ1.
[2009/12/02 19:28:49 | 00,535,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Aynsley\Desktop\OTL.exe
[2009/12/02 13:37:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Aynsley\Application Data\Malwarebytes
[2009/12/02 13:37:06 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/02 13:37:02 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/02 13:37:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/12/02 13:37:00 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/12/02 13:36:32 | 04,045,528 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Aynsley\Desktop\mbam-setup.exe
[2009/12/02 10:07:14 | 11,853,2552 | ---- | C] (Acronis) -- C:\Documents and Settings\Aynsley\Desktop\TrueImage2010_d_en.exe
[2009/12/02 08:42:04 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Aynsley\Desktop\HJTInstall.exe
[2009/11/30 21:06:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Aynsley\Desktop\December 09
[2009/11/27 12:40:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Aynsley\My Documents\New Folder
[2009/11/26 15:16:23 | 00,000,000 | ---D | C] -- C:\Program Files\MSECache
[2009/11/04 14:33:59 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2009/11/03 19:58:13 | 03,067,292 | ---- | C] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\GameMon.des
[2009/11/03 19:57:50 | 00,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\npptNT2.sys
[2009/11/03 19:57:38 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2009/11/03 11:10:44 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}
[2009/11/03 10:07:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Aynsley\My Documents\Stardock
[2009/11/03 09:27:12 | 00,000,000 | ---D | C] -- C:\Program Files\WinCustomize
[2009/11/03 09:03:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Stardock
[2009/11/02 21:27:07 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uxtheme.backup
[2009/11/02 20:42:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Aynsley\Local Settings\Application Data\PMB Files
[2009/11/02 20:42:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2009/11/02 20:41:15 | 00,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2006/11/17 17:18:00 | 00,095,232 | ---- | C] ( ) -- C:\WINDOWS\System32\lagarith.dll
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Aynsley\My Documents\*.tmp files -> C:\Documents and Settings\Aynsley\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Documents and Settings\Aynsley\Desktop\CAQFG1A3.
File not found -- C:\Documents and Settings\Aynsley\Desktop\CA7U8FZ1.
[2009/12/02 19:31:42 | 12,845,056 | -H-- | M] () -- C:\Documents and Settings\Aynsley\NTUSER.DAT
[2009/12/02 19:28:54 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Aynsley\Desktop\OTL.exe
[2009/12/02 18:55:00 | 00,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2624424766-4292314798-2632519884-1007UA.job
[2009/12/02 17:08:35 | 46,070,418 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/12/02 17:08:35 | 00,111,793 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/12/02 15:28:48 | 00,037,888 | ---- | M] () -- C:\Documents and Settings\Aynsley\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/02 15:00:02 | 00,388,063 | ---- | M] () -- C:\Documents and Settings\Aynsley\Desktop\RSIT (1).exe
[2009/12/02 14:38:00 | 00,388,063 | ---- | M] () -- C:\Documents and Settings\Aynsley\Desktop\RSIT.exe
[2009/12/02 14:21:12 | 00,002,249 | ---- | M] () -- C:\Documents and Settings\Aynsley\Start Menu\Programs\Startup\Styler.lnk
[2009/12/02 14:18:52 | 00,000,024 | ---- | M] () -- C:\WINDOWS\LogonStudio.ini
[2009/12/02 14:16:48 | 00,002,228 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2009/12/02 14:15:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/02 14:14:43 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2009/12/02 14:14:36 | 53,482,7008 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/02 14:12:54 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Aynsley\NTUSER.INI
[2009/12/02 13:37:23 | 00,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/02 13:36:33 | 04,045,528 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Aynsley\Desktop\mbam-setup.exe
[2009/12/02 10:09:07 | 11,853,2552 | ---- | M] (Acronis) -- C:\Documents and Settings\Aynsley\Desktop\TrueImage2010_d_en.exe
[2009/12/02 10:01:23 | 00,524,288 | ---- | M] () -- C:\Documents and Settings\Aynsley\Desktop\dds.scr
[2009/12/02 08:42:16 | 00,001,738 | ---- | M] () -- C:\Documents and Settings\Aynsley\Desktop\HijackThis.lnk
[2009/12/02 08:42:04 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Aynsley\Desktop\HJTInstall.exe
[2009/12/02 07:33:59 | 00,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2009/12/02 07:33:59 | 00,000,004 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2009/12/01 22:55:02 | 00,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2624424766-4292314798-2632519884-1007Core.job
[2009/11/30 21:26:08 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\Aynsley\Desktop\iTunes.lnk
[2009/11/30 18:48:33 | 02,458,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/27 02:08:26 | 00,109,856 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2009/11/25 20:57:15 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/11/25 03:02:36 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/11/22 12:47:11 | 00,001,024 | ---- | M] () -- C:\Documents and Settings\Aynsley\My Documents\Default.sfvidcap
[2009/11/21 22:35:13 | 00,022,936 | ---- | M] () -- C:\Documents and Settings\Aynsley\Desktop\Safterwaters.veg.bak
[2009/11/13 08:56:37 | 00,002,304 | ---- | M] () -- C:\Documents and Settings\Aynsley\Desktop\Google Chrome.lnk
[2009/11/12 03:12:58 | 00,000,930 | ---- | M] () -- C:\WINDOWS\WIN.INI
[2009/11/03 18:27:46 | 01,847,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logonuiX.exe
[2009/11/03 12:29:02 | 00,000,000 | ---- | M] () -- C:\WINDOWS\WB.ini
[2009/11/03 10:06:57 | 00,001,689 | ---- | M] () -- C:\Documents and Settings\Aynsley\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
[2009/11/03 09:23:24 | 00,000,805 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ObjectDock.lnk
[2009/11/02 21:27:08 | 00,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uxtheme.dll
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Aynsley\My Documents\*.tmp files -> C:\Documents and Settings\Aynsley\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/02 15:00:00 | 00,388,063 | ---- | C] () -- C:\Documents and Settings\Aynsley\Desktop\RSIT (1).exe
[2009/12/02 14:37:55 | 00,388,063 | ---- | C] () -- C:\Documents and Settings\Aynsley\Desktop\RSIT.exe
[2009/12/02 13:37:23 | 00,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/02 10:01:20 | 00,524,288 | ---- | C] () -- C:\Documents and Settings\Aynsley\Desktop\dds.scr
[2009/12/02 08:42:16 | 00,001,738 | ---- | C] () -- C:\Documents and Settings\Aynsley\Desktop\HijackThis.lnk
[2009/11/21 09:38:05 | 00,002,137 | ---- | C] () -- C:\Documents and Settings\Aynsley\Desktop\iTunes.lnk
[2009/11/18 22:02:40 | 00,022,936 | ---- | C] () -- C:\Documents and Settings\Aynsley\Desktop\Safterwaters.veg.bak
[2009/11/03 19:57:49 | 00,005,174 | ---- | C] () -- C:\WINDOWS\System32\nppt9x.vxd
[2009/11/03 12:29:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\WB.ini
[2009/11/03 11:48:48 | 00,000,024 | ---- | C] () -- C:\WINDOWS\LogonStudio.ini
[2009/11/03 10:06:55 | 00,001,689 | ---- | C] () -- C:\Documents and Settings\Aynsley\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
[2009/11/03 09:27:16 | 00,187,392 | ---- | C] () -- C:\WINDOWS\System32\JPGUtils.dll
[2009/11/03 09:23:24 | 00,000,805 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ObjectDock.lnk
[2009/07/23 12:56:38 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/07/23 12:56:38 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/07/23 01:41:37 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2009/01/31 12:03:47 | 00,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2009/01/28 17:34:42 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/11/21 16:47:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/21 16:45:16 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/21 16:45:16 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/11/21 16:44:16 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/08/29 20:05:05 | 00,002,560 | ---- | C] () -- C:\WINDOWS\System32\AdobeLM.dll
[2008/08/29 20:05:05 | 00,002,048 | ---- | C] () -- C:\WINDOWS\System32\HHC.dll
[2008/08/29 20:05:05 | 00,002,048 | ---- | C] () -- C:\WINDOWS\System32\Adobelmsvc Installer.dll
[2008/07/28 18:22:09 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008/07/24 17:44:07 | 10,531,328 | ---- | C] () -- C:\WINDOWS\System32\AfterFX.dll
[2008/05/23 13:45:56 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\mpglib.dll
[2008/05/12 17:50:15 | 00,000,049 | ---- | C] () -- C:\WINDOWS\WPControl.INI
[2008/05/01 05:16:22 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\vzcontextmenu.dll
[2008/03/13 18:30:21 | 00,000,215 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/01/18 08:36:15 | 00,000,122 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/12/27 09:47:30 | 00,014,221 | ---- | C] () -- C:\WINDOWS\System32\scrcap.dll
[2006/11/19 20:12:07 | 00,001,406 | ---- | C] () -- C:\WINDOWS\disney.ini
[2006/11/01 01:54:30 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/11/01 01:52:38 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/09/30 20:34:36 | 00,000,077 | ---- | C] () -- C:\WINDOWS\huffyuv.ini
[2006/07/16 18:58:06 | 00,001,778 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/05/18 17:06:34 | 00,000,185 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2006/05/18 17:05:37 | 00,000,256 | ---- | C] () -- C:\WINDOWS\PROVW.INI
[2006/05/18 17:05:36 | 00,000,673 | ---- | C] () -- C:\WINDOWS\KPSTUDIO.INI
[2006/03/13 19:09:23 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PestPatrol5.INI
[2006/02/23 07:56:26 | 00,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/01/26 15:23:21 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/01/16 19:07:33 | 00,006,753 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2005/11/20 18:09:06 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/08/16 17:57:01 | 00,037,888 | ---- | C] () -- C:\Documents and Settings\Aynsley\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/08/15 11:10:34 | 00,000,130 | ---- | C] () -- C:\Documents and Settings\Aynsley\Local Settings\Application Data\fusioncache.dat
[2005/08/15 11:03:50 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/08/15 10:38:47 | 00,012,275 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2005/07/18 13:26:07 | 00,061,678 | ---- | C] () -- C:\Documents and Settings\Aynsley\Application Data\PFP120JPR.{PB
[2005/07/18 13:26:07 | 00,012,358 | ---- | C] () -- C:\Documents and Settings\Aynsley\Application Data\PFP120JCM.{PB
[2005/06/16 22:52:50 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/06/16 22:10:06 | 00,000,299 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/10 13:13:12 | 00,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/06/17 19:36:00 | 00,482,816 | ---- | C] () -- C:\WINDOWS\System32\VFCodec.dll
[1980/01/01 00:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== Files - Unicode (All) ==========
[2009/07/27 19:47:56 | 00,000,162 | ---- | M] ()(C:\WINDOWS\??????????????????????????????????) -- C:\WINDOWS\㩃䑜捯浵湥獴愠摮匠瑥楴杮屳祁獮敬屹灁汰捩瑡潩⁮慄慴坜湩浡屰楗慮灭椮楮
[2009/07/27 19:47:55 | 00,000,162 | ---- | C] ()(C:\WINDOWS\??????????????????????????????????) -- C:\WINDOWS\㩃䑜捯浵湥獴愠摮匠瑥楴杮屳祁獮敬屹灁汰捩瑡潩⁮慄慴坜湩浡屰楗慮灭椮楮

========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9FA5EC55
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:820563D3
< End of report >

AjLangevin · 03-12-2009, 02:51

Extras.txt:

OTL Extras logfile created on: 12/2/2009 19:31:11 - Run 1
OTL by OldTimer - Version 3.1.11.4 Folder = C:\Documents and Settings\Aynsley\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

509.98 Mb Total Physical Memory | 203.63 Mb Available Physical Memory | 39.93% Memory free
1.21 Gb Paging File | 0.50 Gb Available in Paging File | 41.13% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 33.86 Gb Total Space | 5.82 Gb Free Space | 17.19% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 39.10 Mb Total Space | 31.85 Mb Free Space | 81.48% Space Free | Partition Type: FAT
Drive H: | 3.34 Gb Total Space | 0.33 Gb Free Space | 10.00% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded
Drive K: | 446.77 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive L: | 465.11 Gb Total Space | 320.14 Gb Free Space | 68.83% Space Free | Partition Type: NTFS

Computer Name: D3QPDQ71
Current User Name: Aynsley
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Documents and Settings\Aynsley\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe"

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"14127:TCP" = 14127:TCP:*:Enabled:BitComet 14127 TCP
"14127:UDP" = 14127:UDP:*:Enabled:BitComet 14127 UDP
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
"3703:TCP" = 3703:TCP:*:Enabled:Adobe Version Cue CS4 Server
"3704:TCP" = 3704:TCP:*:Enabled:Adobe Version Cue CS4 Server
"51000:TCP" = 51000:TCP:*:Enabled:Adobe Version Cue CS4 Server
"51001:TCP" = 51001:TCP:*:Enabled:Adobe Version Cue CS4 Server
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"56947:TCP" = 56947:TCP:*:Enabled:Pando Media Booster
"56947:UDP" = 56947:UDP:*:Enabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\winav.exe" = %windir%\system32\winav.exe:*:Enabled:@xpsp2res.dll,-22019 -- File not found
"C:\WINDOWS\SYSTEM32\r_server.exe" = C:\WINDOWS\SYSTEM32\r_server.exe:*:Enabled:R Admin Server -- File not found
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager -- (Electronic Arts)
"V:\Program Files\Veoh\VeohClient.exe" = V:\Program Files\Veoh\VeohClient.exe:*:Enabled:Veoh Client -- File not found
"V:\Program Files\StepMania 4\Program\StepMania.exe" = V:\Program Files\StepMania 4\Program\StepMania.exe:*:Enabled:StepMania -- File not found
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" = C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client -- (Veoh Networks)
"V:\utorrent.exe" = V:\utorrent.exe:*:Enabled:µTorrent -- File not found
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe" = C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:*:Enabled:Adobe Version Cue CS4 Server -- (Adobe Systems Incorporated)
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- (Veoh Networks)
"C:\Program Files\Common Files\AOL\1140699481\ee\aim6.exe" = C:\Program Files\Common Files\AOL\1140699481\ee\aim6.exe:*:Enabled:AIM -- (America Online, Inc.)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)
"V:\Program Files\World of Warcraft\Launcher.exe" = V:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- File not found
"V:\Program Files\World of Warcraft\BackgroundDownloader.exe" = V:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- (Orb Networks, Inc.)
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- (Orb Networks)
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- (Orb Networks)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- File not found
"C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"C:\Documents and Settings\Aynsley\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll" = C:\Documents and Settings\Aynsley\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin -- (Google)
"C:\Documents and Settings\Aynsley\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Aynsley\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\Tencent\QQ Games\QQGames.exe" = C:\Program Files\Tencent\QQ Games\QQGames.exe:*:Enabled:QQ Games -- (Tencent America LLC)
"C:\Program Files\Tencent\QQ Games\QQGamesD.exe" = C:\Program Files\Tencent\QQ Games\QQGamesD.exe:*:Enabled:QQ Games Downloader -- ()
"C:\Program Files\Tencent\QQ Games\Update\Update.exe" = C:\Program Files\Tencent\QQ Games\Update\Update.exe:*:Enabled:QQ Games Updater -- ()
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Oneeko\ONEEKO.EXE" = C:\Program Files\Oneeko\ONEEKO.EXE:*:Enabled:ONEEKO -- File not found
"C:\Program Files\Aim Interrupt\Aim Interrupt.exe" = C:\Program Files\Aim Interrupt\Aim Interrupt.exe:*:Enabled:Aim Interrupt -- (nada)
"V:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe" = V:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"V:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe" = V:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"V:\Program Files\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe" = V:\Program Files\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"V:\Program Files\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe" = V:\Program Files\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\Program Files\Dragonmount Networks\dIRC\dIRC.exe" = C:\Program Files\Dragonmount Networks\dIRC\dIRC.exe:*:Enabled:An Internet Relay Chat client -- (Dragonmount Networks)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement
"{10798AE3-DCBB-43C3-9C93-C23512427E25}" = The Sims Deluxe Edition
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{171818BA-E0AD-313D-B45A-1BC9D77ADA86}" = YouTube Uploader
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}" = Intel® PROSet for Wired Connections
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 12
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2C294A0B-DF22-4023-B168-8C7645B10019}" = Adobe Setup
"{2E7595EC-4FB1-4E29-93D4-9083C8A9B107}" = TurboTax ItsDeductible 2005
"{2EEDDF31-D178-4280-AE13-0EE3504E97C9}" = Before You Know It 3.6 Deluxe
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{335CD6DC-E645-4949-A666-65F18E91CF97}" = Power Japanese
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{362F8AC6-4EA5-C5AC-ED7E-1F49F0EE20D5}" = TweetDeck
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{4394DC3A-5DAC-4C80-A86E-FF462D0AD653}" = Windows 7 Upgrade Advisor Beta
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4B215C29-1A3E-4736-92AA-10C83FA56EB9}" = Adobe After Effects CS3 Presets
"{4F3E17F8-F1C8-4A4B-9EB8-1EE2D190CDA9}" = Adobe Setup
"{4F992562-C125-11D2-A6A5-00A0CC2434CD}" = Unitype Applications
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{51B833D8-66B0-4E72-92B9-4E4977EF37F2}" = WD Drive Manager (x86)
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54266945-8A11-424D-B20F-4F747A714FBA}" = DV TS
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5C474A83-A45F-470C-9AC8-2BD1C251BF9A}" = Skype™ 4.1
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5FC4811E-29F4-4035-9274-43A16816152D}" = ArcSoft Funhouse 1.0
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{64FC0C98-B035-4530-B15D-3D30610B6DF1}" = HP Software Update
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{674E4631-2E9C-405C-820E-4E7C6A4BE070}" = Sony Vegas 5.0d
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7
"{6BF04C63-EAC0-4F19-9E88-9A745493E7BF}" = IconPackager
"{6C85F81D-2FB7-480A-883C-E79E072C4599}" = LanguageNow - Japanese
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}" = EarthLink setup files
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{805B2966-0CFB-4DD2-9307-B397C1EA4D14}" = Sony ACID Music Studio 6.0
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{878D2EB2-2D55-42A9-955E-1E08F28529FD}" = Sony Media Manager 2.2
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8AF3FB06-BDA3-42A3-995C-308812D2F094}" = Adobe After Effects CS3
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{8CC42289-E228-4A35-B8A9-015242283BB2}" = SPORE™ Creature Creator
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}" = Musicmatch® Jukebox
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{95738B44-49CF-4C62-A620-320F1007B14A}" = SpiralFrog Download Manager 0.8.25
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{988E1C18-0DB9-46DB-85CC-1F94498E0BEA}" = Tourney Master 3 Professional
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AF06CAE4-C134-44B1-B699-14FBDB63BD37}" = Dell Picture Studio v3.0
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}" = TurboTax ItsDeductible 2006
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B13F5727-F12F-4253-B6AD-26AFA880B709}" = Sony Media Manager 2.0
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B99459D2-B91A-417E-9DFA-F53D569F4445}_is1" = H.264 Encoder 1.5
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6AA3FB7-804F-4808-AD91-B62D6ED9B788}" = Windows Vista Upgrade Advisor
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD6E2C22-D69A-457B-8EB3-74BFB139E1B4}" = Asshole
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D1E0E859-F46D-4708-A41D-ED90C0C1822A}" = Acronis True Image Home
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D4A2EF65-9888-4EFF-8EA0-A2D2C3152A29}" = Samsung USB Driver (MCCI 4.34) WHQL v3.4
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DB42270E-B4CA-7457-3D2B-E0B46AAEF819}" = twhirl
"{DD7A785B-45C9-4DDB-A726-0889F7A9C006}" = WD SmartWare
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware 2007
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag
"{DFB951D6-4270-42D8-B4B7-AA4B01911DC3}" = Sony Vegas 7.0
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}" = Styler
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{EC2A8F27-4FBF-4E41-B27B-FE822511B761}" = iTunes
"{EC59BF9E-39D5-3108-A34B-12FB60ECAF8B}" = Google Talk Plugin
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F1C9C7F7-0D56-40B2-A276-152762D39BCA}" = Adobe Setup
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"01-mp3search" = 01-mp3search 4.0
"102 Dalmatians Activity Center" = 102 Dalmatians Activity Center
"AC3ACM" = AC-3 ACM Codec
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_5d83aea83f5009a0d267d337e3f55fe" = Adobe After Effects CS3
"Adobe_a04a925a57548091300ada368235fc6" = Adobe Illustrator CS3
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Adobe_b7dd24a87e82dcf8af8876fd727b7cf" = Adobe After Effects CS3
"Aim Interrupt" = Aim Interrupt
"AIM MusicLink 4.0.0.0" = AIM MusicLink 4.0.0.0
"Aim Plugin for QQ Games" = Aim Plugin for QQ Games
"AIM Toolbar" = AIM Toolbar
"AIM_6" = AIM 6
"AIMTunes" = AIMTunes
"AMVApp" = AMVApp 3.0 beta
"AMVapp Audio Apps" = AMVapp Audio Apps 2.0
"AMVappSupportTools" = AMVapp Support Tools 2.0
"AskSBar Uninstall" = Ask Toolbar
"AVG8Uninstall" = AVG Free 8.5
"AVGantiRootkit" = AVG Anti-Rootkit Free
"AVI to DivX (AVI Codec Converter)_is1" = AVI to DivX 3.1.5
"Avidemux 2.4" = Avidemux 2.4
"AviSynth" = AviSynth 2.5
"Avisynth Filters" = Avisynth Filters 2.5x
"Belarc Advisor" = Belarc Advisor 7.2
"BitComet" = BitComet 0.98
"BitZip" = BitZip (remove only)
"BroadJump Client Foundation" = BroadJump Client Foundation
"CamStudio" = CamStudio
"CCleaner" = CCleaner (remove only)
"CleanUp!" = CleanUp!
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"DesktopX" = DesktopX
"DGMPEGDec" = DGMPEGDec 1.4.9 beta12
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD-TO-AVI V2.2_is1" = DVD-TO-AVI V2.2
"DVDx_is1" = DVDx
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"Ewisoft Website builder_is1" = Ewisoft Website builder 2.2
"FeedDemon_is1" = FeedDemon
"ffdshow_is1" = ffdshow [rev 3026] [2009-07-05]
"FileZilla Server" = FileZilla Server (remove only)
"GameSpy Arcade" = GameSpy Arcade
"GCH Guitar academy" = GCH Guitar academy
"Google Video Uploader" = Google Video Uploader
"GoogleVideoPlayer" = Google Video Player
"Guitar Pro 5_is1" = Guitar Pro 5.2
"Guitar-Online Tools - Tuner_is1" = Guitar-Online Tools - Tuner, version 2.1
"H264Tools" = H264 Tools 1.0
"HaaliMkx" = Haali Media Splitter
"Halo Trial" = Microsoft Halo Trial
"HandBrake" = HandBrake 0.9.3
"HelixYUVCodecs" = Helix YUV Codecs (remove only)
"HijackThis" = HijackThis 2.0.2
"HP Photo & Imaging" = HP Image Zone 4.7
"HUFFYUV" = Huffyuv AVI lossless video codec (Remove Only)
"IconPackager" = IconPackager
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InfraRecorder" = InfraRecorder
"InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"InstallShield_{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"InstallShield_{988E1C18-0DB9-46DB-85CC-1F94498E0BEA}" = Tourney Master 3 Professional
"InstallShield_{D4A2EF65-9888-4EFF-8EA0-A2D2C3152A29}" = Samsung USB Driver (MCCI 4.34) WHQL v3.4
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"iPod Copy Expert_is1" = iPod Copy Expert 3.1.2
"Kid Pix Studio Deluxe 1.0" = Kid Pix Studio Deluxe
"LastFM_is1" = Last.fm 1.5.4.24567
"LimeWire" = LimeWire 5.1.3
"LogonStudio" = LogonStudio
"LosslessCodecs" = Lossless Codecs
"LUNA_US_090414" = LUNA Online v1.0.0
"MagicDisc 2.7.101" = MagicDisc 2.7.101
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Malwarebytes' RogueRemover FREE_is1" = Malwarebytes' RogueRemover
"MemSkin+" = MemSkin+
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mikogo" = Mikogo
"mIRC" = mIRC
"MKVtoolnix" = MKVtoolnix 2.4.0
"Mozilla Firefox (3.0.13)" = Mozilla Firefox (3.0.13)
"Mozilla Thunderbird (2.0.0.19)" = Mozilla Thunderbird (2.0.0.19)
"MS-MPEG4" = Microsoft MPEG-4 VKI Video Codec V1/V2/V3
"MSN Toolbar" = MSN Toolbar
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"ObjectDock" = ObjectDock
"Oneeko" = Oneeko
"Orb" = Winamp Remote
"PeerGuardian_is1" = PeerGuardian 2.0
"PROSet" = Intel® PRO Network Adapters and Drivers
"QQ Games" = QQ Games
"RealPlayer 6.0" = RealPlayer Basic
"Recordpad" = RecordPad Sound Recorder
"Riva Producer Lite_is1" = Riva Producer Lite
"SMPlayer" = SMPlayer 0.6.7
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Soulseek2" = SoulSeek 157 NS 13c
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"Steam App 12910" = Audiosurf Demo
"StepMania" = StepMania (remove only)
"StepMania CVS" = StepMania CVS 4.0 (remove only)
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SUPER ©" = SUPER © Version 2008.bld.32 (July 8, 2008)
"Switch" = Switch Sound File Converter
"The KMPlayer" = The KMPlayer (remove only)
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"TurboTax 2008" = TurboTax 2008
"TurboTax Deluxe 2007" = TurboTax Deluxe 2007
"Veoh Web Player Beta" = Veoh Web Player Beta
"vghd" = VirtuaGirl HD
"Video Edit Magic 4_is1" = Video Edit Magic 4.2
"ViewpointMediaPlayer" = Viewpoint Media Player
"VirtualDubMod" = VirtualDubMod 1.5.10.2
"VLC media player" = VideoLAN VLC media player 0.8.6f
"WavePad" = WavePad Sound Editor
"Webroot Parental Controls Remote Access Client" = Webroot Parental Controls Remote Access Client
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Winamp Thingy" = Winamp Thingy (remove only)
"Winamp Toolbar" = Winamp Toolbar
"WindowBlinds" = WindowBlinds
"Windows Media Player" = Windows Media Player 10
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"World of Warcraft" = World of Warcraft
"Xilisoft Video Converter" = Xilisoft Video Converter 3
"Xilisoft YouTube Video Converter" = Xilisoft YouTube Video Converter
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"xvid" = XviD MPEG-4 Video Codec
"Xvid_is1" = Xvid 1.1.2 final uninstall
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Customizations" = Yahoo! Browser Services
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"YInstHelper" = Yahoo! Install Manager
"Youtube Video Downloader_is1" = Youtube Video Downloader 3.12
"YouTube Video Grabber_is1" = YouTube Video Grabber 1.22
"ZD Soft Screen Recorder" = ZD Soft Screen Recorder
"ZDSV" = ZD Soft Screen Video Decoder

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.2.1
"Google Chrome" = Google Chrome
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/30/2009 17:08:51 | Computer Name = D3QPDQ71 | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.3156, faulting
module wblind.dll, version 6.4.0.0, fault address 0x0006ec44.

Error - 11/30/2009 17:08:55 | Computer Name = D3QPDQ71 | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.3156, faulting
module , version 0.0.0.0, fault address 0x00000000.

Error - 11/30/2009 17:08:57 | Computer Name = D3QPDQ71 | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.3156, faulting
module , version 0.0.0.0, fault address 0x00000000.

Error - 11/30/2009 19:48:54 | Computer Name = D3QPDQ71 | Source = PerfDisk | ID = 2001
Description = Unable to read the disk performance information from the system. Disk
performance counters must be enabled for at least one physical disk or logical volume
in order for these counters to appear. Disk performance counters can be enabled
by using the Hardware Device Manager property pages. Status code returned is data
DWORD 0.

Error - 11/30/2009 19:49:31 | Computer Name = D3QPDQ71 | Source = PerfDisk | ID = 2001
Description = Unable to read the disk performance information from the system. Disk
performance counters must be enabled for at least one physical disk or logical volume
in order for these counters to appear. Disk performance counters can be enabled
by using the Hardware Device Manager property pages. Status code returned is data
DWORD 0.

Error - 12/1/2009 17:48:03 | Computer Name = D3QPDQ71 | Source = PerfDisk | ID = 2001
Description = Unable to read the disk performance information from the system. Disk
performance counters must be enabled for at least one physical disk or logical volume
in order for these counters to appear. Disk performance counters can be enabled
by using the Hardware Device Manager property pages. Status code returned is data
DWORD 0.

Error - 12/2/2009 09:19:22 | Computer Name = D3QPDQ71 | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.3156, faulting
module unknown, version 0.0.0.0, fault address 0x6603d0d7.

Error - 12/2/2009 14:38:11 | Computer Name = D3QPDQ71 | Source = MsiInstaller | ID = 11706
Description = Product: Adobe Acrobat 9 Pro - English, Français, Deutsch -- Error
1706.No valid source could be found for product Adobe Acrobat 9 Pro - English,
Français, Deutsch. The Windows Installer cannot continue.

Error - 12/2/2009 14:39:50 | Computer Name = D3QPDQ71 | Source = MsiInstaller | ID = 11706
Description = Product: Adobe Acrobat 9 Pro - English, Français, Deutsch -- Error
1706.No valid source could be found for product Adobe Acrobat 9 Pro - English,
Français, Deutsch. The Windows Installer cannot continue.

Error - 12/2/2009 15:15:36 | Computer Name = D3QPDQ71 | Source = PerfDisk | ID = 2001
Description = Unable to read the disk performance information from the system. Disk
performance counters must be enabled for at least one physical disk or logical volume
in order for these counters to appear. Disk performance counters can be enabled
by using the Hardware Device Manager property pages. Status code returned is data
DWORD 0.

[ System Events ]
Error - 12/2/2009 09:17:50 | Computer Name = D3QPDQ71 | Source = Service Control Manager | ID = 7034
Description = The COM+ Event System service terminated unexpectedly. It has done
this 1 time(s).

Error - 12/2/2009 09:17:50 | Computer Name = D3QPDQ71 | Source = Service Control Manager | ID = 7031
Description = The Help and Support service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 100 milliseconds:
Restart the service.

Error - 12/2/2009 09:17:50 | Computer Name = D3QPDQ71 | Source = Service Control Manager | ID = 7034
Description = The Server service terminated unexpectedly. It has done this 1 time(s).

Error - 12/2/2009 09:18:12 | Computer Name = D3QPDQ71 | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the Windows Management Instrumentation
service, but this action failed with the following error: %%1056

Error - 12/2/2009 11:19:16 | Computer Name = D3QPDQ71 | Source = Service Control Manager | ID = 7034
Description = The AVG Free8 E-mail Scanner service terminated unexpectedly. It
has done this 1 time(s).

Error - 12/2/2009 11:19:16 | Computer Name = D3QPDQ71 | Source = Service Control Manager | ID = 7031
Description = The AVG Free8 WatchDog service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 0 milliseconds:
Restart the service.

Error - 12/2/2009 11:24:56 | Computer Name = D3QPDQ71 | Source = Removable Storage Service | ID = 262159
Description = RSM cannot manage library PhysicalDrive2. The database is corrupt.

Error - 12/2/2009 15:16:25 | Computer Name = D3QPDQ71 | Source = Service Control Manager | ID = 7000
Description = The PunkBuster service failed to start due to the following error:
%%3

Error - 12/2/2009 15:16:31 | Computer Name = D3QPDQ71 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Cdr4_xp

Error - 12/2/2009 15:21:16 | Computer Name = D3QPDQ71 | Source = Service Control Manager | ID = 7034
Description = The FileZilla Server FTP server service terminated unexpectedly.
It has done this 1 time(s).

< End of report >

**Blackbird** · 03-12-2009, 16:27

Hi,

Please do this:

Please download GMER from one of the following locations and save it to your desktop:

Main Mirror
This version will download a randomly named file (Recommended)
Zipped Mirror
This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.

Disconnect from the Internet and close all running programs.
Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.
GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.
Exit GMER and re-enable all active protection when done.

-- If you encounter any problems, try running GMER in [color=blue]Safe Mode[/color].

AjLangevin · (Dit bericht is het laatst bewerkt op 04-12-2009 om 02:08 door AjLangevin.)

gmer.txt: Part 1

GMER 1.0.15.15252 - http://www.gmer.net
Rootkit scan 2009-12-03 17:58:47
Windows 5.1.2600 Service Pack 2
Running: trrdxzl5.exe; Driver: C:\DOCUME~1\Aynsley\LOCALS~1\Temp\afdoapoc.sys

---- System - GMER 1.0.15 ----

SSDT spih.sys ZwCreateKey [0xF86890E0]
SSDT spih.sys ZwEnumerateKey [0xF86A7CA2]
SSDT spih.sys ZwEnumerateValueKey [0xF86A8030]
SSDT spih.sys ZwOpenKey [0xF86890C0]
SSDT spih.sys ZwQueryKey [0xF86A8108]
SSDT spih.sys ZwQueryValueKey [0xF86A7F88]
SSDT spih.sys ZwSetValueKey [0xF86A819A]

INT 0x62 ? 82B69BF8
INT 0x63 ? 82A35BF8
INT 0x82 ? 82B69BF8
INT 0x83 ? 82A35BF8
INT 0x83 ? 82A35BF8
INT 0xB4 ? 82A35BF8

---- Kernel code sections - GMER 1.0.15 ----

? spih.sys The system cannot find the file specified. !
.text USBPORT.SYS!DllUnload F802462C 5 Bytes JMP 82A351D8
init C:\WINDOWS\system32\drivers\senfilt.sys entry point in "init" section [0xF7EF4F80]
.text aepvj6r6.SYS F7E3A386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text aepvj6r6.SYS F7E3A3AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text aepvj6r6.SYS F7E3A3C4 3 Bytes [00, 70, 02] {ADD [EAX+0x2], DH}
.text aepvj6r6.SYS F7E3A3C9 1 Byte [2E]
.text aepvj6r6.SYS F7E3A3C9 11 Bytes [2E, 00, 00, 00, 5C, 02, 00, ...] {ADD CS:[EAX], AL; ADD [EDX+EAX+0x0], BL; ADD [EAX], AL; ADD [EAX], AL}
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Pando Networks\Media Booster\PMB.exe[1760] kernel32.dll!SetUnhandledExceptionFilter 7C8447ED 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 82B6C2D8
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F86BAC4C] spih.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F86BACA0] spih.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F868A040] spih.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F868A13C] spih.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F868A0BE] spih.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F868A7FC] spih.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F868A6D2] spih.sys
IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 82A352D8
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F869A048] spih.sys
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!RtlInitUnicodeString] 0975013E
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!swprintf] 1B42E853
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!KeSetEvent] C4830000
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoCreateSymbolicLink] B05E5F04
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoGetConfigurationInformation] E58B5B01
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoDeleteSymbolicLink] CCCCC35D
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!MmFreeMappingAddress] CCCCCCCC
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoFreeErrorLogEntry] 53EC8B55
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoDisconnectInterrupt] 08758B56
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!MmUnmapIoSpace] 0214BE83
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!ObReferenceObjectByPointer] 57000000
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IofCompleteRequest] 45C60674
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!RtlCompareUnicodeString] 1EEB010B
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IofCallDriver] 020C868B
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!MmAllocateMappingAddress] C0850000
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoAllocateErrorLogEntry] 808A1074
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoConnectInterrupt] 00000804
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoDetachDevice] A03CF024
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!KeWaitForSingleObject] 0B45950F
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!KeInitializeEvent] 45C604EB
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!RtlAnsiStringToUnicodeString] 458A000B
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!RtlInitAnsiString] 88C0840B
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoBuildDeviceIoControlRequest] 840F0946
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoQueueWorkItem] 000000C1
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!MmMapIoSpace] 14B30E8B
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoInvalidateDeviceRelations] 1C8286C6
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoReportDetectedDevice] 88010000
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoReportResourceForDetection] 001C859E
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!RtlxAnsiStringToUnicodeSize] A19E8800
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!NlsMbCodePageTag] C600001C
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!PoRequestPowerIrp] 001C8686
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!KeInsertByKeyDeviceQueue] 86C60100
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!PoRegisterDeviceForIdleDetection] 00001CA2
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!sprintf] 70518B01
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!MmMapLockedPagesSpecifyCache] 8D52006A
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!ObfDereferenceObject] 001C8886
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoGetAttachedDeviceReference] 55E85000
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoInvalidateDeviceState] 8B000023
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!ZwClose] 70518B0E
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!ObReferenceObjectByHandle] 8D52016A
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!ZwCreateDirectoryObject] 001CA486
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoBuildSynchronousFsdRequest] 41E85000
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!PoStartNextPowerIrp] 8B000023
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!PoCallDriver] 18C4830E
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoCreateDevice] 1C8D9E88
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoAllocateDriverObjectExtension] 9E880000
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!RtlQueryRegistryValues] 00001CA9
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!ZwOpenKey] 0E798366
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!RtlFreeUnicodeString] 74AAB000
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoStartTimer] 8186C636
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!KeInitializeTimer] 1A00001C
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoInitializeTimer] 1C8386C6
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!KeInitializeDpc] C6020000
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!KeInitializeSpinLock] 001C8E86
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoInitializeIrp] 86C60200
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!ZwCreateKey] 00001CAA
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!RtlAppendUnicodeStringToString] 959E8802
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!RtlIntegerToUnicodeString] 8800001C
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!ZwSetValueKey] 001CB19E
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!KeInsertQueueDpc] 96868800
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!KefAcquireSpinLockAtDpcLevel] 8800001C
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoStartPacket] 001CB286
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!KefReleaseSpinLockFromDpcLevel] C61AEB00
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoBuildAsynchronousFsdRequest] 001C8186
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoFreeMdl] 86C61200
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!MmUnlockPages] 00001C83
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoWriteErrorLogEntry] 8E868801
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!KeRemoveByKeyDeviceQueue] 8800001C
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!MmMapLockedPagesWithReservedMapping] 001CAA86
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!MmUnmapReservedMapping] 80968B00
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!KeSynchronizeExecution] 8900001C
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoStartNextPacket] 001C9C96
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!KeBugCheckEx] C6168B00
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!KeRemoveDeviceQueue] 001CB986
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!KeSetTimer] 428A0A00
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!KeCancelTimer] BA86880C
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!_allmul] 8B00001C
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!MmProbeAndLockPages] 24A48DFA
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!_except_handler3] 00000000
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!PoSetPowerState] 4B8BDF8B
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoOpenDeviceRegistryKey] 8D3F0304
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!RtlWriteRegistryValue] CB033043
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!_aulldiv] 0673C13B
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!strstr] C13B0003
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!_strupr] 8366FA72
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!KeQuerySystemTime] 75000E7B
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoWMIRegistrationControl] 0B7D80E3
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!KeTickCount] 307B8D00
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoAttachDeviceToDeviceStack] 00AA840F
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoDeleteDevice] 83660000
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!ExAllocatePoolWithTag] 6A000E7A
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoAllocateWorkItem] C6647400
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoAllocateIrp] 001CBB86
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoAllocateMdl] 4F8B0200
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!MmBuildMdlForNonPagedPool] 968D5140
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!MmLockPagableDataSection] 00001C90
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoGetDriverObjectExtension] 2266E852
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!MmUnlockPagableImageSection] 478B0000
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!ExFreePoolWithTag] 50016A40
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoFreeIrp] 1CAC8E8D
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!IoFreeWorkItem] E8510000
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!InitSafeBootMode] 00002254
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!RtlCompareMemory] 6A18538B
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!RtlCopyUnicodeString] 868D5200
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!memmove] 00001C98
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[ntoskrnl.exe!MmHighestUserAddress] 2242E850
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[HAL.dll!KfAcquireSpinLock] 8A000002
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[HAL.dll!READ_PORT_UCHAR] 83880846
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[HAL.dll!KeGetCurrentIrql] 000001C0
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[HAL.dll!KfRaiseIrql] 2C4EB70F
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[HAL.dll!KfLowerIrql] 8303C183
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[HAL.dll!HalGetInterruptVector] D103FCE1
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[HAL.dll!HalTranslateBusAddress] 2E7E8366
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[HAL.dll!KeStallExecutionProcessor] 8D1C7400
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[HAL.dll!KfReleaseSpinLock] 83893204
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 00000218
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[HAL.dll!READ_PORT_USHORT] 2E4EB70F
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 021C8B89
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[HAL.dll!WRITE_PORT_UCHAR] B70F0000
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[WMILIB.SYS!WmiSystemControl] 03D00304
IAT \SystemRoot\System32\Drivers\aepvj6r6.SYS[WMILIB.SYS!WmiCompleteRequest] 0CB389F2

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66043458] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [6604357B] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66043532] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66043458] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66043532] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [6604357B] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66043458] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[600] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66043458] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66043532] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [6604357B] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DeferWindowPos] [66603E28] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66043458] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [6604357B] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DeferWindowPos] [66603E28] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetWindowPlacement] [66603F30] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!MoveWindow] [66603F52] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66043532] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66043458] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Styler\Styler.exe[1352] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!MoveWindow] [66603F52] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66043458] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66043532] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [6604357B] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66043458] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66043458] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [6604357B] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[1608] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66043532] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66043458] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66043458] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [6604357B] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66043532] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66043458] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66043532] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [6604357B] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66043458] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1628] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\Explorer.EXE[1692] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExA] [66043458] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\Explorer.EXE[1692] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryA] [6604345E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\Explorer.EXE[1692] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryW] [660434B5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\Explorer.EXE[1692] @ C:\WINDOWS\Explorer.EXE [USER32.dll!SetWindowPlacement] [66603F0E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[1692] @ C:\WINDOWS\Explorer.EXE [USER32.dll!MoveWindow] [66603F52] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[1692] @ C:\WINDOWS\Explorer.EXE [USER32.dll!GetWindowPlacement] [66603F30] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[1692] @ C:\WINDOWS\Explorer.EXE [USER32.dll!LoadImageW] [66042415] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\Explorer.EXE[1692] @ C:\WINDOWS\Explorer.EXE [USER32.dll!TrackPopupMenuEx] [6604357B] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\Explorer.EXE[1692] @ C:\WINDOWS\Explorer.EXE [USER32.dll!TrackPopupMenu] [66043532] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll (WindowBlinds (32 bit XP)/Stardock Corporation)
IAT C:\WINDOWS\Explorer.EXE[1692] @ C:\WINDOWS\Explorer.EXE [USER32.dll!DeferWindowPos] [66603E28] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[1692] @ C:\WINDOWS\Explorer.EXE [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

AjLangevin · (Dit bericht is het laatst bewerkt op 04-12-2009 om 02:12 door AjLangevin.)

It's too large to paste. I am going to attach it in my next post.

AjLangevin · 04-12-2009, 02:14

Here is a link to download the text file. It took more than two posts to paste in, and went on for much longer, and also was very hard to figure out where to begin the next paste from. It is hosted on Sendspace, just click the download link at the bottom of the page.

http://www.sendspace.com/file/rqp1uu

**Blackbird** · 04-12-2009, 16:12

Hi,

Start MalwareBytes' Anti-Malware
Click on the Update tab, and update the program.
Then, click on the Scanner tab, and select Perform Full scan
Now, click the scan button.

Wait untill the scan is finished. Delete everything that has been found.
Please post the logfile in your next reply.

Also please post a new OTL logfile. Icon_smile