Inactive System hangs up if connected to Internet

[Inactive] System hangs up if connected to Internet

My computer hangs up if I try to boot up while connected to the Internet. When I unplug the Internet connection, it boots fine.

This first happened when I uninstalled and re-installed FireFox. This was due to FireFox was running exceptionally slow and taking undue time in starting up.

I suspect that somewhere along the line a virus or other malware has gotten into the system and creating problems.

Required scans will follow.

Thanks for the help.

jim

 

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.07.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Owner :: OWNER-PC [administrator]

5/7/2012 12:54:04 PM
mbam-log-2012-05-07 (12-54-04).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 188098
Time elapsed: 4 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Owner at 13:42:13 on 2012-05-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3327.1929 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\Dwm.exe
C:\Windows\system32\lxctcoms.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Lexmark 5400 Series\lxctmon.exe
C:\Program Files\Lexmark 5400 Series\ezprint.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Freecorder\FLVSrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
C:\Windows\notepad.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.foxnews.com/
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {167D9323-F7CC-48F5-948A-6F012831A69F} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe "
uRun: [cdloader] "c:\users\owner\appdata\roaming\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [Google Update] "c:\users\owner\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe "
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe "
mRun: [lxctmon.exe] "c:\program files\lexmark 5400 series\lxctmon.exe "
mRun: [Lexmark 5400 Series Fax Server] "c:\program files\lexmark 5400 series\fm3032.exe" /s
mRun: [EzPrint] "c:\program files\lexmark 5400 series\ezprint.exe "
mRun: [LXCTCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCTtime.dll,_RunDLLEntry@16
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Freecorder FLV Service] "c:\program files\freecorder\FLVSrvc.exe" /run
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\windows\system32\securenet.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{9F796EC1-5415-4D43-BA34-706D1D3AA718} : DhcpNameServer = 209.18.47.61 209.18.47.62
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-9-12 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-9-12 337880]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-7-18 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-4-20 176128]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-9-12 20696]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-9-12 57688]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-3-14 44768]
R2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-8-26 136176]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-4-20 7772160]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-4-20 243712]
R3 SecureSrv;SecureSrv;c:\program files\hide my ip 2008\SecureSrv.exe [2012-5-5 110880]
S2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-8-23 66616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-1 257696]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-8-26 136176]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-8-27 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-8-25 1343400]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2012-05-05 18:04:07 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-05 18:04:07 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-04 19:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-10 19:08:03 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-06 23:15:19 41184 ----a-w- c:\windows\avastSS.scr
2012-03-06 23:03:51 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-06 23:02:14 44376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-06 23:01:48 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-06 05:59:47 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-06 05:59:41 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-01 05:46:57 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 05:37:41 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- c:\windows\system32\wmi.dll
2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-23 14:18:36 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-17 05:34:22 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 04:14:08 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13:22 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-10 05:38:43 1077248 ----a-w- c:\windows\system32\DWrite.dll
.
============= FINISH: 13:42:56.56 ===============

 

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-05-07 13:26:34
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD2500JD-75HBB0 rev.08.02D08
Running: csmo6zv4.exe; Driver: C:\Users\Owner\AppData\Local\Temp\kgloapow.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0x90C52DF8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0x91702A5A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAssignProcessToJobObject [0x90C5385E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0x90C582E4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0x90C58330]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0x90C58422]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0x90C58252]
SSDT 914E8C5E ZwCreateSection
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0x90C5829A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0x90C583DC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0x90C52E44]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0x91702B34]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwLoadDriver [0x90C52AD6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0x90C52E90]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0x90C55D1C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0x90C53B02]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0x90C5830E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0x90C58352]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0x90C58446]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0x90C58278]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0x90C583AE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0x90C582C2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0x90C58400]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0x91702CA0]

 

SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0x90C539CE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0x90C52EDC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0x90C52F28]
SSDT 914E8C63 ZwSetContextThread
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0x90C52B46]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0x90C52CEA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0x90C52C92]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0x90C52D5A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwTerminateProcess [0x91702D60]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0x90C52F74]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwWriteVirtualMemory [0x91702BE0]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x91718D92]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKey + 13C1 82C85359 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82CBED52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 10CB 82CC5DA0 4 Bytes [F8, 2D, C5, 90]
.text ntkrnlpa.exe!KeRemoveQueueEx + 10F3 82CC5DC8 4 Bytes [5A, 2A, 70, 91] {POP EDX; SUB DH, [EAX-0x6f]}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1153 82CC5E28 4 Bytes [5E, 38, C5, 90] {POP ESI; CMP CH, AL; NOP }
.text ntkrnlpa.exe!KeRemoveQueueEx + 11A7 82CC5E7C 4 Bytes [E4, 82, C5, 90]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11AC 82CC5E81 3 Bytes [83, C5, 90] {ADD EBP, -0x70}
.text ...
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 82E52C64 5 Bytes JMP 91715C8C \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject + 27 82E6B290 5 Bytes JMP 91717764 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 108 82E803D7 4 Bytes CALL 90C541B5 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 122 82E9A1E0 4 Bytes CALL 90C541CB \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 82F240F6 7 Bytes JMP 91718D96 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x91E0E000, 0x38CD55, 0xE8000020]
.text kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]

---- User code sections - GMER 1.0.15 ----

.text C:\Windows\system32\Dwm.exe[364] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Windows\system32\Dwm.exe[364] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Windows\system32\Dwm.exe[364] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\Dwm.exe[364] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 000F0A08
.text C:\Windows\system32\Dwm.exe[364] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 000F03FC
.text C:\Windows\system32\Dwm.exe[364] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 000F0804
.text C:\Windows\system32\Dwm.exe[364] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 000F01F8
.text C:\Windows\system32\Dwm.exe[364] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 000F0600
.text C:\Windows\system32\csrss.exe[420] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\lxctcoms.exe[424] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 001503FC
.text C:\Windows\system32\lxctcoms.exe[424] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 001501F8
.text C:\Windows\system32\lxctcoms.exe[424] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\lxctcoms.exe[424] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 00170A08
.text C:\Windows\system32\lxctcoms.exe[424] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 001703FC
.text C:\Windows\system32\lxctcoms.exe[424] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 00170804
.text C:\Windows\system32\lxctcoms.exe[424] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 001701F8
.text C:\Windows\system32\lxctcoms.exe[424] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00170600
.text C:\Windows\Explorer.EXE[496] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\wininit.exe[504] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000303FC
.text C:\Windows\system32\wininit.exe[504] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000301F8
.text C:\Windows\system32\wininit.exe[504] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\wininit.exe[504] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 000C0A08
.text C:\Windows\system32\wininit.exe[504] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 000C03FC
.text C:\Windows\system32\wininit.exe[504] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 000C0804
.text C:\Windows\system32\wininit.exe[504] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 000C01F8
.text C:\Windows\system32\wininit.exe[504] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 000C0600
.text C:\Windows\system32\csrss.exe[516] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\services.exe[552] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Windows\system32\services.exe[552] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Windows\system32\services.exe[552] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\lsass.exe[568] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000A03FC
.text C:\Windows\system32\lsass.exe[568] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000A01F8
.text C:\Windows\system32\lsass.exe[568] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\lsass.exe[568] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 00030A08
.text C:\Windows\system32\lsass.exe[568] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 000303FC
.text C:\Windows\system32\lsass.exe[568] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 00030804
.text C:\Windows\system32\lsass.exe[568] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 000301F8
.text C:\Windows\system32\lsass.exe[568] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00030600
.text C:\Windows\system32\lsm.exe[576] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Windows\system32\lsm.exe[576] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Windows\system32\lsm.exe[576] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\winlogon.exe[692] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000303FC
.text C:\Windows\system32\winlogon.exe[692] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000301F8
.text C:\Windows\system32\winlogon.exe[692] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\winlogon.exe[692] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 001D0A08
.text C:\Windows\system32\winlogon.exe[692] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 001D03FC
.text C:\Windows\system32\winlogon.exe[692] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 001D0804
.text C:\Windows\system32\winlogon.exe[692] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 001D01F8
.text C:\Windows\system32\winlogon.exe[692] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 001D0600
.text C:\Windows\system32\svchost.exe[732] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Windows\system32\svchost.exe[732] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Windows\system32\svchost.exe[732] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\taskhost.exe[748] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000503FC
.text C:\Windows\system32\taskhost.exe[748] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000501F8
.text C:\Windows\system32\taskhost.exe[748] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\taskhost.exe[748] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 000E0A08
.text C:\Windows\system32\taskhost.exe[748] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 000E03FC
.text C:\Windows\system32\taskhost.exe[748] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 000E0804
.text C:\Windows\system32\taskhost.exe[748] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 000E01F8
.text C:\Windows\system32\taskhost.exe[748] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 000E0600
.text C:\Windows\system32\svchost.exe[876] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Windows\system32\svchost.exe[876] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Windows\system32\svchost.exe[876] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\svchost.exe[876] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 00300A08
.text C:\Windows\system32\svchost.exe[876] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 003003FC
.text C:\Windows\system32\svchost.exe[876] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 00300804
.text C:\Windows\system32\svchost.exe[876] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 003001F8
.text C:\Windows\system32\svchost.exe[876] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00300600
.text C:\Windows\system32\atiesrxx.exe[924] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 001603FC
.text C:\Windows\system32\atiesrxx.exe[924] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 001601F8
.text C:\Windows\system32\atiesrxx.exe[924] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\atiesrxx.exe[924] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 001F0A08
.text C:\Windows\system32\atiesrxx.exe[924] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 001F03FC
.text C:\Windows\system32\atiesrxx.exe[924] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 001F0804
.text C:\Windows\system32\atiesrxx.exe[924] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 001F01F8
.text C:\Windows\system32\atiesrxx.exe[924] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 001F0600
.text C:\Windows\System32\svchost.exe[1000] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Windows\System32\svchost.exe[1000] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\System32\svchost.exe[1000] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 00180A08
.text C:\Windows\System32\svchost.exe[1000] USER32.dll!

 

UnhookWinEvent 7679B750 5 Bytes JMP 001803FC
.text C:\Windows\System32\svchost.exe[1000] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 00180804
.text C:\Windows\System32\svchost.exe[1000] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 001801F8
.text C:\Windows\System32\svchost.exe[1000] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00180600
.text C:\Windows\System32\svchost.exe[1040] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Windows\System32\svchost.exe[1040] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Windows\System32\svchost.exe[1040] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\System32\svchost.exe[1040] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 00460A08
.text C:\Windows\System32\svchost.exe[1040] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 004603FC
.text C:\Windows\System32\svchost.exe[1040] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 00460804
.text C:\Windows\System32\svchost.exe[1040] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 004601F8
.text C:\Windows\System32\svchost.exe[1040] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00460600
.text C:\Windows\system32\svchost.exe[1068] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000A03FC
.text C:\Windows\system32\svchost.exe[1068] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000A01F8
.text C:\Windows\system32\svchost.exe[1068] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\svchost.exe[1068] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 00ED0A08
.text C:\Windows\system32\svchost.exe[1068] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 00ED03FC
.text C:\Windows\system32\svchost.exe[1068] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 00ED0804
.text C:\Windows\system32\svchost.exe[1068] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 00ED01F8
.text C:\Windows\system32\svchost.exe[1068] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00ED0600
.text C:\Windows\system32\svchost.exe[1224] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Windows\system32\svchost.exe[1224] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Windows\system32\svchost.exe[1224] kernel32.dll!GetBinaryTypeW + 70

 

761D69F4 1 Byte [62]
.text C:\Windows\system32\svchost.exe[1224] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 00180A08
.text C:\Windows\system32\svchost.exe[1224] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 001803FC
.text C:\Windows\system32\svchost.exe[1224] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 00180804
.text C:\Windows\system32\svchost.exe[1224] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 001801F8
.text C:\Windows\system32\svchost.exe[1224] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00180600
.text C:\Windows\system32\svchost.exe[1316] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Windows\system32\svchost.exe[1316] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Windows\system32\svchost.exe[1316] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1380] kernel32.dll!SetUnhandledExceptionFilter 761BF4FB 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1380] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\atieclxx.exe[1388] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 001603FC
.text C:\Windows\system32\atieclxx.exe[1388] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 001601F8
.text C:\Windows\system32\atieclxx.exe[1388] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\atieclxx.exe[1388] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 001F0A08
.text C:\Windows\system32\atieclxx.exe[1388] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 001F03FC
.text C:\Windows\system32\atieclxx.exe[1388] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 001F0804
.text C:\Windows\system32\atieclxx.exe[1388] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 001F01F8
.text C:\Windows\system32\atieclxx.exe[1388] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 001F0600
.text C:\Windows\System32\spoolsv.exe[1532] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Windows\System32\spoolsv.exe[1532] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Windows\System32\spoolsv.exe[1532] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\System32\spoolsv.exe[1532] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 00140A08
.text C:\Windows\System32\spoolsv.exe[1532] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 001403FC
.text C:\Windows\System32\spoolsv.exe[1532] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 00140804
.text C:\Windows\System32\spoolsv.exe[1532] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 001401F8
.text C:\Windows\System32\spoolsv.exe[1532] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00140600
.text C:\Windows\system32\svchost.exe[1588] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Windows\system32\svchost.exe[1588] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Windows\system32\svchost.exe[1588] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\svchost.exe[1588] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 002E0A08
.text C:\Windows\system32\svchost.exe[1588] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 002E03FC
.text C:\Windows\system32\svchost.exe[1588] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 002E0804
.text C:\Windows\system32\svchost.exe[1588] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 002E01F8
.text C:\Windows\system32\svchost.exe[1588] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 002E0600
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe[1676] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 001503FC
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe[1676] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 001501F8
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe[1676] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe[1676] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 001F0A08
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe[1676] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 001F03FC
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe[1676] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 001F0804
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe[1676] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 001F01F8
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe[1676] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 001F0600
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[1744] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[1744] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[1744] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[1744] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 00200A08
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[1744] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 002003FC
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[1744] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 00200804
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[1744] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 002001F8
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[1744] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00200600
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1892] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000703FC
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1892] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000701F8
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1892] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1892] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 00200A08
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1892] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 002003FC
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1892] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 00200804
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1892] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 002001F8
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1892] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00200600
.text C:\Windows\system32\svchost.exe[1924] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Windows\system32\svchost.exe[1924] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Windows\system32\svchost.exe[1924] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000503FC
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000501F8
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] kernel32.dll!GetTempFileNameW 761A7039 5 Bytes JMP 10002040 C:\Users\Owner\AppData\Local\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder/Applian Technologies, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] kernel32.dll!CreateThread 761BDCC2 5 Bytes JMP 6DD072FB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!EnableWindow 76798D02 5 Bytes JMP 6DD49A14 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!GetAsyncKeyState 7679A256 5 Bytes JMP 6DCEDD9D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!CallNextHookEx 7679ABE1 5 Bytes JMP 6DD67BB7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 6DD8EB10 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 002003FC
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!DefWindowProcA 7679BB1C 7 Bytes JMP 6DD09525 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!CreateWindowExA 7679BF40 5 Bytes JMP 6DD1335B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 6DD42194 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!CreateWindowExW 7679EC7C 5 Bytes JMP 6DD6FF8F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 002001F8
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!GetKeyState 767A2B4D 5 Bytes JMP 6DCEDC73 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!IsDialogMessageW 767A4104 5 Bytes JMP 6DE96EDD C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!DefWindowProcW 767A507D 7 Bytes JMP 6DD67C1A C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!CreateDialogParamA 767B1F42 5 Bytes JMP 6DE96740 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!IsDialogMessage 767B2019 5 Bytes JMP 6DE96EB5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!DialogBoxParamW 767B3B9B 5 Bytes JMP 6DCA170B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!CreateDialogIndirectParamA 767B721D 5 Bytes JMP 6DE967B0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!CreateDialogIndirectParamW 767BEA10 5 Bytes JMP 6DE967E8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!DialogBoxIndirectParamW 767C3B7F 5 Bytes JMP 6DE9640E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!EndDialog 767C3BA3 5 Bytes JMP 6DE97189 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!CreateDialogParamW 767C5630 5 Bytes JMP 6DE96778 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!SetKeyboardState 767C695A 5 Bytes JMP 6DE977A5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00200600
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!SendInput 767C7019 5 Bytes JMP 6DE9774D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!SetCursorPos 767DC1B0 5 Bytes JMP 6DE97826 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!DialogBoxParamA 767DCF42 5 Bytes JMP 6DE963A9 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!DialogBoxIndirectParamA 767DD274 5 Bytes JMP 6DE96473 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!MessageBoxIndirectA 767EE869 5 Bytes JMP 6DE96330 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!MessageBoxIndirectW 767EE963 5 Bytes JMP 6DE962B7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!MessageBoxExA 767EE9C9 5 Bytes JMP 6DE96253 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!MessageBoxExW 767EE9ED 5 Bytes JMP 6DE961EF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] USER32.dll!keybd_event 767EEC3B 5 Bytes JMP 6DE9770A C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] SHELL32.dll!RealDriveType + 173D 76CFFDD0 4 Bytes [CF, 01, 9A, 6C]
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] SHELL32.dll!RealDriveType + 1745 76CFFDD8 8 Bytes [E0, 61, 99, 6C, 79, F7, 99, ...] {LOOPNZ 0x63; CDQ ; INSB ; JNS 0xfffffffffffffffd; CDQ ; INSB }
.text C:\Program Files\Internet Explorer\iexplore.exe[2252] ole32.dll!OleLoadFromStream 778B6143 5 Bytes JMP 6DE96BE7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Windows\system32\taskeng.exe[2260] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2332] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 001503FC
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2332] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 001501F8
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2332] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2332] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 001E0A08
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2332] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 001E03FC
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2332] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 001E0804
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2332] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 001E01F8
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2332] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 001E0600
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[2488] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 001503FC
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[2488] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 001501F8
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[2488] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[2488] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 001E0A08
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[2488] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 001E03FC
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[2488] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 001E0804
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[2488] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 001E01F8
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[2488] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 001E0600
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2568] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 001603FC
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2568] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 001601F8
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2568] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2568] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 002F0A08
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2568] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 002F03FC
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2568] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 002F0804
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2568] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 002F01F8
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2568] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 002F0600
.text C:\Program Files\Lexmark 5400 Series\lxctmon.exe[2612] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 001503FC
.text C:\Program Files\Lexmark 5400 Series\lxctmon.exe[2612] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 001501F8
.text C:\Program Files\Lexmark 5400 Series\lxctmon.exe[2612] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Lexmark 5400 Series\lxctmon.exe[2612] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 001E0A08
.text C:\Program Files\Lexmark 5400 Series\lxctmon.exe[2612] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 001E03FC

 

.text C:\Program Files\Lexmark 5400 Series\lxctmon.exe[2612] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 001E0804
.text C:\Program Files\Lexmark 5400 Series\lxctmon.exe[2612] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 001E01F8
.text C:\Program Files\Lexmark 5400 Series\lxctmon.exe[2612] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 001E0600
.text C:\Program Files\Lexmark 5400 Series\ezprint.exe[2708] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 001503FC
.text C:\Program Files\Lexmark 5400 Series\ezprint.exe[2708] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 001501F8
.text C:\Program Files\Lexmark 5400 Series\ezprint.exe[2708] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Lexmark 5400 Series\ezprint.exe[2708] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 003D0A08
.text C:\Program Files\Lexmark 5400 Series\ezprint.exe[2708] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 003D03FC
.text C:\Program Files\Lexmark 5400 Series\ezprint.exe[2708] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 003D0804
.text C:\Program Files\Lexmark 5400 Series\ezprint.exe[2708] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 003D01F8
.text C:\Program Files\Lexmark 5400 Series\ezprint.exe[2708] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 003D0600
.text C:\Program Files\AVAST Software\Avast\AvastUI.exe[2724] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Freecorder\FLVSrvc.exe[2776] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 001603FC
.text C:\Program Files\Freecorder\FLVSrvc.exe[2776] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 001601F8
.text C:\Program Files\Freecorder\FLVSrvc.exe[2776] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Freecorder\FLVSrvc.exe[2776] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 001F0A08
.text C:\Program Files\Freecorder\FLVSrvc.exe[2776] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 001F03FC
.text C:\Program Files\Freecorder\FLVSrvc.exe[2776] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 001F0804
.text C:\Program Files\Freecorder\FLVSrvc.exe[2776] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 001F01F8
.text C:\Program Files\Freecorder\FLVSrvc.exe[2776] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 001F0600
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2792] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 001703FC
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2792] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 001701F8
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2792] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2792] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 001A0A08
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2792] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 001A03FC
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2792] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 001A0804
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2792] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 001A01F8
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2792] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 001A0600
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2800] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2800] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2800] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2800] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 00090A08
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2800] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 000903FC
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2800] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 00090804
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2800] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 000901F8
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2800] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00090600
.text C:\Program Files\Windows Sidebar\sidebar.exe[2804] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Program Files\Windows Sidebar\sidebar.exe[2804] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Program Files\Windows Sidebar\sidebar.exe[2804] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Windows Sidebar\sidebar.exe[2804] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 00260A08
.text C:\Program Files\Windows Sidebar\sidebar.exe[2804] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 002603FC
.text C:\Program Files\Windows Sidebar\sidebar.exe[2804] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 00260804
.text C:\Program Files\Windows Sidebar\sidebar.exe[2804] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 002601F8
.text C:\Program Files\Windows Sidebar\sidebar.exe[2804] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00260600
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2828] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 001603FC
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2828] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 001601F8
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2828] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2828] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 003F0A08
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2828] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 003F03FC
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2828] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 003F0804
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2828] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 003F01F8
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2828] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 003F0600
.text C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe[2864] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 001703FC
.text C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe[2864] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 001701F8
.text C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe[2864] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe[2864] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 00220A08
.text C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe[2864] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 002203FC
.text C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe[2864] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 00220804
.text C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe[2864] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 002201F8
.text C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe[2864] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00220600
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000503FC
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000501F8
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] kernel32.dll!GetTempFileNameW 761A7039 5 Bytes JMP 10002040 C:\Users\Owner\AppData\Local\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder/Applian Technologies, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] kernel32.dll!CreateFileW 761BE8A5 5 Bytes JMP 10001D10 C:\Users\Owner\AppData\Local\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder/Applian Technologies, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] USER32.dll!EnableWindow 76798D02 5 Bytes JMP 6DD49A14 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 000F0A08
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 000F03FC
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 000F0804
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 000F01F8
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] USER32.dll!DialogBoxParamW 767B3B9B 5 Bytes JMP 6DCA170B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] USER32.dll!DialogBoxIndirectParamW 767C3B7F 5 Bytes JMP 6DE9640E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 000F0600
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] USER32.dll!DialogBoxParamA 767DCF42 5 Bytes JMP 6DE963A9 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] USER32.dll!DialogBoxIndirectParamA 767DD274 5 Bytes JMP 6DE96473 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] USER32.dll!MessageBoxIndirectA 767EE869 5 Bytes JMP 6DE96330 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] USER32.dll!MessageBoxIndirectW 767EE963 5 Bytes JMP 6DE962B7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] USER32.dll!MessageBoxExA 767EE9C9 5 Bytes JMP 6DE96253 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3008] USER32.dll!MessageBoxExW 767EE9ED 5 Bytes JMP 6DE961EF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Windows\notepad.exe[3052] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Windows\notepad.exe[3052] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Windows\notepad.exe[3052] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\notepad.exe[3052] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 00100A08
.text C:\Windows\notepad.exe[3052] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 001003FC
.text C:\Windows\notepad.exe[3052] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 00100804
.text C:\Windows\notepad.exe[3052] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 001001F8
.text C:\Windows\notepad.exe[3052] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00100600
.text C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe[3112] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe[3112] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe[3112] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe[3112] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 00190A08
.text C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe[3112] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 001903FC
.text C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe[3112] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 00190804
.text C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe[3112] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 001901F8
.text C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe[3112] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00190600
.text C:\Windows\system32\svchost.exe[3236] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Windows\system32\svchost.exe[3236] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Windows\system32\svchost.exe[3236] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\SearchIndexer.exe[3452] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Windows\system32\SearchIndexer.exe[3452] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Windows\system32\SearchIndexer.exe[3452] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\SearchIndexer.exe[3452] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 00100A08
.text C:\Windows\system32\SearchIndexer.exe[3452] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 001003FC
.text C:\Windows\system32\SearchIndexer.exe[3452] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 00100804
.text C:\Windows\system32\SearchIndexer.exe[3452] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 001001F8
.text C:\Windows\system32\SearchIndexer.exe[3452] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00100600
.text C:\Windows\System32\svchost.exe[3476] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Windows\System32\svchost.exe[3476] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Windows\System32\svchost.exe[3476] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\System32\svchost.exe[3476] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 00240A08
.text C:\Windows\System32\svchost.exe[3476] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 002403FC

 

.text C:\Windows\System32\svchost.exe[3476] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 00240804
.text C:\Windows\System32\svchost.exe[3476] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 002401F8
.text C:\Windows\System32\svchost.exe[3476] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00240600
.text C:\Windows\system32\AUDIODG.EXE[3524] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe[3808] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 001503FC
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe[3808] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 001501F8
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe[3808] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe[3808] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 001E0A08
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe[3808] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 001E03FC
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe[3808] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 001E0804
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe[3808] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 001E01F8
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe[3808] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 001E0600
.text C:\Windows\system32\WUDFHost.exe[3992] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000603FC
.text C:\Windows\system32\WUDFHost.exe[3992] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000601F8
.text C:\Windows\system32\WUDFHost.exe[3992] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\WUDFHost.exe[3992] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 000D0A08
.text C:\Windows\system32\WUDFHost.exe[3992] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 000D03FC
.text C:\Windows\system32\WUDFHost.exe[3992] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 000D0804
.text C:\Windows\system32\WUDFHost.exe[3992] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 000D01F8
.text C:\Windows\system32\WUDFHost.exe[3992] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 000D0600
.text C:\Program Files\Hide My IP 2008\SecureSrv.exe[4072] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 001503FC
.text C:\Program Files\Hide My IP 2008\SecureSrv.exe[4072] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 001501F8
.text C:\Program Files\Hide My IP 2008\SecureSrv.exe[4072] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Program Files\Hide My IP 2008\SecureSrv.exe[4072] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 001F0A08
.text C:\Program Files\Hide My IP 2008\SecureSrv.exe[4072] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 001F03FC
.text C:\Program Files\Hide My IP 2008\SecureSrv.exe[4072] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 001F0804
.text C:\Program Files\Hide My IP 2008\SecureSrv.exe[4072] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 001F01F8
.text C:\Program Files\Hide My IP 2008\SecureSrv.exe[4072] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 001F0600
.text C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe[4196] ntdll.dll!LdrUnloadDll 77A6C86E 5 Bytes JMP 000703FC
.text C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe[4196] ntdll.dll!LdrLoadDll 77A7223E 5 Bytes JMP 000701F8
.text C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe[4196] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]
.text C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe[4196] USER32.dll!UnhookWindowsHookEx 7679ADF9 5 Bytes JMP 00200A08
.text C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe[4196] USER32.dll!UnhookWinEvent 7679B750 5 Bytes JMP 002003FC
.text C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe[4196] USER32.dll!SetWindowsHookExW 7679E30C 5 Bytes JMP 00200804
.text C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe[4196] USER32.dll!SetWinEventHook 767A24DC 5 Bytes JMP 002001F8
.text C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe[4196] USER32.dll!SetWindowsHookExA 767C6D0C 5 Bytes JMP 00200600
.text C:\Users\Owner\Desktop\csmo6zv4.exe[5936] kernel32.dll!GetBinaryTypeW + 70 761D69F4 1 Byte [62]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1380] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [73D0F6A0] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6C9947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [6C9A029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6C995EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [6C9A7F4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6C9AF500] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [6C9AF94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [6C9B07CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [6C9AFCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [6C995E4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6C9AABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6C9947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6C994E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6C9963E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6C9AB56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6C996D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6C9ABC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6C9AC811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [6C9A029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6C994E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6C995EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6C9947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6C9963E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6C994E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6C9AC811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [6C9AE457] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [6C9AAA37] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [6C9AABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [6C9AB56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6C996D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6C995EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [6C9AFCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [6C9B07CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6C9A939B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6C9963E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [6C9A029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [6C995F62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6C9A9229] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6C99F1F1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6C9947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6C995E4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [6C9A0ADF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [6C9AF2BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [6C9AF94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [6C9B072B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [6C9AF9A0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [6C9B1542] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [6C9B1C5E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [6C99FA79] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [6C9B1191] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [6C99F725] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [6C99FB25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [6C9B1095] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [6C9B1F32] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [6C9B12D2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [6C9B0DFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [6C9A0178] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [6C9B1B2E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [6C9B194A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsContentTypeW] [6C9B1233] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegQueryUSValueW] [6C99F86E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegEnumUSKeyW] [6C99F472] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyA] [6C9B27C3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [6C9B136E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [6C9B1284] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [6C9B0F4E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [6C9B2769] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCanonicalizeW] [6C99F9DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [6C9B2937] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [6C997430] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [6C99F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [6C99E265] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [6C995D08] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [6C9B140A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [6C9B1590] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [6C9B1F83] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [6C9A0123] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [6C9B218A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [6C9B1BC6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyW] [6C99FACB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [6C9B19EE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [6C99FC0B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [6C9B20D3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [6C9B2B62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [6C9B2028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [6C9B0F9F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [6C994927] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [6C9B0D47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [6C99FA2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [6C9B18A2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [6C9B1CAC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [6C9B171C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [6C9B17B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [6C994984] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [6C9A8C1A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [6C9ACB0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [6C9AD6BF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [6C9AD11F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6C996D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [6C9AC49D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6C9AB56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [6C9AB245] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6C9AA89F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6C9AE0C1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6C994E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6C9AABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [6C9AA249] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [6C9A9AF3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [6C9AE457] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6C9AE089] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [6C9A9F4B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6C9ABC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [6C9AA56D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6C994E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6C996D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [6C99F6D1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [6C9B1F32] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [6C9B2028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [6C9B2B05] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [6C9B2B62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [6C9A0178] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetUSValueA] [6C9964C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [6C994CAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [6C994927] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [6C994984] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [6C996528] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [6C9947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6C9947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2252] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [6C9947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\AVAST Software\Avast\AvastUI.exe[2724] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [73D0F6A0] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
Device \Driver\ACPI_HAL \Device\00000046 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

 

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-07 13:32:14
-----------------------------
13:32:14.314 OS Version: Windows 6.1.7601 Service Pack 1
13:32:14.314 Number of processors: 2 586 0xF0D
13:32:14.314 ComputerName: OWNER-PC UserName: Owner
13:32:15.624 Initialize success
13:32:17.028 AVAST engine defs: 12050700
13:32:20.850 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:32:20.866 Disk 0 Vendor: WDC_WD2500JD-75HBB0 08.02D08 Size: 238418MB BusType: 3
13:32:20.975 Disk 0 MBR read successfully
13:32:20.975 Disk 0 MBR scan
13:32:20.975 Disk 0 Windows 7 default MBR code
13:32:21.006 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
13:32:21.022 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 238316 MB offset 206848
13:32:21.037 Disk 0 scanning sectors +488278016
13:32:21.318 Disk 0 scanning C:\Windows\system32\drivers
13:32:52.206 Service scanning
13:33:14.077 Modules scanning
13:33:37.212 Disk 0 trace - called modules:
13:33:37.228 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
13:33:37.243 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8672a030]
13:33:37.243 3 CLASSPNP.SYS[8bdab59e] -> nt!IofCallDriver -> [0x86285918]
13:33:37.243 5 ACPI.sys[838b33d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8597d908]
13:33:37.852 AVAST engine scan C:\Windows
13:33:39.958 AVAST engine scan C:\Windows\system32
13:36:06.801 AVAST engine scan C:\Windows\system32\drivers
13:36:20.513 AVAST engine scan C:\Users\Owner
13:38:43.893 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\BBS Scans\MBR.dat "
13:38:43.909 The log file has been saved successfully to "C:\Users\Owner\Desktop\BBS Scans\aswMBR.txt "

 

The Avira was only remnants taht remained after I deleted it long ago, nevertheless I cleaned those out as well.

DSS does not complete its run before it quits with the message 'unexpected problem caused the program to stop running'. That is what I get when I tell it to run the scan on 'C:\\' drive. It runs on the 'quick scan' and produces only the report that I have previously sent... is there a method to make this scan work as it should?

Here is the ComboFix report:

ComboFix 12-05-08.02 - Owner 05/08/2012 14:32:02.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3327.2378 [GMT -4:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Owner\AppData\Local\Temp\{F1DF7CA8-F0EB-4473-89C5-56CAFB82DC1B}\fpb.tmp
c:\users\Owner\g2mdlhlpx.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-04-08 to 2012-05-08 )))))))))))))))))))))))))))))))
.
.
2012-05-08 18:37 . 2012-05-08 18:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-06 02:02 . 2008-08-30 04:53 151552 ----a-w- c:\windows\system32\securenet.dll
2012-05-06 02:02 . 2012-05-06 02:02 -------- d-----w- c:\program files\Hide My IP 2008
2012-05-04 17:03 . 2012-04-13 07:36 6734704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{866A3F2E-93CA-4200-9E0C-034DAF083EA8}\mpengine.dll
2012-04-19 21:22 . 2012-04-19 21:22 -------- d-----w- c:\users\Owner\AppData\Local\APN
2012-04-19 21:22 . 2012-04-19 21:22 -------- d-----w- c:\programdata\Ask
2012-04-14 01:43 . 2012-01-19 12:23 339320 ----a-w- c:\windows\system32\HMIPCore.dll
2012-04-12 07:01 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-12 07:01 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-12 07:01 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-04-12 07:01 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-12 07:00 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-12 07:00 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 05:53 . 2012-04-11 05:53 -------- d-----w- c:\programdata\McAfee
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-05 18:04 . 2012-04-01 04:30 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-05 18:04 . 2011-08-23 20:04 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-04 19:56 . 2011-10-30 17:06 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-10 19:08 . 2011-08-23 20:09 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-06 23:15 . 2011-09-13 01:02 41184 ----a-w- c:\windows\avastSS.scr
2012-03-06 23:15 . 2011-09-13 01:02 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-06 23:03 . 2011-09-13 01:02 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-06 23:03 . 2011-09-13 01:02 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-06 23:02 . 2012-03-14 19:00 44376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-06 23:01 . 2011-09-13 01:02 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-06 23:01 . 2011-09-13 01:02 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-06 23:01 . 2011-09-13 01:02 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-05 16:48 . 2012-03-05 16:48 162664 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin
2012-02-23 14:18 . 2011-08-23 17:17 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-17 05:34 . 2012-03-14 16:15 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 04:14 . 2012-03-14 16:14 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13 . 2012-03-14 16:14 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-10 05:38 . 2012-03-14 16:15 1077248 ----a-w- c:\windows\system32\DWrite.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-05-09 09:49 176936 ----a-w- c:\program files\uTorrentBar\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} "= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} "= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@= "{472083B0-C522-11CF-8763-00608CC02F24} "
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@= "{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} "
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-03-19 20:29 365648 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@= "{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} "
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-03-19 20:29 365648 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@= "{A759AFF6-5851-457D-A540-F4ECED148351} "
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-03-19 20:29 365648 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@= "{1574C9EF-7D58-488F-B358-8B78C1538F51} "
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-03-19 20:29 365648 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar "= "c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"swg "= "c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-08-26 39408]
"cdloader "= "c:\users\Owner\AppData\Roaming\mjusbsp\cdloader2.exe" [2011-08-23 50592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM "= "c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"IgfxTray "= "c:\windows\system32\igfxtray.exe" [2009-09-11 141848]
"HotKeysCmds "= "c:\windows\system32\hkcmd.exe" [2009-09-11 173592]
"Persistence "= "c:\windows\system32\igfxpers.exe" [2009-09-11 150552]
"ISUSPM Startup "= "c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]
"ISUSScheduler "= "c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]
"RoxWatchTray "= "c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 221184]
"lxctmon.exe "= "c:\program files\Lexmark 5400 Series\lxctmon.exe" [2007-03-19 291760]
"Lexmark 5400 Series Fax Server "= "c:\program files\Lexmark 5400 Series\fm3032.exe" [2007-03-19 304048]
"EzPrint "= "c:\program files\Lexmark 5400 Series\ezprint.exe" [2007-03-19 82864]
"LXCTCATS "= "c:\windows\system32\spool\DRIVERS\W32X86\3\LXCTtime.dll" [2006-11-21 106496]
"avast "= "c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"Freecorder FLV Service "= "c:\program files\Freecorder\FLVSrvc.exe" [2011-03-24 167936]
"SunJavaUpdateSched "= "c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin "= 5 (0x5)
"ConsentPromptBehaviorUser "= 3 (0x3)
"EnableUIADesktopToggle "= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=" "
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-08-26 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-08-26 136176]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-25 1343400]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-09-06 116608]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-04-20 176128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-03-06 57688]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-04-20 7772160]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-04-20 243712]
S3 SecureSrv;SecureSrv;c:\program files\Hide My IP 2008\SecureSrv.exe [2008-09-05 110880]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 18:04]
.
2012-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-26 20:20]
.
2012-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-26 20:20]
.
2012-05-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2646591151-1669844780-1480992367-1000Core.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-08 23:32]
.
2012-05-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2646591151-1669844780-1480992367-1000UA.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-08 23:32]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.foxnews.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\securenet.dll
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-05-08 14:38:42
ComboFix-quarantined-files.txt 2012-05-08 18:38
.
Pre-Run: 12,186,857,472 bytes free
Post-Run: 12,099,117,056 bytes free
.
- - End Of File - - 64F05043F1EE3C6D1BE1A334DDBC3261

 

I will try that, posting in the Windows 7 section. Thank you for your kind and most considerate attention.

I will try to mark this as a resolved thread.