Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Board index Malware Removal ForumsInfected? Virus, malware, adware, ransomware, oh my!

Possible Keylogger?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
Topic locked

Possible Keylogger?

Unread postby Menzobarb » January 10th, 2009, 4:33 pm

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:31:31 PM, on 1/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=1080515
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=1080515
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: 66.232.112.194 l2authd.lineage2.com
O1 - Hosts: 66.232.112.194 l2testauthd.lineage2.com
O1 - Hosts: 66.232.112.194 l2patcher.lineage2.com
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" resetprofile
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'Default user')
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe

--
End of file - 8214 bytes
Menzobarb
Active Member
 
Posts: 5
Joined: January 10th, 2009, 4:30 pm
Top
Advertisement
Register to Remove

Re: Possible Keylogger?

Unread postby jmw3 » January 18th, 2009, 4:25 am

Welcome Menzobarb

Apologies for the late reply. As you can appreciate the boards are quite busy. If you still require help with your computer problem could you do the following:

Random's System Information Tool (RSIT)
  • Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.
  • Right click on RSIT.exe to run the tool
  • Click Continue at the disclaimer screen
  • Once it has finished, two logs will open, log.txt (<<will be maximized) and info.txt (<<will be minimized)
  • Copy & paste the contents of both logs in your next reply
If info.txt does not minimise to the Task Bar, you will find it in C:\rsit
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia
Top

Re: Possible Keylogger?

Unread postby Menzobarb » January 18th, 2009, 5:55 pm

Log.txt

Logfile of random's system information tool 1.05 (written by random/random)
Run by Menzo at 2009-01-18 13:51:12
Microsoft Windows XP Professional Service Pack 3
System drive C: has 182 GB (61%) free of 300 GB
Total RAM: 3069 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:51:34 PM, on 1/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\Documents and Settings\Menzo\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Menzo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=1080515
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=1080515
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: 66.232.112.194 l2authd.lineage2.com
O1 - Hosts: 66.232.112.194 l2testauthd.lineage2.com
O1 - Hosts: 66.232.112.194 l2patcher.lineage2.com
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" resetprofile
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [KeyScrambler] C:\Program Files\KeyScrambler\getting_started.html (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'Default user')
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe

--
End of file - 8802 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2B9F5787-88A5-4945-90E7-C4B18563BC5E}]
KeyScramblerBHO Class - C:\Program Files\KeyScrambler\KeyScramblerIE.dll [2009-01-12 804840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\IPSBHO.DLL [2008-10-12 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-07-08 683464]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-08-02 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-08-02 13570048]
"dellsupportcenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Aim6"=C:\Program Files\AIM6\aim6.exe [2008-06-06 50528]
"Yahoo! Pager"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2007-08-30 4670704]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2008-04-11 110592]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-10-18 204288]
"CursorXP"=C:\Program Files\CursorXP\CursorXP.exe [2005-01-19 128000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv]
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll [2008-12-13 184320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX"
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"="C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\World of Warcraft\WoW-2.3.0-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-2.3.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\WINDOWS\ehome\ehshell.exe"="C:\WINDOWS\ehome\ehshell.exe:LocalSubNet:Enabled:Media Center"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Curse\CurseClient.exe"="C:\Program Files\Curse\CurseClient.exe:*:Enabled:Curse Client"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX"
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"="C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
shell\AutoRun\command - E:\setup.exe


======List of files/folders created in the last 1 months======

2009-01-18 13:51:12 ----D---- C:\rsit
2009-01-14 09:01:43 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-12 02:27:43 ----D---- C:\Program Files\KeyScrambler
2009-01-10 11:42:12 ----D---- C:\Program Files\Trend Micro
2008-12-30 21:45:37 ----A---- C:\Documents and Settings\Menzo\Application Data\inst.exe
2008-12-30 21:45:36 ----D---- C:\Documents and Settings\Menzo\Application Data\Vso
2008-12-30 21:45:22 ----D---- C:\Program Files\DVDFab 5
2008-12-28 13:06:02 ----A---- C:\WINDOWS\DIIUnin.exe
2008-12-27 20:57:59 ----D---- C:\Movies
2008-12-26 19:36:01 ----D---- C:\Program Files\Hades' Game Loader

======List of files/folders modified in the last 1 months======

2009-01-18 13:51:20 ----D---- C:\WINDOWS\Prefetch
2009-01-18 08:48:36 ----D---- C:\WINDOWS\Temp
2009-01-17 22:46:42 ----D---- C:\Program Files\Mozilla Firefox
2009-01-14 11:06:07 ----D---- C:\WINDOWS
2009-01-14 09:12:32 ----D---- C:\WINDOWS\system32
2009-01-14 09:12:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-14 09:08:31 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-14 09:08:31 ----D---- C:\WINDOWS\Registration
2009-01-14 09:07:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-14 09:01:50 ----HD---- C:\WINDOWS\inf
2009-01-14 09:01:45 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-01-14 09:01:45 ----D---- C:\WINDOWS\system32\drivers
2009-01-14 09:01:40 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-13 15:22:21 ----D---- C:\Program Files\World of Warcraft
2009-01-12 02:27:43 ----RD---- C:\Program Files
2009-01-10 12:46:40 ----D---- C:\Documents and Settings\Menzo\Application Data\LimeWire
2009-01-10 10:48:04 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-01-10 02:24:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-09 17:35:28 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-09 03:30:01 ----D---- C:\MDT
2009-01-01 04:18:53 ----D---- C:\Program Files\Diablo II
2008-12-30 23:58:02 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-12-28 14:38:22 ----D---- C:\WINDOWS\Minidump
2008-12-27 20:58:43 ----D---- C:\NVIDIA
2008-12-19 15:24:13 ----D---- C:\Documents and Settings\Menzo\Application Data\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]
R1 BHDrvx86;Symantec Heuristics Driver; C:\WINDOWS\System32\Drivers\NAV\1002000.007\BHDrvx86.sys [2008-12-05 255536]
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\System32\Drivers\NAV\1002000.007\ccHPx86.sys [2008-10-12 362544]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090115.001\IDSxpx86.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\System32\Drivers\NAV\1002000.007\SRTSPX.SYS [2008-12-05 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\NAV\1002000.007\SYMTDI.SYS [2008-12-05 198192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 NVR0FLASHDev;NVR0FLASHDev; \??\C:\WINDOWS\nvflash.sys []
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-04-24 160256]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2005-11-08 502272]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2005-11-08 439680]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2005-11-08 7168]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2005-11-08 143360]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2005-11-08 77824]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 ha20x2k;Creative 20X HAL Driver; C:\WINDOWS\system32\drivers\ha20x2k.sys [2006-02-14 1096192]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 KeyScrambler;KeyScrambler; C:\WINDOWS\System32\drivers\keyscrambler.sys [2008-06-24 113896]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-07-17 34960]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-07-17 36240]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090118.003\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090118.003\NAVEX15.SYS []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-08-02 6121856]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2005-11-08 114688]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-12-30 47360]
R3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [2004-02-14 469696]
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NAV\1002000.007\SRTSP.SYS [2008-12-05 306736]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\NAV\1002000.007\SYMDNS.SYS [2008-12-05 12976]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\NAV\1002000.007\SYMFW.SYS [2008-12-05 89904]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\NAV\1002000.007\SYMIDS.SYS [2008-12-05 34608]
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-12-05 36272]
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\NAV\1002000.007\SYMNDIS.SYS [2008-12-05 37424]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\NAV\1002000.007\SYMREDRV.SYS [2008-12-05 24624]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 a1ihlru1;a1ihlru1; C:\WINDOWS\system32\drivers\a1ihlru1.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 COMMONFX.DLL;COMMONFX.DLL; C:\WINDOWS\system32\COMMONFX.DLL [2005-11-08 87040]
S3 CT20XUT.DLL;CT20XUT.DLL; C:\WINDOWS\system32\CT20XUT.DLL [2005-11-08 158208]
S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\WINDOWS\system32\CTAUDFX.DLL [2005-11-08 536576]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2005-07-12 340704]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\WINDOWS\system32\CTEAPSFX.DLL [2005-11-08 157696]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\WINDOWS\system32\CTEDSPFX.DLL []
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\WINDOWS\system32\CTEDSPIO.DLL []
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\WINDOWS\system32\CTEDSPSY.DLL []
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\WINDOWS\system32\CTERFXFX.DLL []
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\WINDOWS\system32\CTEXFIFX.DLL [2005-11-08 1160192]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\WINDOWS\system32\CTHWIUT.DLL [2005-11-08 61952]
S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\WINDOWS\system32\CTSBLFX.DLL [2005-11-08 548352]
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pmxmouse;PMXMOUSE; C:\WINDOWS\system32\DRIVERS\pmxmouse.sys [2007-06-01 18432]
S3 pmxusblf;PMXUSBLF; C:\WINDOWS\system32\DRIVERS\pmxusblf.sys [2007-05-24 14336]
S3 QWAVEDRV;QWAVE driver; C:\WINDOWS\system32\DRIVERS\qwavedrv.sys [2005-10-20 14336]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-12-05 36272]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-13 5504]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-10-17 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-03-07 417792]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-10-20 96256]
R2 Norton AntiVirus;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe [2008-12-05 115560]
R2 nTuneService;Performance Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2008-04-11 155648]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-08-02 163908]
R2 RMSvc;Media Center Extender Resource Monitor; C:\WINDOWS\ehome\RMSvc.exe [2005-10-20 28160]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-08-13 201968]
R2 UpdateCenterService;Update Center Service; C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe [2008-03-13 114688]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\wmpnetwk.exe [2006-10-18 913408]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-09-25 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 QWAVE;QWAVE service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe []
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

-----------------EOF-----------------

Info.txt

info.txt logfile of random's system information tool 1.05 2009-01-18 13:51:36

======Uninstall list======

-->MsiExec /X{699BAC7F-DC10-4709-97D8-45379301BBE7}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32903944-19A2-418C-901D-4BBAF4C55ABA}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32903944-19A2-418C-901D-4BBAF4C55ABA}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44267176-A318-447F-A62A-0A5FD608C34F}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44267176-A318-447F-A62A-0A5FD608C34F}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6349CEE9-19F2-49D9-AC9D-B0350E3CBDB1}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6349CEE9-19F2-49D9-AC9D-B0350E3CBDB1}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BF90A01-FA3F-42B9-A071-7D744409967E}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BF90A01-FA3F-42B9-A071-7D744409967E}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B026740-A400-48FF-8F6B-B37C4F61C937}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B026740-A400-48FF-8F6B-B37C4F61C937}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B49BCFF0-64CC-4E0E-AD9D-91BFBD344BAE}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B49BCFF0-64CC-4E0E-AD9D-91BFBD344BAE}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5AF6143-E738-4768-A5E6-C07C68A464A4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5AF6143-E738-4768-A5E6-C07C68A464A4}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8DA9EB2-DBEF-4F0A-B90A-45B77D9E65B2}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8DA9EB2-DBEF-4F0A-B90A-45B77D9E65B2}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C229589D-CC1A-43FF-9507-CDED3AB85325}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C229589D-CC1A-43FF-9507-CDED3AB85325}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D8A544F4-AC5F-4B67-9C74-F3E976798797}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D8A544F4-AC5F-4B67-9C74-F3E976798797}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DAAC5938-8026-4D0C-A476-D1954917B7F5}\SETUP.EXE" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DAAC5938-8026-4D0C-A476-D1954917B7F5}\SETUP.EXE" -l0x9 /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Advanced Decoder Patch-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{46C73DE4-E96D-4F7C-8371-F28052183B12}\setup.exe" -l0x9
AIM 6-->C:\Program Files\AIM6\uninst.exe
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AutoHotkey 1.0.47.06-->C:\Program Files\AutoHotkey\uninst.exe
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Broadcom Management Programs-->MsiExec.exe /X{C99C0593-3B48-41D9-B42F-6E035B320449}
Browser Address Error Redirector-->MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}
Combined Community Codec Pack 2008-01-24-->"C:\Program Files\Combined Community Codec Pack\unins001.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Creative Audio Console-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove
Creative MediaSource-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}\setup.exe" -l0x9 /remove
CursorXP-->C:\Program Files\CursorXP\CurXPUtil.exe -u
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Dell Support Center (Support Software)-->MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
Diablo II-->C:\WINDOWS\DIIUnin.exe C:\WINDOWS\DIIUnin.dat
Documentation & Support Launcher-->MsiExec.exe /X{B0DF58A2-40DF-4465-AA56-38623EC9938C}
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.2.2-->"C:\Program Files\DVDFab 5\unins000.exe"
er100LT-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
Games, Music, & Photos Launcher-->MsiExec.exe /X{B6884A07-0305-47AE-9969-8F26FADC17DE}
Guild Wars-->"C:\Program Files\Guild Wars\Gw.exe" -uninstall
Hades' Game Loader-->C:\Program Files\Hades' Game Loader\Uninstaller.exe
Hero Editor V0.95-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Hero Editor\ST6UNST.LOG"
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
IconPackager-->C:\PROGRA~1\Stardock\OBJECT~1\ICONPA~1\iconpackager.exe /uninstallwise
Internet Service Offers Launcher-->MsiExec.exe /X{E42BD75A-FC23-4E3F-9F91-2658334C644F}
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
KeyScrambler-->C:\Program Files\KeyScrambler\uninstall.exe
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x9 UNINSTALL
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Logitech QuickCam-->MsiExec.exe /I{466B21EE-2858-4845-B2B3-056FC544DAA3}
Logitech SetPoint 5.00-->MsiExec.exe /I{D3120436-1358-4253-9EB2-257FFE8CE1D9}
Logitech® Camera Driver-->"C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Media Center Extender-->c:\WINDOWS\eHome\DvcConn.exe /uninstall
Media Center Extender-->MsiExec.exe /I{23FE964A-853B-4176-86D7-9E18B5CA1FC0}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Plus! Digital Media Edition Installer-->MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
Microsoft Plus! Photo Story 2 LE-->MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mouse Suite for Desktop Computers-->C:\Program Files\InstallShield Installation Information\{448E2D77-E504-4221-B2C2-93646B344729}\setup.exe -runfromtemp -l0x0009 -removeonly
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Norton AntiVirus-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV\562C4DD5\16.2.0.7\InstStub.exe /X
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA Performance-->"C:\Program Files\InstallShield Installation Information\{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}\setup.exe" -runfromtemp -l0x0409 -removeonly
NVIDIA Performance-->MsiExec.exe /I{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}
NVIDIA PhysX v8.08.01-->MsiExec.exe /X{699BAC7F-DC10-4709-97D8-45379301BBE7}
NVIDIA System Monitor-->"C:\Program Files\InstallShield Installation Information\{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}\setup.exe" -runfromtemp -l0x0409 -removeonly
NVIDIA System Monitor-->MsiExec.exe /I{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}
NVIDIA System Update-->"C:\Program Files\InstallShield Installation Information\{6F69C969-2942-4E7B-B594-75B37664B8BA}\setup.exe" -runfromtemp -l0x0409 -removeonly
NVIDIA System Update-->MsiExec.exe /I{6F69C969-2942-4E7B-B594-75B37664B8BA}
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -l0x9 -cluninstall
QuickSet-->C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe -runfromtemp -l0x0009 APPDRVNT4 -removeonly
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Revo Uninstaller 1.75-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
SearchAssist-->C:\DELL\SearchAssist\UninstSA.bat
Security Update for Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Sonic Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sound Blaster X-Fi-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}\setup.exe" -l0x9 /remove
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Update for Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update Rollup 2 for Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Warhammer Online: Age of Reckoning Beta-->C:\Documents and Settings\Menzo\Desktop\WarhammerOnline_Beta_encr\uninst2.exe
Winamp Toolbar for Firefox-->"C:\Documents and Settings\Menzo\Application Data\Mozilla\Firefox\Profiles\3nf86wq0.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe"
Winamp Toolbar for Internet Explorer-->"C:\Program Files\Winamp Toolbar\uninstall.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
WindowBlinds-->C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\INSTALL.LOG
Windows Live Messenger-->MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Media Connect-->"C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]-->C:\WINDOWS\$NtUninstallEmeraldQFE2$\spuninst\spuninst.exe
Windows Media Player 10-->MsiExec.exe /I{33BB4982-DC52-4886-A03B-F4C5C80BEE89}
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Media Center Edition 2005 KB905589-->"C:\WINDOWS\$NtUninstallKB905589$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG

======Hosts File======

66.232.112.194 l2authd.lineage2.com
66.232.112.194 l2testauthd.lineage2.com
66.232.112.194 l2patcher.lineage2.com
216.107.250.194 nprotect.lineage2.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com

======Security center information======

AV: Norton AntiVirus
FW: Norton AntiVirus

System event log

Computer Name: SMEXYNESS
Event Code: 7036
Message: The LiveUpdate service entered the stopped state.

Record Number: 5408
Source Name: Service Control Manager
Time Written: 20080916225917.000000-420
Event Type: information
User:

Computer Name: SMEXYNESS
Event Code: 7036
Message: The LiveUpdate service entered the running state.

Record Number: 5407
Source Name: Service Control Manager
Time Written: 20080916225900.000000-420
Event Type: information
User:

Computer Name: SMEXYNESS
Event Code: 7035
Message: The LiveUpdate service was successfully sent a start control.

Record Number: 5406
Source Name: Service Control Manager
Time Written: 20080916225900.000000-420
Event Type: information
User: NT AUTHORITY\SYSTEM

Computer Name: SMEXYNESS
Event Code: 7036
Message: The LiveUpdate service entered the stopped state.

Record Number: 5405
Source Name: Service Control Manager
Time Written: 20080916191007.000000-420
Event Type: information
User:

Computer Name: SMEXYNESS
Event Code: 7036
Message: The LiveUpdate service entered the running state.

Record Number: 5404
Source Name: Service Control Manager
Time Written: 20080916190835.000000-420
Event Type: information
User:

Application event log

Computer Name: SMEXYNESS
Event Code: 700
Message: MsnMsgr (608) Online defragmentation is beginning a full pass on database '\\.\C:\Documents and Settings\Menzo\Local Settings\Application Data\Microsoft\Messenger\menzobarb@hotmail.com\SharingMetadata\Working\database_8E04_10BB_410_A7EB\dfsr.db'.

Record Number: 11657
Source Name: ESENT
Time Written: 20081223080011.000000-480
Event Type: information
User:

Computer Name: SMEXYNESS
Event Code: 701
Message: MsnMsgr (608) Online defragmentation has completed a full pass on database '\\.\C:\Documents and Settings\Menzo\Local Settings\Application Data\Microsoft\Messenger\menzobarb@hotmail.com\SharingMetadata\Working\database_8E04_10BB_410_A7EB\dfsr.db'.

Record Number: 11656
Source Name: ESENT
Time Written: 20081223070011.000000-480
Event Type: information
User:

Computer Name: SMEXYNESS
Event Code: 700
Message: MsnMsgr (608) Online defragmentation is beginning a full pass on database '\\.\C:\Documents and Settings\Menzo\Local Settings\Application Data\Microsoft\Messenger\menzobarb@hotmail.com\SharingMetadata\Working\database_8E04_10BB_410_A7EB\dfsr.db'.

Record Number: 11655
Source Name: ESENT
Time Written: 20081223070011.000000-480
Event Type: information
User:

Computer Name: SMEXYNESS
Event Code: 701
Message: MsnMsgr (608) Online defragmentation has completed a full pass on database '\\.\C:\Documents and Settings\Menzo\Local Settings\Application Data\Microsoft\Messenger\menzobarb@hotmail.com\SharingMetadata\Working\database_8E04_10BB_410_A7EB\dfsr.db'.

Record Number: 11654
Source Name: ESENT
Time Written: 20081223060011.000000-480
Event Type: information
User:

Computer Name: SMEXYNESS
Event Code: 700
Message: MsnMsgr (608) Online defragmentation is beginning a full pass on database '\\.\C:\Documents and Settings\Menzo\Local Settings\Application Data\Microsoft\Messenger\menzobarb@hotmail.com\SharingMetadata\Working\database_8E04_10BB_410_A7EB\dfsr.db'.

Record Number: 11653
Source Name: ESENT
Time Written: 20081223060011.000000-480
Event Type: information
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=4
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------
Menzobarb
Active Member
 
Posts: 5
Joined: January 10th, 2009, 4:30 pm
Top

Re: Possible Keylogger?

Unread postby jmw3 » January 19th, 2009, 2:44 am

Hi
Nothing really jumping out at me here. What makes you think there is a keylogger on board?

These hosts file entires:
O1 - Hosts: 66.232.112.194 l2authd.lineage2.com
O1 - Hosts: 66.232.112.194 l2testauthd.lineage2.com
O1 - Hosts: 66.232.112.194 l2patcher.lineage2.com
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
Did you enter those yourself?

Upload Files for Scanning
Go to VirSCAN or VirusTotal
(Just use one or the other. No need to use both.)

If you use VirSCAN click Browse
In the File Upload box that opens navigate to C:\WINDOWS\system32\drivers\a1ihlru1.sys, & double click on a1ihlru1.sys
Then click Upload
Wait for scans to finish then copy & paste the results into your next reply

If you use VirusTotal click Browse
In the Choose File box that opens navigate to C:\WINDOWS\system32\drivers\a1ihlru1.sys, & double click on a1ihlru1.sys
Then click Send File
Wait for scans to finish then copy & paste the results into your next reply

Remove Programs
Click Start > Control Panel > Add/Remove Programs
Remove these programs by clicking Remove

Browser Address Error Redirector
DAEMON Tools Toolbar

If some programs listed are not present, please do not panic

Fix HiJackThis Entries
  • Open HiJackThis
  • Click on Do a system scan only
  • Place a checkmark next to these lines(if still present):
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll

  • Close all windows except Hijackthis and click Fix Checked
  • Click Yes when prompted
  • Close HijackThis.
Update Java Runtime
You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program
up to date, and also remove the older more vulnerable versions from your system. The most current version of Sun Java is: Java Runtime Environment Version 6 Update 11.
JavaRa
Download JavaRa and unzip it to your desktop.
***Please close any instances of Internet Explorer before continuing!***
  • Double-click on JavaRa.exe to start the program
  • From the drop-down menu, choose English and click on Select
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK
  • A logfile will pop up. Save it to a convenient location
  • Click on Additional Tasks then tick Remove Useless JRE Files
  • Click Go then OK when prompted & close the program
  • Click Start > Control Panel > Add/Remove Programs, look for any old versions of Java that may have been missed. If found remove them
Update Java Runtime
  • Go to http://java.sun.com/javase/downloads/index.jsp
  • Scroll down to Java Runtime Environment (JRE) 6 Update 11 and click on the Download button
  • In the Platform box choose Windows
  • Check the box to Accept License Agreement and click Continue
  • Click on Windows Offline Installation, click on the link under it which says "jre-6u11-windows-i586-p.exe" and save the downloaded file to your desktop
  • Install the new version by running the downloaded file with the Java icon & follow the on-screen instructions
ATF Cleaner
Download ATF Cleaner here by Atribune.
    Double-click ATF-Cleaner.exe to run the program
    Under Main choose: Select All
    Click the Empty Selected button
If you use Firefox browser
    Click Firefox at the top and choose: Select All
    Click the Empty Selected button
    NOTE: If you would like to keep your saved passwords, please click No at the prompt
If you use Opera browser
    Click Opera at the top and choose: Select All
    Click the Empty Selected button
    NOTE: If you would like to keep your saved passwords, please click No at the prompt
Click Exit on the Main menu to close the program.

Reboot your computer.

I see you have Malwarebytes' Anti-Malware. Let's give that a run. Ensure it is fully updated to the latest version & definitions ( v1.33, def 1666 at the time of this post)
  • Under the Scanner tab select Perform full scan, then click Scan
  • When the scan is complete, click OK, then Show Results to view the results
  • Be sure that everything is checked, and click Remove Selected
  • When completed, a log will open in Notepad. Please copy and paste the log back into your next reply
    Note:
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
  • Or via the Logs tab when Malwarebytes' Anti-Malware is started.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so. Failure to reboot will prevent MBAM from removing all the malware.
If you receive an (Error Loading) error on reboot please reboot a second time . It is normal for this error to occur once and does not need to be reported unless it returns on future reboots.

Kaspersky Online Scan
Do an online scan with >Kaspersky Online Scanner<
  • Read through the requirements and privacy statement and click on Accept button
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run
  • When the downloads have finished, click on Settings
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan
  • Once the scan is complete, it will display the results. Click on View Scan Report
  • You will see a list of infected items there. Click on Save Report As...
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button
  • Please post this log in your next reply
To post in next reply:
Results from either VirSCAN or VirusTotal
Malwarebytes log
Kaspersky Scan log
New RSIT log (it will only produce one log this time)
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia
Top

Re: Possible Keylogger?

Unread postby Menzobarb » January 19th, 2009, 9:13 pm

A couple months back my WoW account was hacked through a keylogger. I ran Ad-Aware, Malwarebyte's Anti-Malware, Spybot Search & Destroy, and Norton 2008 and had no further problems. Recently my bank account was hit with some fraudulent charges and I ran it all again and cleared everything that showed up. But I want to be sure that i got it all.

And I did manually add the hosts about a year ago.

The VirScan and VirusTotal's could not find the directory you listed.

MBAM:

Malwarebytes' Anti-Malware 1.33
Database version: 1668
Windows 5.1.2600 Service Pack 3

1/19/2009 5:00:43 PM
mbam-log-2009-01-19 (17-00-43).txt

Scan type: Full Scan (C:\|)
Objects scanned: 126915
Time elapsed: 1 hour(s), 26 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

KasperSky: (I forgot to change the file type so I copy and pasted what was in the file it saved)

Monday, January 19, 2009
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, January 19, 2009 17:10:23
Records in database: 1648886
Scan settings
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area: My Computer
C:\
D:\
E:\
F:\
Scan statistics
Files scanned 76152
Threat name 2
Infected objects 2
Suspicious objects 0
Duration of the scan 01:38:54

File name Threat name Threats count
C:\Documents and Settings\All Users\Documents\Wnidows_Blinds_THEMES\Wnidows Blinds_THEMES\Keygen.exe Infected: Trojan-Dropper.Win32.VB.igz 1
C:\Program Files\Diablo II\MISC\D2PA.exe Infected: Backdoor.Win32.Agent.kec 1
The selected area was scanned.

RSIT:

Logfile of random's system information tool 1.05 (written by random/random)
Run by Menzo at 2009-01-19 17:11:02
Microsoft Windows XP Professional Service Pack 3
System drive C: has 182 GB (61%) free of 300 GB
Total RAM: 3069 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:11:25 PM, on 1/19/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Guild Wars\Gw.exe
C:\Documents and Settings\Menzo\My Documents\Anti_Virus\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Menzo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=1080515
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=1080515
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: 66.232.112.194 l2authd.lineage2.com
O1 - Hosts: 66.232.112.194 l2testauthd.lineage2.com
O1 - Hosts: 66.232.112.194 l2patcher.lineage2.com
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" resetprofile
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [KeyScrambler] C:\Program Files\KeyScrambler\getting_started.html (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'Default user')
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe

--
End of file - 8902 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2B9F5787-88A5-4945-90E7-C4B18563BC5E}]
KeyScramblerBHO Class - C:\Program Files\KeyScrambler\KeyScramblerIE.dll [2009-01-12 804840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\IPSBHO.DLL [2008-10-12 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-19 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-19 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-19 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-08-02 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-08-02 13570048]
"dellsupportcenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-19 136600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-01-14 399504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Aim6"=C:\Program Files\AIM6\aim6.exe [2008-06-06 50528]
"Yahoo! Pager"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2007-08-30 4670704]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2008-04-11 110592]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-10-18 204288]
"CursorXP"=C:\Program Files\CursorXP\CursorXP.exe [2005-01-19 128000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv]
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll [2008-12-13 184320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
Menzobarb
Active Member
 
Posts: 5
Joined: January 10th, 2009, 4:30 pm
Top

Re: Possible Keylogger?

Unread postby jmw3 » January 19th, 2009, 11:50 pm

Hi
The RSIT log is cut off. Should be bigger than that. last line should be -----------------EOF-----------------
Could you post it again please. Copy the contents over a couple of posts if it's too big. the log.txt can be found in C:\rsit

There are signs of a backdoor trojan in the Kaspersky log.

The VirScan and VirusTotal's could not find the directory you listed.
OK. It's probably not there but we'll try this first to make sure.

View Hidden Files & Folders Windows XP
To view Hidden Files & Folders do the following:
Click Start
Open My Computer
Select the Tools menu and click Folder Options
Select the View Tab
Under the Hidden files and folders heading select Show hidden files and folders
Uncheck the Hide protected operating system files (recommended) option
Click Yes to confirm
Click OK

Upload Files for Scanning
Go to VirSCAN or VirusTotal
(Just use one or the other. No need to use both.)

If you use VirSCAN click Browse
In the File Upload box that opens navigate to C:\WINDOWS\system32\drivers\a1ihlru1.sys, & double click on a1ihlru1.sys
Then click Upload
Wait for scans to finish then copy & paste the results into your next reply
Following the instructions above do the same for:
C:\Program Files\Diablo II\MISC\D2PA.exe

If you use VirusTotal click Browse
In the Choose File box that opens navigate to C:\WINDOWS\system32\drivers\a1ihlru1.sys, & double click on a1ihlru1.sys
Then click Send File
Wait for scans to finish then copy & paste the results into your next reply
Following the instructions above do the same for:
C:\Program Files\Diablo II\MISC\D2PA.exe

Gmer
Download gmer.zip from Gmer here & save it to your desktop.
  • Right click on gmer.zip and select Extract All...
  • Click Next on seeing the Welcome to the Compressed (zipped) Folders Extraction Wizard
  • Click on the Browse button. Click on Desktop. Then click OK
  • Click Next. It will start extracting
  • Once done, check (tick) the Show extracted files box and click Finish
  • Double click on gmer.exe to run it
  • Select the Rootkit tab
  • On the right hand side, check all the items to be scanned, but leave Show All box unchecked
  • Select all drives that are connected to your system to be scanned
  • Click on the Scan button
  • When the scan is finished, click Copy to save the scan log to the Windows clipboard
  • Open Notepad or a similar text editor
  • Paste the clipboard contents into the text editor
  • Save the Gmer scan log and post it in your next reply
  • Close Gmer
Note: Do not run any programs while Gmer is running.

To post in next reply:
Full RSIT log
Results of VirSCAN or VirusTotal
Gmer log
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia
Top

Re: Possible Keylogger?

Unread postby Menzobarb » January 20th, 2009, 5:00 pm

Ok

RSIT Log:

Logfile of random's system information tool 1.05 (written by random/random)
Run by Menzo at 2009-01-19 17:11:02
Microsoft Windows XP Professional Service Pack 3
System drive C: has 182 GB (61%) free of 300 GB
Total RAM: 3069 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:11:25 PM, on 1/19/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Guild Wars\Gw.exe
C:\Documents and Settings\Menzo\My Documents\Anti_Virus\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Menzo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=1080515
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=1080515
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: 66.232.112.194 l2authd.lineage2.com
O1 - Hosts: 66.232.112.194 l2testauthd.lineage2.com
O1 - Hosts: 66.232.112.194 l2patcher.lineage2.com
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" resetprofile
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [KeyScrambler] C:\Program Files\KeyScrambler\getting_started.html (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'Default user')
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe

--
End of file - 8902 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2B9F5787-88A5-4945-90E7-C4B18563BC5E}]
KeyScramblerBHO Class - C:\Program Files\KeyScrambler\KeyScramblerIE.dll [2009-01-12 804840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\IPSBHO.DLL [2008-10-12 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-19 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-19 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-19 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-08-02 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-08-02 13570048]
"dellsupportcenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-19 136600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-01-14 399504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Aim6"=C:\Program Files\AIM6\aim6.exe [2008-06-06 50528]
"Yahoo! Pager"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2007-08-30 4670704]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2008-04-11 110592]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-10-18 204288]
"CursorXP"=C:\Program Files\CursorXP\CursorXP.exe [2005-01-19 128000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv]
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll [2008-12-13 184320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX"
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"="C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\World of Warcraft\WoW-2.3.0-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-2.3.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\WINDOWS\ehome\ehshell.exe"="C:\WINDOWS\ehome\ehshell.exe:LocalSubNet:Enabled:Media Center"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Curse\CurseClient.exe"="C:\Program Files\Curse\CurseClient.exe:*:Enabled:Curse Client"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX"
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"="C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
shell\AutoRun\command - E:\setup.exe


======List of files/folders created in the last 1 months======

2009-01-19 09:48:12 ----A---- C:\WINDOWS\system32\javaws.exe
2009-01-19 09:48:12 ----A---- C:\WINDOWS\system32\javaw.exe
2009-01-19 09:48:12 ----A---- C:\WINDOWS\system32\java.exe
2009-01-19 09:48:12 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-01-18 13:51:12 ----D---- C:\rsit
2009-01-14 09:01:43 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-12 02:27:43 ----D---- C:\Program Files\KeyScrambler
2009-01-10 11:42:12 ----D---- C:\Program Files\Trend Micro
2008-12-30 21:45:37 ----A---- C:\Documents and Settings\Menzo\Application Data\inst.exe
2008-12-30 21:45:36 ----D---- C:\Documents and Settings\Menzo\Application Data\Vso
2008-12-30 21:45:22 ----D---- C:\Program Files\DVDFab 5
2008-12-28 13:06:02 ----A---- C:\WINDOWS\DIIUnin.exe
2008-12-27 20:57:59 ----D---- C:\Movies
2008-12-26 19:36:01 ----D---- C:\Program Files\Hades' Game Loader

======List of files/folders modified in the last 1 months======

2009-01-19 17:11:06 ----D---- C:\WINDOWS\Prefetch
2009-01-19 16:53:40 ----D---- C:\WINDOWS\Temp
2009-01-19 14:51:41 ----D---- C:\MDT
2009-01-19 11:00:21 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-19 11:00:20 ----D---- C:\WINDOWS\system32\drivers
2009-01-19 09:57:50 ----D---- C:\WINDOWS\system32
2009-01-19 09:57:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-19 09:56:03 ----D---- C:\Program Files\Mozilla Firefox
2009-01-19 09:53:55 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-19 09:53:50 ----D---- C:\WINDOWS\Registration
2009-01-19 09:53:38 ----D---- C:\WINDOWS
2009-01-19 09:52:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-19 09:48:15 ----SHD---- C:\WINDOWS\Installer
2009-01-19 09:47:50 ----D---- C:\Program Files\Java
2009-01-19 09:32:59 ----D---- C:\Program Files\DAEMON Tools Toolbar
2009-01-19 09:32:50 ----D---- C:\Program Files\Dell
2009-01-14 09:01:50 ----HD---- C:\WINDOWS\inf
2009-01-14 09:01:45 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-01-14 09:01:40 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-13 15:22:21 ----D---- C:\Program Files\World of Warcraft
2009-01-12 02:27:43 ----RD---- C:\Program Files
2009-01-10 12:46:40 ----D---- C:\Documents and Settings\Menzo\Application Data\LimeWire
2009-01-10 10:48:04 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-01-09 17:35:28 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-01 04:18:53 ----D---- C:\Program Files\Diablo II
2008-12-30 23:58:02 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-12-28 14:38:22 ----D---- C:\WINDOWS\Minidump
2008-12-27 20:58:43 ----D---- C:\NVIDIA

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]
R1 BHDrvx86;Symantec Heuristics Driver; C:\WINDOWS\System32\Drivers\NAV\1002000.007\BHDrvx86.sys [2008-12-05 255536]
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\System32\Drivers\NAV\1002000.007\ccHPx86.sys [2008-10-12 362544]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090115.001\IDSxpx86.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\System32\Drivers\NAV\1002000.007\SRTSPX.SYS [2008-12-05 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\NAV\1002000.007\SYMTDI.SYS [2008-12-05 198192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 NVR0FLASHDev;NVR0FLASHDev; \??\C:\WINDOWS\nvflash.sys []
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-04-24 160256]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2005-11-08 502272]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2005-11-08 439680]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2005-11-08 7168]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2005-11-08 143360]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2005-11-08 77824]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 ha20x2k;Creative 20X HAL Driver; C:\WINDOWS\system32\drivers\ha20x2k.sys [2006-02-14 1096192]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 KeyScrambler;KeyScrambler; C:\WINDOWS\System32\drivers\keyscrambler.sys [2008-06-24 113896]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-07-17 34960]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-07-17 36240]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090119.033\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090119.033\NAVEX15.SYS []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-08-02 6121856]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2005-11-08 114688]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-12-30 47360]
R3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [2004-02-14 469696]
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NAV\1002000.007\SRTSP.SYS [2008-12-05 306736]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\NAV\1002000.007\SYMDNS.SYS [2008-12-05 12976]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\NAV\1002000.007\SYMFW.SYS [2008-12-05 89904]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\NAV\1002000.007\SYMIDS.SYS [2008-12-05 34608]
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-12-05 36272]
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\NAV\1002000.007\SYMNDIS.SYS [2008-12-05 37424]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\NAV\1002000.007\SYMREDRV.SYS [2008-12-05 24624]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 a28jjqj9;a28jjqj9; C:\WINDOWS\system32\drivers\a28jjqj9.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 COMMONFX.DLL;COMMONFX.DLL; C:\WINDOWS\system32\COMMONFX.DLL [2005-11-08 87040]
S3 CT20XUT.DLL;CT20XUT.DLL; C:\WINDOWS\system32\CT20XUT.DLL [2005-11-08 158208]
S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\WINDOWS\system32\CTAUDFX.DLL [2005-11-08 536576]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2005-07-12 340704]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\WINDOWS\system32\CTEAPSFX.DLL [2005-11-08 157696]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\WINDOWS\system32\CTEDSPFX.DLL []
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\WINDOWS\system32\CTEDSPIO.DLL []
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\WINDOWS\system32\CTEDSPSY.DLL []
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\WINDOWS\system32\CTERFXFX.DLL []
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\WINDOWS\system32\CTEXFIFX.DLL [2005-11-08 1160192]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\WINDOWS\system32\CTHWIUT.DLL [2005-11-08 61952]
S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\WINDOWS\system32\CTSBLFX.DLL [2005-11-08 548352]
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pmxmouse;PMXMOUSE; C:\WINDOWS\system32\DRIVERS\pmxmouse.sys [2007-06-01 18432]
S3 pmxusblf;PMXUSBLF; C:\WINDOWS\system32\DRIVERS\pmxusblf.sys [2007-05-24 14336]
S3 QWAVEDRV;QWAVE driver; C:\WINDOWS\system32\DRIVERS\qwavedrv.sys [2005-10-20 14336]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-12-05 36272]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-13 5504]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-10-17 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-03-07 417792]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-19 152984]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-10-20 96256]
R2 Norton AntiVirus;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe [2008-12-05 115560]
R2 nTuneService;Performance Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2008-04-11 155648]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-08-02 163908]
R2 RMSvc;Media Center Extender Resource Monitor; C:\WINDOWS\ehome\RMSvc.exe [2005-10-20 28160]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-08-13 201968]
R2 UpdateCenterService;Update Center Service; C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe [2008-03-13 114688]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\wmpnetwk.exe [2006-10-18 913408]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-09-25 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 QWAVE;QWAVE service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe []
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

-----------------EOF-----------------


VirusTotal couldn't find A1ihlru1.sys again, but here are the results for D2PA.exe

File D2PA.exe received on 05.02.2008 16:45:20 (CET)
Current status: finished
Result: 7/32 (21.88%)
Compact Compact
Print results Print results
Antivirus Version Last Update Result
AhnLab-V3 - - -
AntiVir - - -
Authentium - - -
Avast - - Win32:Agent-NJP
AVG - - -
BitDefender - - -
CAT-QuickHeal - - AdWare.Maxifiles.ac (Not a Virus)
ClamAV - - -
DrWeb - - -
eSafe - - suspicious Trojan/Worm
eTrust-Vet - - -
Ewido - - -
F-Prot - - -
F-Secure - - -
FileAdvisor - - -
Fortinet - - -
Ikarus - - Backdoor.Win32.Agent.TJ
Kaspersky - - -
McAfee - - -
Microsoft - - -
NOD32v2 - - -
Norman - - -
Panda - - Trj/Downloader.MDW
Prevx1 - - -
Rising - - -
Sophos - - -
Sunbelt - - Backdoor.Win32.Agent.TJ
Symantec - - -
TheHacker - - -
VBA32 - - Trojan-PSW.Win32.Agent.et
VirusBuster - - -
Webwasher-Gateway - - -
Additional information
MD5: c913ff03e05caaee929d3c56a0b2972f
SHA1: adb7577b2b75e467a7fe1b9e3011116affc17468
SHA256: 20e160cc439c0b5fb2a9ac3309ad5cc747d1690af6f1cc6e0bb18eb8f1c55d1a
SHA512: 22fce48e2190ff757a2faf2efd6c8eb97646d16ca5b1fc0d127a91cafb95720be8799e6944a16f857f4aee347845dc13334a2f5419a8fc4f971f9da3971b79ba

Gmer Log:

GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2009-01-20 12:56:28
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.14 ----

SSDT 88C0B050 ZwAlertResumeThread
SSDT 893A4050 ZwAlertThread
SSDT 88ABD1D0 ZwAllocateVirtualMemory
SSDT 893A1050 ZwAssignProcessToJobObject
SSDT 89C4C410 ZwConnectPort
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xB2BF5020]
SSDT 88ADA990 ZwCreateMutant
SSDT 88AD9EB0 ZwCreateSymbolicLinkObject
SSDT 88AC31F0 ZwCreateThread
SSDT 88B90050 ZwDebugActiveProcess
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xB2BF52A0]
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xB2BF5800]
SSDT 88ACA450 ZwDuplicateObject
SSDT sppj.sys ZwEnumerateKey [0xB9EC6CA2]
SSDT sppj.sys ZwEnumerateValueKey [0xB9EC7030]
SSDT 88ABAEB0 ZwFreeVirtualMemory
SSDT 893A3050 ZwImpersonateAnonymousToken
SSDT 88B92050 ZwImpersonateThread
SSDT 8940A7C0 ZwLoadDriver
SSDT 88AC6190 ZwMapViewOfSection
SSDT 88C0A050 ZwOpenEvent
SSDT sppj.sys ZwOpenKey [0xB9EA80C0]
SSDT 88AD1608 ZwOpenProcess
SSDT 892D25B0 ZwOpenProcessToken
SSDT 893A2050 ZwOpenSection
SSDT 88ACCC68 ZwOpenThread
SSDT 88AD9F80 ZwProtectVirtualMemory
SSDT sppj.sys ZwQueryKey [0xB9EC7108]
SSDT sppj.sys ZwQueryValueKey [0xB9EC6F88]
SSDT 8AB3A2E0 ZwResumeThread
SSDT 893A5050 ZwSetContextThread
SSDT 8A042FC0 ZwSetInformationProcess
SSDT 88C09050 ZwSetSystemInformation
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xB2BF5A50]
SSDT 88B91050 ZwSuspendProcess
SSDT 88B93050 ZwSuspendThread
SSDT 8A0478D8 ZwTerminateProcess
SSDT 88C0C050 ZwTerminateThread
SSDT 893DF480 ZwUnmapViewOfSection
SSDT 88ABAF80 ZwWriteVirtualMemory

INT 0x63 ? 8B04CBF8
INT 0x73 ? 8B04CBF8
INT 0x83 ? 8B04CBF8
INT 0x84 ? 8AE2ABF8

---- Kernel code sections - GMER 1.0.14 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2DAD 80504649 7 Bytes [ 16, AD, 88, B0, 25, 2D, 89 ]
? sppj.sys The system cannot find the file specified. !
? SYMEFA.SYS The system cannot find the file specified. !
.text USBPORT.SYS!DllUnload B95C98AC 5 Bytes JMP 8AE2A1D8
.text a28jjqj9.SYS B943C384 1 Byte [ 20 ]
.text a28jjqj9.SYS B943C386 35 Bytes [ 00, 68, 00, 00, 00, 00, 00, ... ]
.text a28jjqj9.SYS B943C3AA 24 Bytes [ 00, 00, 20, 00, 00, E0, 00, ... ]
.text a28jjqj9.SYS B943C3C4 3 Bytes [ 00, 00, 00 ]
.text a28jjqj9.SYS B943C3C9 1 Byte [ 00 ]
.text ...

---- User code sections - GMER 1.0.14 ----

.text C:\Program Files\RocketDock\RocketDock.exe[672] USER32.dll!GetCursor 7E42A91B 5 Bytes JMP 01901080 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Program Files\RocketDock\RocketDock.exe[672] USER32.dll!DrawIconEx 7E42CB84 5 Bytes JMP 01901120 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Program Files\RocketDock\RocketDock.exe[672] USER32.dll!GetIconInfo 7E42D427 5 Bytes JMP 01901030 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\WINDOWS\Explorer.EXE[736] USER32.dll!GetCursor 7E42A91B 5 Bytes JMP 01111080 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\WINDOWS\Explorer.EXE[736] USER32.dll!DrawIconEx 7E42CB84 5 Bytes JMP 01111120 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\WINDOWS\Explorer.EXE[736] USER32.dll!GetIconInfo 7E42D427 5 Bytes JMP 01111030 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] USER32.DLL!GetCursor 7E42A91B 5 Bytes JMP 011B1080 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] USER32.DLL!DrawIconEx 7E42CB84 5 Bytes JMP 011B1120 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] USER32.DLL!GetIconInfo 7E42D427 5 Bytes JMP 011B1030 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] kernel32.dll!SetUnhandledExceptionFilter 7C8449FD 5 Bytes JMP 004DE392 C:\Program Files\MSN Messenger\MsnMsgr.Exe (Messenger/Microsoft Corporation)
.text C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] USER32.dll!GetCursor 7E42A91B 5 Bytes JMP 05441080 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] USER32.dll!DrawIconEx 7E42CB84 5 Bytes JMP 05441120 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] USER32.dll!GetIconInfo 7E42D427 5 Bytes JMP 05441030 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Program Files\AIM6\aim6.exe[3528] USER32.dll!GetCursor 7E42A91B 5 Bytes JMP 03781080 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Program Files\AIM6\aim6.exe[3528] USER32.dll!DrawIconEx 7E42CB84 5 Bytes JMP 03781120 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Program Files\AIM6\aim6.exe[3528] USER32.dll!GetIconInfo 7E42D427 5 Bytes JMP 03781030 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] USER32.dll!GetCursor 7E42A91B 5 Bytes JMP 07111080 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] USER32.dll!DrawIconEx 7E42CB84 5 Bytes JMP 07111120 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] USER32.dll!GetIconInfo 7E42D427 5 Bytes JMP 07111030 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )

---- Kernel IAT/EAT - GMER 1.0.14 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B9EA9040] sppj.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B9EA913C] sppj.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B9EA90BE] sppj.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B9EA97FC] sppj.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B9EA96D2] sppj.sys
IAT \SystemRoot\System32\Drivers\a28jjqj9.SYS[HAL.dll!KfAcquireSpinLock] 000000AD
IAT \SystemRoot\System32\Drivers\a28jjqj9.SYS[HAL.dll!READ_PORT_UCHAR] 000000D4
IAT \SystemRoot\System32\Drivers\a28jjqj9.SYS[HAL.dll!KeGetCurrentIrql] 000000A2
IAT \SystemRoot\System32\Drivers\a28jjqj9.SYS[HAL.dll!KfRaiseIrql] 000000AF
IAT \SystemRoot\System32\Drivers\a28jjqj9.SYS[HAL.dll!KfLowerIrql] 0000009C
IAT \SystemRoot\System32\Drivers\a28jjqj9.SYS[HAL.dll!HalGetInterruptVector] 000000A4
IAT \SystemRoot\System32\Drivers\a28jjqj9.SYS[HAL.dll!HalTranslateBusAddress] 00000072
IAT \SystemRoot\System32\Drivers\a28jjqj9.SYS[HAL.dll!KeStallExecutionProcessor] 000000C0
IAT \SystemRoot\System32\Drivers\a28jjqj9.SYS[HAL.dll!KfReleaseSpinLock] 000000B7
IAT \SystemRoot\System32\Drivers\a28jjqj9.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 000000FD
IAT \SystemRoot\System32\Drivers\a28jjqj9.SYS[HAL.dll!READ_PORT_USHORT] 00000093
IAT \SystemRoot\System32\Drivers\a28jjqj9.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 00000026
IAT \SystemRoot\System32\Drivers\a28jjqj9.SYS[HAL.dll!WRITE_PORT_UCHAR] 00000036
IAT \SystemRoot\System32\Drivers\a28jjqj9.SYS[WMILIB.SYS!WmiSystemControl] 000000F7
IAT \SystemRoot\System32\Drivers\a28jjqj9.SYS[WMILIB.SYS!WmiCompleteRequest] 000000CC

---- User IAT/EAT - GMER 1.0.14 ----

IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!MoveWindow] [66603F52] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DeferWindowPos] [66603E28] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DeferWindowPos] [66603E28] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetWindowPlacement] [66603F30] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!MoveWindow] [66603F52] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[284] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\RocketDock\RocketDock.exe[672] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\Explorer.EXE [USER32.dll!SetWindowPlacement] [66603F0E] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\Explorer.EXE [USER32.dll!MoveWindow] [66603F52] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\Explorer.EXE [USER32.dll!GetWindowPlacement] [66603F30] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\Explorer.EXE [USER32.dll!LoadImageW] [660390D5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\Explorer.EXE [USER32.dll!SendMessageW] [66039AC1] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\Explorer.EXE [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\Explorer.EXE [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\Explorer.EXE [USER32.dll!DeferWindowPos] [66603E28] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\Explorer.EXE [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\Explorer.EXE [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SendMessageW] [66039AC1] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!MoveWindow] [66603F52] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!LoadImageW] [660390D5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DeferWindowPos] [66603E28] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SizeofResource] [66036E30] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FindResourceW] [66039000] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadResource] [66036EF5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [66036937] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!LoadStringW] [66036EFA] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!LoadImageW] [660390D5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SendMessageW] [66039AC1] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DeferWindowPos] [66603E28] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetWindowPlacement] [66603F30] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!MoveWindow] [66603F52] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\Explorer.EXE[736] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\eHome\ehSched.exe[832] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DeferWindowPos] [66603E28] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetWindowPlacement] [66603F30] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!MoveWindow] [66603F52] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!CallWindowProcW] [66604121] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DeferWindowPos] [66603E28] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CallWindowProcW] [66604121] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CallWindowProcA] [666040F4] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Documents and Settings\Menzo\Desktop\gmer.exe[1004] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe[1364] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\svchost.exe[1732] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\svchost.exe[1732] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\CursorXP\CursorXP.exe[1864] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DeferWindowPos] [66603E28] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetWindowPlacement] [66603F30] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!MoveWindow] [66603F52] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DeferWindowPos] [66603E28] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!MoveWindow] [66603F52] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[2712] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!CallWindowProcW] [66604121] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!MoveWindow] [66603F52] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!LoadImageW] [660390D5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DeferWindowPos] [66603E28] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetWindowPlacement] [66603F30] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!MoveWindow] [66603F52] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!CallWindowProcW] [66604121] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!LoadImageW] [660390D5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DeferWindowPos] [66603E28] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CallWindowProcW] [66604121] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CallWindowProcA] [666040F4] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\WINDOWS\system32\RUNDLL32.EXE[3192] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!MoveWindow] [66603F52] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DeferWindowPos] [66603E28] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DeferWindowPos] [66603E28] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetWindowPlacement] [66603F30] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!MoveWindow] [66603F52] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3280] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\WININET.DLL [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\WININET.DLL [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\WININET.DLL [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\WININET.DLL [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Dell Support Center\bin\sprtcmd.exe[3404] @ C:\WINDOWS\system32\Iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3416] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!CallWindowProcW] [66604121] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!MoveWindow] [66603F52] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DeferWindowPos] [66603E28] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetWindowPlacement] [66603F30] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!MoveWindow] [66603F52] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!CallWindowProcW] [66604121] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DeferWindowPos] [66603E28] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CallWindowProcW] [66604121] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CallWindowProcA] [666040F4] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] [015CE807] c:\program files\aim6\services\imApp\ver6_8_7_7\imAppService.dll (imAppService EE Application Service/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\Iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!SetWindowPos] [66603F82] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!GetWindowRect] [66603FB5] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aim6.exe[3528] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [63602AE9] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [6360208F] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [63602065] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [63601FC4] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [636015C8] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [636015EF] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SendMessageW] [66039AC1] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [63602AE9] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!AnimateWindow] [63601740] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [636015EF] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] [6360208F] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SendMessageW] [66039AC1] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor] [63601FC4] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [63602065] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3584] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [636015C8] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [66039A2C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [66039A75] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!SetWindowLongA] [66603E7C] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [660399AF] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [66039952] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [66039958] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
IAT C:\Program Files\AIM6\aolsoftware.exe[4020] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!SetWindowLongW] [66603EA3] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll (WindowBlinds Helper DLL/Stardock.Net, Inc)

---- Devices - GMER 1.0.14 ----

Device \FileSystem\Ntfs \Ntfs 8B04B1F8

AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device \Driver\sptd \Device\3210684462 sppj.sys
Device \Driver\usbohci \Device\USBPDO-0 8AE271F8
Device \Driver\usbehci \Device\USBPDO-1 8AE30500
Device \Driver\dmio \Device\DmControl\DmIoDaemon 8B04D1F8
Device \Driver\dmio \Device\DmControl\DmConfig 8B04D1F8
Device \Driver\dmio \Device\DmControl\DmPnP 8B04D1F8
Device \Driver\dmio \Device\DmControl\DmInfo 8B04D1F8

AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device \Driver\PCI_PNP1962 \Device\00000063 sppj.sys
Device \Driver\Ftdisk \Device\HarddiskVolume1 8B0C31F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 8B0C31F8
Device \Driver\Cdrom \Device\CdRom0 8AE2E1F8
Device \Driver\Cdrom \Device\CdRom1 8AE2E1F8
Device \Driver\Ftdisk \Device\HarddiskVolume3 8B0C31F8
Device \Driver\Cdrom \Device\CdRom2 8AE2E1F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 893F01F8
Device \Driver\NetBT \Device\NetbiosSmb 893F01F8

AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device \Driver\usbohci \Device\USBFDO-0 8AE271F8
Device \Driver\usbehci \Device\USBFDO-1 8AE30500
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 88B981F8
Device 88B981F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{BEA586A1-723E-4BE8-9D36-F10FFEA14D82} 893F01F8
Device \Driver\Ftdisk \Device\FtControl 8B0C31F8
Device \Driver\a28jjqj9 \Device\Scsi\a28jjqj91Port6Path0Target0Lun0 8AE051F8
Device \Driver\a28jjqj9 \Device\Scsi\a28jjqj91 8AE051F8
Device rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation)
Device 86269280
Device 8E98C297

AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device 88A391F8
Device Cdfs.SYS (CD-ROM File System Driver/Microsoft Corporation)

---- Threads - GMER 1.0.14 ----

Thread 4:5844 B14931F0

---- Registry - GMER 1.0.14 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xF4 0xD1 0x1C 0xF6 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x55 0x4A 0xC3 0x7B ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xA4 0x5B 0x33 0x60 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xF4 0xD1 0x1C 0xF6 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x55 0x4A 0xC3 0x7B ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xA4 0x5B 0x33 0x60 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xF4 0xD1 0x1C 0xF6 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x55 0x4A 0xC3 0x7B ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x4C 0x8A 0x3B 0xCA ...

---- EOF - GMER 1.0.14 ----
Menzobarb
Active Member
 
Posts: 5
Joined: January 10th, 2009, 4:30 pm
Top

Re: Possible Keylogger?

Unread postby jmw3 » January 21st, 2009, 3:43 am

Backdoor Warning
Before going further I must warn that there are signs your computer has been compromised by a Backdoor Trojan. A backdoor gives intruders complete control of your computer, logs your keystrokes, steal personal information, etc.

You are strongly advised to do the following:
  • Disconnect the computer from the Internet and from any networked computers until it is cleaned.
  • Back up all your important data except programs. The programs can be reinstalled back from the original disc or from the Net.
  • Call all your banks, financial institutions, credit card companies and inform them that you may be a victim of identity theft and put a watch on your accounts. If you don't mind the hassle, change all your account numbers.
  • From a clean computer, change all your passwords (ISP login password, your email address(es) passwords, financial accounts, PayPal, eBay, Amazon, online groups and forums and any other online activities you carry out which require a username and password).
Do NOT change your passwords from this computer as the attacker will be able to get all the new passwords and transaction records.

Due to its backdoor functionality, your computer is very likely to have been compromised and there is no way that it can be trusted again. Many experts in the security community believe that once infected with this type of Trojan, the best course of action would be to do a reformat and reinstallation of the operating system (OS). We can attempt to clean this machine but I cannot guarantee that it will be 100% secure afterwards.

To help you understand more, please take some time to read the following articles:
What are Remote Access Trojans and why are they dangerous
How do I respond to a possible identity theft and how do I prevent it
When should I re-format and reinstall my OS
Where to backup your files
How to backup your files in Windows XP
Restoring your backups

Let me know what you decide.

Illegal Software Detected
While going through your log it has come to my attention that your version of WindowBlinds is cracked and that it appears you are actively using it.
This forum's policy says we will not help people who use cracked or pirated software.

More information:
Illegal Copies of Software

If you still want me to help you I suggest you purchase a legal copy of the software or remove the cracked software from your computer.
NOTE: If you give me advice that the software has been removed & I find it has not (the tools we use can & will detect it) then I will have no choice but to have this thread closed.
Please decide what you are gonig to do & let me know.
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia
Top

Re: Possible Keylogger?

Unread postby Menzobarb » January 21st, 2009, 7:35 am

Thank you jmw3 for all your help in this matter. D2PA.exe has been known to show a false positive due to the nature of the program. I will most likely be formatting my computer and need no further help. Again, thank you for your time and help.
Menzobarb
Active Member
 
Posts: 5
Joined: January 10th, 2009, 4:30 pm
Top

Re: Possible Keylogger?

Unread postby jmw3 » January 21st, 2009, 9:33 am

OK, No worries. I'll have this closed.

By the way it was the keygen.exe from here: C:\Documents and Settings\All Users\Documents\Wnidows_Blinds_THEMES\Wnidows Blinds_THEMES\Keygen.exe - that I was concerned about & the reason I gave you that warning. Probably wise not to use that again if you do reformat. That's the price you pay for downloading cracks & keygens I suppose.

Anyway good luck with it.
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia
Top

Re: Possible Keylogger?

Unread postby Gary R » January 21st, 2009, 10:55 am

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Top
Advertisement
Register to Remove
Topic locked

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 131 guests

The teamDelete all board cookiesAll times are UTC - 5 hours [ DST ]

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware

Board index