1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved AVG trojan c.LYU

Discussion in 'Malware and Virus Removal Archive' started by wayne jones, 2012/07/17.

Page 1 of 2
  1. 2012/07/17
    wayne jones

    wayne jones Inactive Thread Starter

    Joined:
    2008/02/24
    Messages:
    86
    Likes Received:
    0
    [Resolved] AVG trojan c.LYU

    My AVG anti-virus has alerted me to an infection in my System32 files. It has named it a "white collar" virus (Trojan horse patched c.LYU). None of my anti virus programs would touch it. Ever since I got it, my browser has been constantly re-routing my searches( some not so nice sites):confused and i get threat detect msg pop up every 3-4 minutes
     
    wayne jones,
    #1
  2. 2012/07/17
    Admin.

    Admin. Administrator Administrator Staff

    Joined:
    2001/12/30
    Messages:
    6,687
    Likes Received:
    107
    Hi,

    Read this post as indicated at the top of this forum & follow the instructions.
     
    Admin.,
    #2


  3. to hide this advert.

  4. 2012/07/17
    PeteC

    PeteC SuperGeek Staff

    Joined:
    2002/05/10
    Messages:
    28,896
    Likes Received:
    389
    Please repost the logs in this thread - do not start a new thread for each part of the logs

    When one post is full, start another - in this thread

    Your other threads have been deleted - there is no way that our Malware analyst can read logs spread over several threads.
     
    PeteC,
    #3
  5. 2012/07/18
    wayne jones

    wayne jones Inactive Thread Starter

    Joined:
    2008/02/24
    Messages:
    86
    Likes Received:
    0
    logs as requested gmer part 1

    Rootkit scan 2012-07-17 14:44:54
    Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T1L0-4 ST3500418AS rev.CC46
    Running: d0ukxcr0.exe; Driver: C:\Users\Wayne\AppData\Local\Temp\ugloqpog.sys


    ---- System - GMER 1.0.15 ----

    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeKey [0x96E18004]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeMultipleKeys [0x96E180D4]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0x96E17D76]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0x96E17E1E]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0x96E17EBA]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0x96E17F56]

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntoskrnl.exe!ZwRollbackEnlistment + 1409 82C7F989 1 Byte [06]
    .text ntoskrnl.exe!KiDispatchInterrupt + 5A2 82C9F4E2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
    .text ntoskrnl.exe!KeRemoveQueueEx + 161F 82CA69DC 8 Bytes [04, 80, E1, 96, D4, 80, E1, ...] {ADD AL, 0x80; LOOPZ 0xffffffffffffff9a; AAM 0x80; LOOPZ 0xffffffffffffff9e}
    .text ntoskrnl.exe!KeRemoveQueueEx + 1667 82CA6A24 4 Bytes [76, 7D, E1, 96] {JBE 0x7f; LOOPZ 0xffffffffffffff9a}
    .text ntoskrnl.exe!KeRemoveQueueEx + 1937 82CA6CF4 8 Bytes [1E, 7E, E1, 96, BA, 7E, E1, ...]
    .text ntoskrnl.exe!KeRemoveQueueEx + 19AB 82CA6D68 4 Bytes [56, 7F, E1, 96] {PUSH ESI; JG 0xffffffffffffffe4; XCHG ESI, EAX}

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Program Files\Internet Explorer\iexplore.exe[700] kernel32.dll!CreateThread 7705DCC2 5 Bytes JMP 6B6675CB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!EnableWindow 75BE8D02 5 Bytes JMP 6B6A9EAC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!GetAsyncKeyState 75BEA256 5 Bytes JMP 6B64DEAD C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!CallNextHookEx 75BEABE1 5 Bytes JMP 6B6C7FDF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!UnhookWindowsHookEx 75BEADF9 5 Bytes JMP 6B6EECE0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!DefWindowProcA 75BEBB1C 7 Bytes JMP 6B6697F5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!CreateWindowExA 75BEBF40 5 Bytes JMP 6B67362B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!SetWindowsHookExW 75BEE30C 5 Bytes JMP 6B6A25AC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!CreateWindowExW 75BEEC7C 5 Bytes JMP 6B6D03B7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!GetKeyState 75BF2B4D 5 Bytes JMP 6B64DD87 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!IsDialogMessageW 75BF4104 5 Bytes JMP 6B7F9855 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!DefWindowProcW 75BF507D 7 Bytes JMP 6B6C8042 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!CreateDialogParamA 75C01F42 5 Bytes JMP 6B7F90B8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!IsDialogMessage 75C02019 5 Bytes JMP 6B7F982D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!DialogBoxParamW 75C03B9B 5 Bytes JMP 6B60187B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!CreateDialogIndirectParamA 75C0721D 5 Bytes JMP 6B7F9128 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!CreateDialogIndirectParamW 75C0EA10 5 Bytes JMP 6B7F9160 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!DialogBoxIndirectParamW 75C13B7F 5 Bytes JMP 6B7F8D86 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!EndDialog 75C13BA3 5 Bytes JMP 6B7F9B01 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!CreateDialogParamW 75C15630 5 Bytes JMP 6B7F90F0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!SetKeyboardState 75C1695A 5 Bytes JMP 6B7FA11D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!SendInput 75C17019 5 Bytes JMP 6B7FA0C5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!SetCursorPos 75C2C1B0 5 Bytes JMP 6B7FA19E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!DialogBoxParamA 75C2CF42 5 Bytes JMP 6B7F8D21 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!DialogBoxIndirectParamA 75C2D274 5 Bytes JMP 6B7F8DEB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!MessageBoxIndirectA 75C3E869 5 Bytes JMP 6B7F8CA8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!MessageBoxIndirectW 75C3E963 5 Bytes JMP 6B7F8C2F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!MessageBoxExA 75C3E9C9 5 Bytes JMP 6B7F8BCB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!MessageBoxExW 75C3E9ED 5 Bytes JMP 6B7F8B67 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] USER32.dll!keybd_event 75C3EC3B 5 Bytes JMP 6B7FA082 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] SHELL32.dll!RealDriveType + 173D 75DFFE30 4 Bytes [CF, 01, 78, 6D] {IRET ; ADD [EAX+0x6d], EDI}
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] SHELL32.dll!RealDriveType + 1745 75DFFE38 8 Bytes [E0, 61, 77, 6D, 79, F7, 77, ...] {LOOPNZ 0x63; JA 0x71; JNS 0xfffffffffffffffd; JA 0x75}
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] ole32.dll!OleLoadFromStream 769B6143 5 Bytes JMP 6B7F955F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] CRYPT32.dll!CryptImportPublicKeyInfoEx + 98 756539CA 7 Bytes JMP 02ABEBF0
    .text C:\Program Files\Internet Explorer\iexplore.exe[700] CRYPT32.dll!I_CryptEnumMatchingLruEntries + 1BFC 7565A6E4 7 Bytes JMP 02ABEC60
    ? C:\Windows\system32\services.exe[740] C:\Windows\system32\smss.exe image checksum mismatch; time/date stamp mismatch; unknown module: mswsock.dllunknown module: MSWSOCK.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[4880] USER32.dll!EnableWindow 75BE8D02 5 Bytes JMP 6B6A9EAC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4880] USER32.dll!DialogBoxParamW 75C03B9B 5 Bytes JMP 6B60187B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4880] USER32.dll!DialogBoxIndirectParamW 75C13B7F 5 Bytes JMP 6B7F8D86 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4880] USER32.dll!DialogBoxParamA 75C2CF42 5 Bytes JMP 6B7F8D21 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4880] USER32.dll!DialogBoxIndirectParamA 75C2D274 5 Bytes JMP 6B7F8DEB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4880] USER32.dll!MessageBoxIndirectA 75C3E869 5 Bytes JMP 6B7F8CA8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4880] USER32.dll!MessageBoxIndirectW 75C3E963 5 Bytes JMP 6B7F8C2F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4880] USER32.dll!MessageBoxExA 75C3E9C9 5 Bytes JMP 6B7F8BCB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4880] USER32.dll!MessageBoxExW 75C3E9ED 5 Bytes JMP 6B7F8B67 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4880] CRYPT32.dll!CryptImportPublicKeyInfoEx + 98 756539CA 7 Bytes JMP 017AEBF0
    .text C:\Program Files\Internet Explorer\iexplore.exe[4880] CRYPT32.dll!I_CryptEnumMatchingLruEntries + 1BFC 7565A6E4 7 Bytes JMP 017AEC60
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] kernel32.dll!CreateThread 7705DCC2 5 Bytes JMP 6B6675CB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!EnableWindow 75BE8D02 5 Bytes JMP 6B6A9EAC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!GetAsyncKeyState 75BEA256 5 Bytes JMP 6B64DEAD C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!CallNextHookEx 75BEABE1 5 Bytes JMP 6B6C7FDF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!UnhookWindowsHookEx 75BEADF9 5 Bytes JMP 6B6EECE0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!DefWindowProcA 75BEBB1C 7 Bytes JMP 6B6697F5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!CreateWindowExA 75BEBF40 5 Bytes JMP 6B67362B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!SetWindowsHookExW 75BEE30C 5 Bytes JMP 6B6A25AC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!CreateWindowExW 75BEEC7C 5 Bytes JMP 6B6D03B7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!GetKeyState 75BF2B4D 5 Bytes JMP 6B64DD87 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!IsDialogMessageW 75BF4104 5 Bytes JMP 6B7F9855 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!DefWindowProcW 75BF507D 7 Bytes JMP 6B6C8042 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!CreateDialogParamA 75C01F42 5 Bytes JMP 6B7F90B8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!IsDialogMessage 75C02019 5 Bytes JMP 6B7F982D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!DialogBoxParamW 75C03B9B 5 Bytes JMP 6B60187B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!CreateDialogIndirectParamA 75C0721D 5 Bytes JMP 6B7F9128 C:\Windows\system32\IEFRAME.dll (Internet Browser/
     
    wayne jones,
    #4
  6. 2012/07/18
    wayne jones

    wayne jones Inactive Thread Starter

    Joined:
    2008/02/24
    Messages:
    86
    Likes Received:
    0
    log part 2

    Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!CreateDialogIndirectParamW 75C0EA10 5 Bytes JMP 6B7F9160 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!DialogBoxIndirectParamW 75C13B7F 5 Bytes JMP 6B7F8D86 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!EndDialog 75C13BA3 5 Bytes JMP 6B7F9B01 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!CreateDialogParamW 75C15630 5 Bytes JMP 6B7F90F0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!SetKeyboardState 75C1695A 5 Bytes JMP 6B7FA11D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!SendInput 75C17019 5 Bytes JMP 6B7FA0C5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!SetCursorPos 75C2C1B0 5 Bytes JMP 6B7FA19E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!DialogBoxParamA 75C2CF42 5 Bytes JMP 6B7F8D21 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!DialogBoxIndirectParamA 75C2D274 5 Bytes JMP 6B7F8DEB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!MessageBoxIndirectA 75C3E869 5 Bytes JMP 6B7F8CA8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!MessageBoxIndirectW 75C3E963 5 Bytes JMP 6B7F8C2F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!MessageBoxExA 75C3E9C9 5 Bytes JMP 6B7F8BCB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!MessageBoxExW 75C3E9ED 5 Bytes JMP 6B7F8B67 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] USER32.dll!keybd_event 75C3EC3B 5 Bytes JMP 6B7FA082 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] SHELL32.dll!RealDriveType + 173D 75DFFE30 4 Bytes [CF, 01, 78, 6D] {IRET ; ADD [EAX+0x6d], EDI}
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] SHELL32.dll!RealDriveType + 1745 75DFFE38 8 Bytes [E0, 61, 77, 6D, 79, F7, 77, ...] {LOOPNZ 0x63; JA 0x71; JNS 0xfffffffffffffffd; JA 0x75}
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] ole32.dll!OleLoadFromStream 769B6143 5 Bytes JMP 6B7F955F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] CRYPT32.dll!CryptImportPublicKeyInfoEx + 98 756539CA 7 Bytes JMP 02D7EBF0
    .text C:\Program Files\Internet Explorer\iexplore.exe[4888] CRYPT32.dll!I_CryptEnumMatchingLruEntries + 1BFC 7565A6E4 7 Bytes JMP 02D7EC60
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] kernel32.dll!CreateThread 7705DCC2 5 Bytes JMP 6B6675CB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!EnableWindow 75BE8D02 5 Bytes JMP 6B6A9EAC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!GetAsyncKeyState 75BEA256 5 Bytes JMP 6B64DEAD C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!CallNextHookEx 75BEABE1 5 Bytes JMP 6B6C7FDF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!UnhookWindowsHookEx 75BEADF9 5 Bytes JMP 6B6EECE0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!DefWindowProcA 75BEBB1C 7 Bytes JMP 6B6697F5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!CreateWindowExA 75BEBF40 5 Bytes JMP 6B67362B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!SetWindowsHookExW 75BEE30C 5 Bytes JMP 6B6A25AC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!CreateWindowExW 75BEEC7C 5 Bytes JMP 6B6D03B7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!GetKeyState 75BF2B4D 5 Bytes JMP 6B64DD87 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!IsDialogMessageW 75BF4104 5 Bytes JMP 6B7F9855 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!DefWindowProcW 75BF507D 7 Bytes JMP 6B6C8042 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!CreateDialogParamA 75C01F42 5 Bytes JMP 6B7F90B8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!IsDialogMessage 75C02019 5 Bytes JMP 6B7F982D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!DialogBoxParamW 75C03B9B 5 Bytes JMP 6B60187B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!CreateDialogIndirectParamA 75C0721D 5 Bytes JMP 6B7F9128 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!CreateDialogIndirectParamW 75C0EA10 5 Bytes JMP 6B7F9160 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!DialogBoxIndirectParamW 75C13B7F 5 Bytes JMP 6B7F8D86 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!EndDialog 75C13BA3 5 Bytes JMP 6B7F9B01 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!CreateDialogParamW 75C15630 5 Bytes JMP 6B7F90F0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!SetKeyboardState 75C1695A 5 Bytes JMP 6B7FA11D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!SendInput 75C17019 5 Bytes JMP 6B7FA0C5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!SetCursorPos 75C2C1B0 5 Bytes JMP 6B7FA19E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!DialogBoxParamA 75C2CF42 5 Bytes JMP 6B7F8D21 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!DialogBoxIndirectParamA 75C2D274 5 Bytes JMP 6B7F8DEB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!MessageBoxIndirectA 75C3E869 5 Bytes JMP 6B7F8CA8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!MessageBoxIndirectW 75C3E963 5 Bytes JMP 6B7F8C2F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!MessageBoxExA 75C3E9C9 5 Bytes JMP 6B7F8BCB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!MessageBoxExW 75C3E9ED 5 Bytes JMP 6B7F8B67 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] USER32.dll!keybd_event 75C3EC3B 5 Bytes JMP 6B7FA082 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] SHELL32.dll!RealDriveType + 173D 75DFFE30 4 Bytes [CF, 01, 78, 6D] {IRET ; ADD [EAX+0x6d], EDI}
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] SHELL32.dll!RealDriveType + 1745 75DFFE38 8 Bytes [E0, 61, 77, 6D, 79, F7, 77, ...] {LOOPNZ 0x63; JA 0x71; JNS 0xfffffffffffffffd; JA 0x75}
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] ole32.dll!OleLoadFromStream 769B6143 5 Bytes JMP 6B7F955F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] CRYPT32.dll!CryptImportPublicKeyInfoEx + 98 756539CA 7 Bytes JMP 0288EBF0
    .text C:\Program Files\Internet Explorer\iexplore.exe[5628] CRYPT32.dll!I_CryptEnumMatchingLruEntries + 1BFC 7565A6E4 7 Bytes JMP 0288EC60
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] kernel32.dll!CreateThread 7705DCC2 5 Bytes JMP 6B6675CB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!EnableWindow 75BE8D02 5 Bytes JMP 6B6A9EAC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!GetAsyncKeyState 75BEA256 5 Bytes JMP 6B64DEAD C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!CallNextHookEx 75BEABE1 5 Bytes JMP 6B6C7FDF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!UnhookWindowsHookEx 75BEADF9 5 Bytes JMP 6B6EECE0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!DefWindowProcA 75BEBB1C 7 Bytes JMP 6B6697F5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!CreateWindowExA 75BEBF40 5 Bytes JMP 6B67362B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!SetWindowsHookExW 75BEE30C 5 Bytes JMP 6B6A25AC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!CreateWindowExW 75BEEC7C 5 Bytes JMP 6B6D03B7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!GetKeyState 75BF2B4D 5 Bytes JMP 6B64DD87 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!IsDialogMessageW 75BF4104 5 Bytes JMP 6B7F9855 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!DefWindowProcW 75BF507D 7 Bytes JMP 6B6C8042 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!CreateDialogParamA 75C01F42 5 Bytes JMP 6B7F90B8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!IsDialogMessage 75C02019 5 Bytes JMP 6B7F982D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!DialogBoxParamW 75C03B9B 5 Bytes JMP 6B60187B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!CreateDialogIndirectParamA 75C0721D 5 Bytes JMP 6B7F9128 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!CreateDialogIndirectParamW 75C0EA10 5 Bytes JMP 6B7F9160 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!DialogBoxIndirectParamW 75C13B7F 5 Bytes JMP 6B7F8D86 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!EndDialog 75C13BA3 5 Bytes JMP 6B7F9B01 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!CreateDialogParamW 75C15630 5 Bytes JMP 6B7F90F0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!SetKeyboardState 75C1695A 5 Bytes JMP 6B7FA11D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!SendInput 75C17019 5 Bytes JMP 6B7FA0C5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!SetCursorPos 75C2C1B0 5 Bytes JMP 6B7FA19E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!DialogBoxParamA 75C2CF42 5 Bytes JMP 6B7F8D21 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!DialogBoxIndirectParamA 75C2D274 5 Bytes JMP 6B7F8DEB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!MessageBoxIndirectA 75C3E869 5 Bytes JMP 6B7F8CA8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!MessageBoxIndirectW 75C3E963 5 Bytes JMP 6B7F8C2F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!MessageBoxExA 75C3E9C9 5 Bytes JMP 6B7F8BCB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!MessageBoxExW 75C3E9ED 5 Bytes JMP 6B7F8B67 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!keybd_event 75C3EC3B 5 Bytes JMP 6B7FA082 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] SHELL32.dll!RealDriveType + 173D 75DFFE30 4 Bytes [CF, 01, 78, 6D] {IRET ; ADD [EAX+0x6d], EDI}
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] SHELL32.dll!RealDriveType + 1745 75DFFE38 8 Bytes [E0, 61, 77, 6D, 79, F7, 77, ...] {LOOPNZ 0x63; JA 0x71; JNS 0xfffffffffffffffd; JA 0x75}
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] ole32.dll!OleLoadFromStream 769B6143 5 Bytes JMP 6B7F955F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] CRYPT32.dll!CryptImportPublicKeyInfoEx + 98 756539CA 7 Bytes JMP 0292EBF0
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] CRYPT32.dll!I_CryptEnumMatchingLruEntries + 1BFC 7565A6E4 7 Bytes JMP 0292EC60

    ---- User IAT/EAT - GMER 1.0.15 ----

    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [6D78029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6D775EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [6D787F4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6D78F500] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [6D78F94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [6D7907CA] C:\Program Files\Internet Explorer\
     
    wayne jones,
    #5
  7. 2012/07/18
    wayne jones

    wayne jones Inactive Thread Starter

    Joined:
    2008/02/24
    Messages:
    86
    Likes Received:
    0
    log part 3

    IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [6D78FCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [6D775E4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6D78ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6D7763E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6D78B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6D776D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6D78BC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6D78C811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [6D78029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6D775EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6D7763E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6D78C811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [6D78E457] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [6D78AA37] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [6D78ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [6D78B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6D776D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6D775EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [6D78FCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [6D7907CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6D78939B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6D7763E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [6D78029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [6D775F62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6D789229] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6D77F1F1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6D775E4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [6D780ADF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [6D78F2BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [6D78F94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [6D79072B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [6D78F9A0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [6D791542] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [6D791C5E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [6D77FA79] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [6D791191] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [6D77F725] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [6D77FB25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [6D791095] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [6D791F32] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [6D7912D2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [6D790DFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [6D780178] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [6D791B2E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [6D79194A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsContentTypeW] [6D791233] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegQueryUSValueW] [6D77F86E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegEnumUSKeyW] [6D77F472] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyA] [6D7927C3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [6D79136E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [6D791284] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [6D790F4E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [6D792769] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCanonicalizeW] [6D77F9DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [6D792937] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [6D777430] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [6D77F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [6D77E265] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [6D775D08] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [6D79140A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [6D791590] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [6D791F83] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [6D780123] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [6D79218A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [6D791BC6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyW] [6D77FACB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [6D7919EE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [6D77FC0B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [6D7920D3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [6D792B62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [6D792028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [6D790F9F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [6D774927] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [6D790D47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [6D77FA2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [6D7918A2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [6D791CAC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [6D79171C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [6D7917B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [6D774984] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [6D788C1A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [6D78CB0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [6D78D6BF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [6D78D11F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6D776D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [6D78C49D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6D78B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [6D78B245] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6D78A89F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6D78E0C1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6D78ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [6D78A249] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [6D789AF3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [6D78E457] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6D78E089] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [6D789F4B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6D78BC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [6D78A56D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6D776D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [6D77F6D1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [6D791F32] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [6D792028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [6D792B05] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [6D792B62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [6D780178] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetUSValueA] [6D7764C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [6D774CAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [6D774927] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [6D774984] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [6D776528] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[700] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlFreeHeap] 51EC8B55
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlFreeUnicodeString] 8B565351
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!DbgPrintEx] FF560875
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlUpcaseUnicodeChar] 4751A415
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtClose] 85D88B00
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtSetInformationFile] C2840FDB
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtOpenFile] 57000000
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtQueryInformationFile] 0068406A
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlCompareUnicodeString] FF000010
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlAppendUnicodeStringToString] 006A5073
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlAllocateHeap] 506415FF
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlUnicodeStringToInteger] F88B0047
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtCreatePagingFile] 85FC7D89
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!_alldiv] 9E840FFF
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtQuerySystemInformation] 8B000000
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!_allmul] A4F3544B
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtFlushKey] 1443B70F
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtDeleteValueKey] 0653B70F
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtSetValueKey] 1818448D
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtCreateKey] 8B0CC083
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlCompareMemory] 08758B08
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtDeviceIoControlFile] 03FC7D8B
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlInitUnicodeStringEx] 8BF903F1
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlExtendedIntegerMultiply] C083FC48
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtQueryVolumeInformationFile] A4F34A28
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtQueryInformationProcess] 758BE975
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlAppendUnicodeToString] 9C3D8BFC
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlInitUnicodeString] 2B004751
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtSetSystemInformation] 458D0875
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlDosPathNameToNtPathName_U] 056A50F8
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlExpandEnvironmentStrings_U] [75FF016A] C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtQueryValueKey] 85D7FFFC
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtCreateFile] EB2574C0
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtOpenKey] 04488B1D
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!_vsnwprintf] 56F84D29
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!EtwEventWrite] 8B08508D
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!EtwEventEnabled] FC450300
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtSetSecurityObject] 52F8C183
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlSetOwnerSecurityDescriptor] 5051E9D1
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlSetDaclSecurityDescriptor] 519815FF
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlAddAccessAllowedAce] 7D830047
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlCreateAcl] DD7500F8
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlCreateSecurityDescriptor] 50F8458D
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlAllocateAndInitializeSid] 016A016A
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlCreateUnicodeString] FFFC75FF
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtReadFile] 74C085D7
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!_chkstk] 0C488D20
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtMakeTemporaryObject] C085018B
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtCreateSymbolicLinkObject] F18B1774
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtOpenDirectoryObject] 03FC4D8B
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlAnsiStringToUnicodeString] 15FF50C1
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlInitAnsiString] [0047506C] C:\Windows\system32\smss.exe (Windows Session Manager/Microsoft Corporation)
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!_stricmp] 8B14C683
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!qsort] [75C08506] C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlRandomEx] FC458BEB
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!LdrVerifyImageMatchesChecksumEx] C95B5E5F
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtCreateDirectoryObject] 560004C2
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlEqualUnicodeString] 8210BF57
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!memcpy] 8B570047
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!_wcsicmp] 6815FFF1
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlSetEnvironmentVariable] 6A004750
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!iswspace] 3C83580F
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlQueryEnvironmentVariable_U] 47822885
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlFindSetBits] 09740000
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlInterlockedSetBitRun] 8548C88B
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlTestBit] EBEF75C9
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlUnlockBootStatusData] 85348907
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlGetSetBootStatusData] [00478228] C:\Windows\system32\smss.exe (Windows Session Manager/Microsoft Corporation)
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlLockBootStatusData] 6015FF57
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlSetSaclSecurityDescriptor] 5F004750
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlAddMandatoryAce] 5756C35E
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlLengthSid] 478210BF
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlGetAce] F18B5700
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlPrefixUnicodeString] 506815FF
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtQuerySymbolicLinkObject] 0F6A0047
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtOpenSymbolicLinkObject] 85343958
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtQueryDirectoryObject] [00478228] C:\Windows\system32\smss.exe (Windows Session Manager/Microsoft Corporation)
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlTimeToTimeFields] C88B0974
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtSerializeBoot] [75C98548] C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!memset] 8308EBF0
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtMapViewOfSection] 82288524
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtCreateSection] 57000047
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlQueryRegistryValues] 506015FF
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlDosSearchPath_U] 5E5F0047
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtResumeThread] 800068C3
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtWaitForSingleObject] 006A0000
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtTerminateProcess] 5C15FF51
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlDestroyProcessParameters] 50004750
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlCreateUserProcess] 519415FF
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlCreateProcessParametersEx] 55C30047
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtDisplayString] 5351EC8B
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtWriteFile] 35FF5756
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!_wcsupr] [00478268] C:\Windows\system32\smss.exe (Windows Session Manager/Microsoft Corporation)
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlAdjustPrivilege] 519015FF
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtInitializeRegistry] 8D590047
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!TpReleaseWork] E8400044
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!TpPostWork] 000031BC
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!TpAllocWork] [75FFFC8B] C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtSetEvent] FC7D8908
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlSetCurrentEnvironment] 826835FF
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlCreateEnvironment] 60680047
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtOpenEvent] 57004768
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlSetBits] 518C15FF
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlClearAllBits] DB330047
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlInitializeBitMap] 3910C483
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtAlpcCreatePort] 6E7D085D
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtSetInformationProcess] FFF63357
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlCreateTagHeap] 47505815
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlReleaseSRWLockExclusive] 85F88B00
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlAcquireSRWLockExclusive] 8D3774FF
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtSetInformationThread] 6A500845
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtQueryInformationToken] FF575602
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtOpenThreadToken] 47518815
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtAlpcImpersonateClientOfPort] 7CC08500
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlReleaseSRWLockShared] FF556A25
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlAcquireSRWLockShared] 15FFFC75
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!TpSetPoolMinThreads] [00475184] C:\Windows\system32\smss.exe (Windows Session Manager/
     
    wayne jones,
    #6
  8. 2012/07/18
    wayne jones

    wayne jones Inactive Thread Starter

    Joined:
    2008/02/24
    Messages:
    86
    Likes Received:
    0
    log part 4

    Microsoft Corporation)
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtAlpcDisconnectPort] C9335959
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlInitializeSRWLock] 08896657
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtConnectPort] FFFE1FE8
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!AlpcGetMessageAttribute] 85D88BFF
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtAlpcAcceptConnectPort] 8B0774DB
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtAlpcOpenSenderProcess] F72B0875
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtAlpcCancelMessage] FF57F303
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtAlpcSendWaitReceivePort] 47505415
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!AlpcInitializeMessageAttribute] 74F68500
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlSetThreadIsCritical] FC4D8B53
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtRequestWaitReplyPort] 478100BA
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtDuplicateObject] 85D6FF00
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtCreateEvent] 684575C0
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlWakeConditionVariable] 00008000
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlClearBits] 15FF5350
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlDeleteNoSplay] [0047505C] C:\Windows\system32\smss.exe (Windows Session Manager/Microsoft Corporation)
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtClearEvent] 5D3936EB
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlSleepConditionVariableSRW] BB31740C
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlWakeAllConditionVariable] [00478210] C:\Windows\system32\smss.exe (Windows Session Manager/Microsoft Corporation)
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlFindClearBits] 6815FF53
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlFreeSid] BE004750
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtRaiseHardError] [00478264] C:\Windows\system32\smss.exe (Windows Session Manager/Microsoft Corporation)
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtWaitForMultipleObjects] C085068B
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!TpAllocAlpcCompletion] 4D8B0774
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!TpAllocPool] FFD78B08
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlSetProcessIsCritical] 83C68BD0
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!EtwEventRegister] 283D04EE
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlSetHeapInformation] 75004782
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlInitializeConditionVariable] 15FF53E7
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtDelayExecution] [00475060] C:\Windows\system32\smss.exe (Windows Session Manager/Microsoft Corporation)
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlUnicodeStringToAnsiString] 5FF0658D
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!NtQueryEvent] C2C95B5E
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlReleasePrivilege] 8B550008
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlAcquirePrivilege] B8EC81EC
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!LdrQueryImageFileExecutionOptions] 53000008
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!wcstoul] 0B6A5756
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!_wcsnicmp] 6894BE59
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlUnhandledExceptionFilter] BD8D0047
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlUnwind] FFFFFF4C
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlNormalizeProcessParams] 526AA5F3
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlConnectToSm] 858DFF33
    IAT C:\Windows\system32\services.exe[740] @ C:\Windows\system32\smss.exe [ntdll.dll!RtlSendMsgToSm] FFFFFF78
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [6D78029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6D775EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [6D787F4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6D78F500] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [6D78F94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [6D7907CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [6D78FCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [6D775E4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6D78ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6D7763E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6D78B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6D776D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6D78BC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6D78C811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [6D78029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6D775EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6D7763E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6D78C811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [6D78E457] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [6D78AA37] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [6D78ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [6D78B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6D776D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6D775EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [6D78FCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [6D7907CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6D78939B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6D7763E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [6D78029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [6D775F62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6D789229] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6D77F1F1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6D775E4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [6D780ADF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [6D78F2BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [6D78F94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [6D79072B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [6D78F9A0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [6D791542] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [6D791C5E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [6D77FA79] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [6D791191] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [6D77F725] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [6D77FB25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [6D791095] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [6D791F32] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [6D7912D2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [6D790DFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [6D780178] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [6D791B2E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [6D79194A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsContentTypeW] [6D791233] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegQueryUSValueW] [6D77F86E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegEnumUSKeyW] [6D77F472] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyA] [6D7927C3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [6D79136E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [6D791284] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [6D790F4E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [6D792769] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCanonicalizeW] [6D77F9DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [6D792937] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [6D777430] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [6D77F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [6D77E265] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [6D775D08] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [6D79140A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [6D791590] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [6D791F83] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [6D780123] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [6D79218A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [6D791BC6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyW] [6D77FACB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [6D7919EE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [6D77FC0B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [6D7920D3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [6D792B62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [6D792028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [6D790F9F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [6D774927] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [6D790D47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [6D77FA2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [6D7918A2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [6D791CAC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [6D79171C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [6D7917B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [6D774984] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [6D788C1A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [6D78CB0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [6D78D6BF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [6D78D11F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6D776D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [6D78C49D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6D78B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [6D78B245] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6D78A89F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6D78E0C1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6D78ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [6D78A249] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [6D789AF3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [6D78E457] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6D78E089] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [6D789F4B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6D78BC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [6D78A56D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6D776D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [6D77F6D1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [6D791F32] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [6D792028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [6D792B05] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [6D792B62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [6D780178] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetUSValueA] [6D7764C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [6D774CAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [6D774927] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [6D774984] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [6D776528] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT
     
    wayne jones,
    #7
  9. 2012/07/18
    wayne jones

    wayne jones Inactive Thread Starter

    Joined:
    2008/02/24
    Messages:
    86
    Likes Received:
    0
    log part 5

    C:\Program Files\Internet Explorer\iexplore.exe[4888] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4960] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [753BFFF6] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4960] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [753BFFF6] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4960] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [753BFFF6] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4960] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [753BFFF6] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4960] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [753BFFF6] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4960] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [753BFFF6] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4960] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [753BFFF6] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [6D78029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6D775EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [6D787F4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6D78F500] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [6D78F94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [6D7907CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [6D78FCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [6D775E4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6D78ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6D7763E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6D78B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6D776D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6D78BC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6D78C811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [6D78029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6D775EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6D7763E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6D78C811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [6D78E457] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [6D78AA37] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [6D78ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [6D78B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6D776D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6D775EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [6D78FCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [6D7907CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6D78939B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6D7763E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [6D78029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [6D775F62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6D789229] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6D77F1F1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6D775E4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [6D780ADF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [6D78F2BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [6D78F94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [6D79072B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [6D78F9A0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [6D791542] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [6D791C5E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [6D77FA79] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [6D791191] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [6D77F725] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [6D77FB25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [6D791095] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [6D791F32] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [6D7912D2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [6D790DFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [6D780178] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [6D791B2E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [6D79194A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsContentTypeW] [6D791233] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegQueryUSValueW] [6D77F86E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegEnumUSKeyW] [6D77F472] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyA] [6D7927C3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [6D79136E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [6D791284] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [6D790F4E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [6D792769] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCanonicalizeW] [6D77F9DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [6D792937] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [6D777430] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [6D77F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [6D77E265] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [6D775D08] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [6D79140A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [6D791590] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [6D791F83] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [6D780123] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [6D79218A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [6D791BC6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyW] [6D77FACB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [6D7919EE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [6D77FC0B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [6D7920D3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [6D792B62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [6D792028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [6D790F9F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [6D774927] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [6D790D47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [6D77FA2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [6D7918A2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [6D791CAC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [6D79171C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [6D7917B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [6D774984] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [6D788C1A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [6D78CB0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [6D78D6BF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [6D78D11F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6D776D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [6D78C49D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6D78B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [6D78B245] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6D78A89F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6D78E0C1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6D78ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [6D78A249] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [6D789AF3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [6D78E457] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6D78E089] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [6D789F4B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6D78BC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [6D78A56D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\
     
    wayne jones,
    #8
  10. 2012/07/18
    wayne jones

    wayne jones Inactive Thread Starter

    Joined:
    2008/02/24
    Messages:
    86
    Likes Received:
    0
    log part 6

    Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6D776D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [6D77F6D1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [6D791F32] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [6D792028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [6D792B05] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [6D792B62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [6D780178] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetUSValueA] [6D7764C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [6D774CAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [6D774927] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [6D774984] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [6D776528] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5628] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [6D78029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6D775EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [6D787F4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6D78F500] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [6D78F94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [6D7907CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [6D78FCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [6D775E4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6D78ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6D7763E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6D78B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6D776D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6D78BC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6D78C811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [6D78029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6D775EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6D7763E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6D78C811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [6D78E457] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [6D78AA37] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [6D78ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [6D78B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6D776D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6D775EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [6D78FCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [6D7907CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6D78939B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6D7763E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [6D78029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [6D775F62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6D789229] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6D77F1F1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6D775E4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [6D780ADF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [6D78F2BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [6D78F94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [6D79072B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [6D78F9A0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [6D791542] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [6D791C5E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [6D77FA79] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [6D791191] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [6D77F725] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [6D77FB25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [6D791095] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [6D791F32] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [6D7912D2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [6D790DFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [6D780178] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [6D791B2E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [6D79194A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsContentTypeW] [6D791233] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegQueryUSValueW] [6D77F86E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegEnumUSKeyW] [6D77F472] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyA] [6D7927C3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [6D79136E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [6D791284] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [6D790F4E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [6D792769] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCanonicalizeW] [6D77F9DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [6D792937] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [6D777430] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [6D77F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [6D77E265] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [6D775D08] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [6D79140A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [6D791590] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [6D791F83] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [6D780123] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [6D79218A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [6D791BC6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyW] [6D77FACB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [6D7919EE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [6D77FC0B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [6D7920D3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [6D792B62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [6D792028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [6D790F9F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [6D774927] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [6D790D47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [6D77FA2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [6D7918A2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [6D791CAC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [6D79171C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [6D7917B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [6D774984] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [6D788C1A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [6D78CB0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [6D78D6BF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [6D78D11F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6D776D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [6D78C49D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6D78B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [6D78B245] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6D78A89F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6D78E0C1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6D78ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [6D78A249] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [6D789AF3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [6D78E457] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6D78E089] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [6D789F4B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6D78BC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [6D78A56D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6D774E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6D776D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [6D77F6D1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [6D791F32] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [6D792028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [6D792B05] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [6D792B62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [6D780178] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetUSValueA] [6D7764C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [6D774CAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [6D774927] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [6D774984] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [6D776528] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[5708] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [6D7747BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\Ntfs \Ntfs avgidsfilterx.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )

    Device \Driver\ACPI_HAL \Device\00000045 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

    AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
    AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

    ---- EOF - GMER 1.0.15 ----
     
    wayne jones,
    #9
  11. 2012/07/18
    wayne jones

    wayne jones Inactive Thread Starter

    Joined:
    2008/02/24
    Messages:
    86
    Likes Received:
    0
    aswMBR log

    aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-07-17 14:46:37
    -----------------------------
    14:46:37.761 OS Version: Windows 6.1.7601 Service Pack 1
    14:46:37.761 Number of processors: 2 586 0x170A
    14:46:37.761 ComputerName: WAYNE-PC UserName: Wayne
    14:46:39.853 Initialize success
    14:47:05.200 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T1L0-4
    14:47:05.200 Disk 0 Vendor: ST3500418AS CC46 Size: 476940MB BusType: 3
    14:47:05.231 Disk 0 MBR read successfully
    14:47:05.231 Disk 0 MBR scan
    14:47:05.231 Disk 0 Windows 7 default MBR code
    14:47:05.247 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
    14:47:05.247 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
    14:47:05.262 Disk 0 scanning sectors +976771072
    14:47:05.434 Disk 0 scanning C:\Windows\system32\drivers
    14:47:27.532 Service scanning
    14:47:43.736 Modules scanning
    14:50:41.782 Disk 0 trace - called modules:
    14:50:41.883 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
    14:50:41.891 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8630b030]
    14:50:42.274 3 CLASSPNP.SYS[8d26759e] -> nt!IofCallDriver -> [0x85e4f810]
    14:50:42.274 5 ACPI.sys[8ca1c3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T1L0-4[0x85e4f030]
    14:50:42.282 Scan finished successfully
    14:51:46.102 Disk 0 MBR has been saved successfully to "C:\Users\Wayne\Desktop\MBR.dat "
    14:51:46.102 The log file has been saved successfully to "C:\Users\Wayne\Desktop\aswMBR.log "
     
    wayne jones,
    #10
  12. 2012/07/18
    wayne jones

    wayne jones Inactive Thread Starter

    Joined:
    2008/02/24
    Messages:
    86
    Likes Received:
    0
    malware byte log

    Malwarebytes Anti-Malware 1.62.0.1300
    www.malwarebytes.org

    Database version: v2012.07.18.06

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 9.0.8112.16421
    Wayne :: WAYNE-PC [administrator]

    18/07/2012 16:30:17
    mbam-log-2012-07-18 (16-30-17).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 227280
    Time elapsed: 4 minute(s), 57 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 5
    C:\Windows\assembly\GAC\Desktop.ini (Trojan.0access) -> Delete on reboot.
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\U\00000004.@ (Rootkit.0Access) -> Quarantined and deleted successfully.
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\U\000000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully.
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\U\80000000.@ (Trojan.Sirefef) -> Quarantined and deleted successfully.

    (end)
     
    wayne jones,
    #11
  13. 2012/07/18
    wayne jones

    wayne jones Inactive Thread Starter

    Joined:
    2008/02/24
    Messages:
    86
    Likes Received:
    0
    DDS logs

    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421
    Run by Wayne at 16:36:48 on 2012-07-18
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3519.2129 [GMT 1:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
    C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
    C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Windows\system32\PnkBstrA.exe
    C:\Windows\system32\PnkBstrB.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\Program Files\AVG\AVG2012\avgemcx.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
    C:\Program Files\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Microsoft Location Finder\LocationFinder.exe
    C:\Program Files\Steam\steam.exe
    C:\Windows\System32\spool\drivers\w32x86\3\E_FATIHJE.EXE
    C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
    C:\Program Files\PictureMover\Bin\PictureMover.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Common Files\Steam\SteamService.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Windows\System32\svchost.exe" -k LocalServiceDns
    "C:\Windows\System32\svchost.exe" -k LocalServiceDns
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.talktalk.co.uk/
    uInternet Settings,ProxyOverride = *.local
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
    uRun: [Microsoft Location Finder] "c:\program files\microsoft location finder\LocationFinder.exe "
    uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
    uRun: [EPSON SX130 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatihje.exe /fu "c:\windows\temp\E_S28F3.tmp" /EF "HKCU "
    uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
    mRun: [HDAudDeck] c:\program files\via\viaudioi\vdeck\VDeck.exe -r
    mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe "
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe "
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe "
    mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe "
    mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe "
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
    mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "c:\programdata\malwarebytes\malwarebytes' anti-malware\cleanup.dll ",ProcessCleanupScript
    StartupFolder: c:\users\wayne\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\pictur~1.lnk - c:\program files\picturemover\bin\PictureMover.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office10\EXCEL.EXE/3000
    IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
    LSP: mswsock.dll
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{61BB5B76-AC84-44F8-8017-0D708A4772AE} : DhcpNameServer = 192.168.0.1
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248]
    R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
    R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-4-30 5106744]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
    R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50ST7.EXE [2012-1-1 153600]
    R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50RP7.EXE [2012-1-1 121856]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-3-15 2348352]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-2-29 382272]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-3-24 187392]
    R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-3-24 1108480]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-6-13 136176]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-17 250056]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-6-13 136176]
    S3 Leapfrog-USBLAN;Leapfrog-USBLAN;c:\windows\system32\drivers\btblan.sys [2011-11-12 33792]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-24 52224]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-3-24 1343400]
    .
    =============== Created Last 30 ================
    .
    2012-07-18 15:35:23 54016 ----a-w- c:\windows\system32\drivers\qlutk.sys
    2012-07-15 15:01:36 -------- d-sh--w- c:\windows\system32\%APPDATA%
    2012-07-15 13:31:51 -------- d-----w- c:\users\wayne\appdata\local\Turbine
    2012-07-15 13:31:47 -------- d-----w- c:\users\wayne\appdata\local\ApplicationHistory
    2012-07-15 13:31:04 -------- d-----w- c:\windows\system32\URTTEMP
    2012-07-10 21:22:04 2345984 ----a-w- c:\windows\system32\win32k.sys
    2012-06-22 20:00:54 -------- d-----w- c:\program files\1ClickDownload
    2012-06-19 06:38:56 2422272 ----a-w- c:\windows\system32\wucltux.dll
    2012-06-19 06:38:41 88576 ----a-w- c:\windows\system32\wudriver.dll
    2012-06-19 06:38:27 33792 ----a-w- c:\windows\system32\wuapp.exe
    2012-06-19 06:38:27 171904 ----a-w- c:\windows\system32\wuwebv.dll
    .
    ==================== Find3M ====================
    .
    2012-07-11 21:26:07 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-07-11 21:26:07 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-07-03 12:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-06-06 05:05:52 1390080 ----a-w- c:\windows\system32\msxml6.dll
    2012-06-06 05:05:52 1236992 ----a-w- c:\windows\system32\msxml3.dll
    2012-06-06 05:03:06 805376 ----a-w- c:\windows\system32\cdosys.dll
    2012-06-02 08:33:25 1800192 ----a-w- c:\windows\system32\jscript9.dll
    2012-06-02 08:25:08 1129472 ----a-w- c:\windows\system32\wininet.dll
    2012-06-02 08:25:03 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-06-02 08:20:33 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2012-06-02 08:16:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2012-06-02 04:45:04 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
    2012-06-02 04:45:03 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
    2012-06-02 04:40:59 369336 ----a-w- c:\windows\system32\drivers\cng.sys
    2012-06-02 04:40:39 225280 ----a-w- c:\windows\system32\schannel.dll
    2012-06-02 04:39:10 219136 ----a-w- c:\windows\system32\ncrypt.dll
    2012-05-01 04:44:12 164352 ----a-w- c:\windows\system32\profsvc.dll
    2012-04-28 03:17:07 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-04-26 04:45:55 58880 ----a-w- c:\windows\system32\rdpwsx.dll
    2012-04-26 04:45:54 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
    2012-04-26 04:41:16 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
    2012-04-24 04:36:42 140288 ----a-w- c:\windows\system32\cryptsvc.dll
    2012-04-24 04:36:42 1158656 ----a-w- c:\windows\system32\crypt32.dll
    2012-04-24 04:36:42 103936 ----a-w- c:\windows\system32\cryptnet.dll
    .
    ============= FINISH: 16:37:23.86 ===============
     
    wayne jones,
    #12
  14. 2012/07/18
    wayne jones

    wayne jones Inactive Thread Starter

    Joined:
    2008/02/24
    Messages:
    86
    Likes Received:
    0
    DDS log file 2

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 24/03/2011 02:45:04
    System Uptime: 18/07/2012 07:43:12 (9 hours ago)
    .
    Motherboard: ASRock | | G41C-S
    Processor: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz | CPUSocket | 2991/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 466 GiB total, 51.404 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP152: 19/06/2012 07:38:05 - Windows Update
    RP153: 23/06/2012 09:50:39 - Installed calibre
    RP154: 10/07/2012 22:21:39 - Windows Update
    RP156: 15/07/2012 14:30:35 - Installed DirectX
    .
    ==== Installed Programs ======================
    .
    ABBYY FineReader 9.0 Sprint
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.3)
    Adobe Shockwave Player 11.6
    Any Video Converter 2.7.0
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    ASRock InstantBoot v1.23
    Autorota Professional 2.13 (eval)
    AVG 2012
    Battlefield Heroes
    Battlefield Play4Free
    BitTorrent
    Bonjour
    calibre
    Compatibility Pack for the 2007 Office system
    Deus Ex Human Revolution
    Dungeons & Dragons Online®
    Epson Easy Photo Print 2
    Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
    Epson Event Manager
    EPSON Scan
    EPSON SX130 Series Printer Uninstall
    Fallout 3
    Football Manager 2012
    Football Manager 2012 Editor
    Gears of War
    Google Chrome
    Google Earth
    Google Update Helper
    iCloud
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 31
    LeapFrog Connect
    LeapFrog LeapPad Explorer Plugin
    Malwarebytes Anti-Malware version 1.62.0.1300
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Games for Windows - LIVE Redistributable
    Microsoft Games for Windows Marketplace
    Microsoft Location Finder
    Microsoft Office XP Professional with FrontPage
    Microsoft Silverlight
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    NVIDIA 3D Vision Controller Driver 296.10
    NVIDIA 3D Vision Driver 296.10
    NVIDIA Control Panel 296.10
    NVIDIA Graphics Driver 296.10
    NVIDIA Install Application
    NVIDIA PhysX
    NVIDIA PhysX System Software 9.12.0213
    NVIDIA Stereoscopic 3D Driver
    NVIDIA Update 1.7.11
    NVIDIA Update Components
    OpenOffice.org 3.3
    PictureMover
    Platform
    PunkBuster Services
    QuickTime
    Realtek Ethernet Controller Driver
    Safari
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Singularity
    SopCast 3.3.2
    Star Wars JK II Jedi Outcast
    Steam
    swMSM
    System Requirements Lab
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
    User's Guide EPSON SX130 Series
    VIA Platform Device Manager
    VLC media player 1.1.7
    Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
    Windows Live ID Sign-in Assistant
    WinRAR 4.01 (32-bit)
    .
    ==== Event Viewer Messages From Past Week ========
    .
    18/07/2012 07:46:33, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
    18/07/2012 07:45:37, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.
    17/07/2012 16:34:25, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {0C0A3666-30C9-11D0-8F20-00805F2CD064} and APPID {9209B1A6-964A-11D0-9372-00A0C9034910} to the user Wayne-PC\Wayne SID (S-1-5-21-2689820159-702822217-135784562-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    .
    ==== End Of File ===========================
     
    wayne jones,
    #13
  15. 2012/07/18
    PeteC

    PeteC SuperGeek Staff

    Joined:
    2002/05/10
    Messages:
    28,896
    Likes Received:
    389
    Thank you :)

    Our Malware analyst will take a look at the logs as soon as he can.
     
    PeteC,
    #14
  16. 2012/07/18
    wayne jones

    wayne jones Inactive Thread Starter

    Joined:
    2008/02/24
    Messages:
    86
    Likes Received:
    0
    Thank you

    Thank you
     
    wayne jones,
    #15
  17. 2012/07/18
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ========================================

    For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
    For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

    Plug the flashdrive into the infected PC.

    Enter System Recovery Options.

    [color= "#0000FF"]To enter System Recovery Options from the Advanced Boot Options:[/color]
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.

    [color= "#0000FF"]To enter System Recovery Options by using Windows installation disc:[/color]
    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.

    [color= "#008000"]On the System Recovery Options menu you will get the following options:[/color]

      • Startup Repair
        System Restore
        Windows Complete PC Restore
        Windows Memory Diagnostic Tool
        Command Prompt
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type [color= "#FF0000"]e[/color]:\frst.exe (for x64 bit version type [color= "#FF0000"]e[/color]:\frst64) and press Enter
      Note: Replace letter [color= "#FF0000"]e[/color] with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
     
    broni,
    #16
  18. 2012/07/19
    wayne jones

    wayne jones Inactive Thread Starter

    Joined:
    2008/02/24
    Messages:
    86
    Likes Received:
    0
    FRST.exe log

    Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 16-07-2012 01
    Ran by Wayne at 19-07-2012 18:34:59
    Running from E:\
    Service Pack 1 (X86) OS Language: English(US)
    Attention: Could not load system hive.ERROR: The process cannot access the file because it is being used by another process.

    ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNTION PROPERLY.


    ============ One Month Created Files and Folders ==============

    2012-07-19 18:30 - 2012-07-19 18:30 - 00000000 ____A C:\Windows\System32\PerfStringBackup.TMP
    2012-07-19 18:15 - 2012-07-19 18:34 - 00000000 ____D C:\FRST
    2012-07-19 18:15 - 2012-07-19 18:15 - 00891630 ____A (Farbar) C:\Users\Wayne\Downloads\FRST.exe
    2012-07-17 14:51 - 2012-07-17 14:51 - 00001646 ____A C:\Users\Wayne\Desktop\aswMBR.log
    2012-07-17 14:51 - 2012-07-17 14:51 - 00000512 ____A C:\Users\Wayne\Desktop\MBR.dat
    2012-07-17 14:44 - 2012-07-17 14:44 - 00214237 ____A C:\Users\Wayne\Desktop\gmer.log
    2012-07-15 16:01 - 2012-07-15 16:01 - 00000000 __SHD C:\Windows\System32\%APPDATA%
    2012-07-15 14:32 - 2012-07-15 14:32 - 00000093 ____A C:\Users\Wayne\AppData\Local\fusioncache.dat
    2012-07-15 14:31 - 2012-07-15 14:31 - 00000000 ____D C:\Users\Wayne\AppData\Local\Turbine
    2012-07-10 22:23 - 2012-06-02 10:07 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2012-07-10 22:23 - 2012-06-02 09:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2012-07-10 22:23 - 2012-06-02 09:33 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2012-07-10 22:23 - 2012-06-02 09:26 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2012-07-10 22:23 - 2012-06-02 09:25 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2012-07-10 22:23 - 2012-06-02 09:25 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2012-07-10 22:23 - 2012-06-02 09:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2012-07-10 22:23 - 2012-06-02 09:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2012-07-10 22:23 - 2012-06-02 09:20 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2012-07-10 22:23 - 2012-06-02 09:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2012-07-10 22:23 - 2012-06-02 09:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2012-07-10 22:23 - 2012-06-02 09:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2012-07-10 22:23 - 2012-06-02 09:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2012-07-10 22:23 - 2012-06-02 09:14 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2012-07-10 22:22 - 2012-06-12 03:40 - 02345984 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2012-07-10 22:18 - 2012-06-09 05:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
    2012-07-10 22:18 - 2012-06-06 06:05 - 01390080 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
    2012-07-10 22:18 - 2012-06-06 06:05 - 01236992 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
    2012-07-10 22:18 - 2012-06-06 06:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
    2012-07-10 22:18 - 2012-06-02 05:45 - 00134000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
    2012-07-10 22:18 - 2012-06-02 05:45 - 00067440 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
    2012-07-10 22:18 - 2012-06-02 05:40 - 00369336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
    2012-07-10 22:18 - 2012-06-02 05:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
    2012-07-10 22:18 - 2012-06-02 05:39 - 00219136 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
    2012-07-10 22:18 - 2010-06-26 04:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
    2012-06-29 11:22 - 2012-06-29 11:22 - 00000000 ____D C:\Users\Wayne\AppData\Roaming\dvdcss
    2012-06-23 09:48 - 2012-06-23 09:49 - 47520256 ____A C:\Users\Wayne\Downloads\calibre-0.8.57.msi
    2012-06-22 21:00 - 2012-06-22 21:00 - 00000000 ____D C:\Program Files\1ClickDownload
    2012-06-19 07:38 - 2012-06-02 23:19 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
    2012-06-19 07:38 - 2012-06-02 23:19 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
    2012-06-19 07:38 - 2012-06-02 23:19 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
    2012-06-19 07:38 - 2012-06-02 23:19 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
    2012-06-19 07:38 - 2012-06-02 23:19 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
    2012-06-19 07:38 - 2012-06-02 23:12 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
    2012-06-19 07:38 - 2012-06-02 23:12 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
    2012-06-19 07:38 - 2012-06-02 15:19 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
    2012-06-19 07:38 - 2012-06-02 15:12 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe

    ============ 3 Months Modified Files ========================

    2012-07-19 18:33 - 2011-06-13 16:12 - 00000880 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2012-07-19 18:33 - 2009-07-14 05:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2012-07-19 18:33 - 2009-07-14 05:39 - 01069505 ____A C:\Windows\setupact.log
    2012-07-19 18:30 - 2012-07-19 18:30 - 00000000 ____A C:\Windows\System32\PerfStringBackup.TMP
    2012-07-19 18:30 - 2011-03-24 03:44 - 01202483 ____A C:\Windows\WindowsUpdate.log
    2012-07-19 18:30 - 2009-07-14 05:34 - 00014752 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2012-07-19 18:30 - 2009-07-14 05:34 - 00014752 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2012-07-19 18:26 - 2012-04-17 07:26 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
    2012-07-19 18:15 - 2012-07-19 18:15 - 00891630 ____A (Farbar) C:\Users\Wayne\Downloads\FRST.exe
    2012-07-19 17:47 - 2011-06-13 16:12 - 00000884 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2012-07-19 13:22 - 2011-03-24 03:49 - 00739790 ____A C:\Windows\System32\PerfStringBackup.INI
    2012-07-19 08:15 - 2011-03-24 03:00 - 00021722 ____A C:\Windows\PFRO.log
    2012-07-17 14:51 - 2012-07-17 14:51 - 00001646 ____A C:\Users\Wayne\Desktop\aswMBR.log
    2012-07-17 14:51 - 2012-07-17 14:51 - 00000512 ____A C:\Users\Wayne\Desktop\MBR.dat
    2012-07-17 14:44 - 2012-07-17 14:44 - 00214237 ____A C:\Users\Wayne\Desktop\gmer.log
    2012-07-15 16:08 - 2012-02-20 15:53 - 00001067 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2012-07-15 14:32 - 2012-07-15 14:32 - 00000093 ____A C:\Users\Wayne\AppData\Local\fusioncache.dat
    2012-07-12 17:44 - 2012-05-29 19:23 - 00002286 ____A C:\Users\Public\Desktop\Google Chrome.lnk
    2012-07-11 22:26 - 2012-04-17 07:26 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
    2012-07-11 22:26 - 2011-05-13 07:49 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
    2012-07-11 16:09 - 2009-07-14 05:33 - 00314648 ____A C:\Windows\System32\FNTCACHE.DAT
    2012-07-10 22:22 - 2011-03-24 04:07 - 57442464 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2012-07-03 13:46 - 2011-03-24 21:20 - 00022344 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
    2012-07-03 08:25 - 2011-09-05 10:46 - 00014595 ____A C:\Users\Wayne\Documents\walking on (no more tears).odt
    2012-06-23 09:51 - 2012-05-03 15:21 - 00000930 ____A C:\Users\Public\Desktop\calibre - E-book management.lnk
    2012-06-23 09:49 - 2012-06-23 09:48 - 47520256 ____A C:\Users\Wayne\Downloads\calibre-0.8.57.msi
    2012-06-20 16:51 - 2011-03-24 23:33 - 00000933 ____A C:\Users\Public\Desktop\BitTorrent.lnk
    2012-06-14 21:52 - 2009-07-14 05:53 - 00032620 ____A C:\Windows\Tasks\SCHEDLGU.TXT
    2012-06-12 18:18 - 2012-06-12 18:18 - 00001753 ____A C:\Users\Public\Desktop\iTunes.lnk
    2012-06-12 03:40 - 2012-07-10 22:22 - 02345984 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2012-06-11 10:14 - 2012-06-11 10:14 - 00001815 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
    2012-06-09 05:41 - 2012-07-10 22:18 - 12873728 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
    2012-06-06 06:05 - 2012-07-10 22:18 - 01390080 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
    2012-06-06 06:05 - 2012-07-10 22:18 - 01236992 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
    2012-06-06 06:03 - 2012-07-10 22:18 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
    2012-06-02 23:19 - 2012-06-19 07:38 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
    2012-06-02 23:19 - 2012-06-19 07:38 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
    2012-06-02 23:19 - 2012-06-19 07:38 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
    2012-06-02 23:19 - 2012-06-19 07:38 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
    2012-06-02 23:19 - 2012-06-19 07:38 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
    2012-06-02 23:12 - 2012-06-19 07:38 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
    2012-06-02 23:12 - 2012-06-19 07:38 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
    2012-06-02 15:20 - 2011-03-24 09:04 - 00120235 ____A C:\Windows\DirectX.log
    2012-06-02 15:19 - 2012-06-19 07:38 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
    2012-06-02 15:12 - 2012-06-19 07:38 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
    2012-06-02 10:07 - 2012-07-10 22:23 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2012-06-02 09:43 - 2012-07-10 22:23 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2012-06-02 09:33 - 2012-07-10 22:23 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2012-06-02 09:26 - 2012-07-10 22:23 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2012-06-02 09:25 - 2012-07-10 22:23 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2012-06-02 09:25 - 2012-07-10 22:23 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2012-06-02 09:23 - 2012-07-10 22:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2012-06-02 09:21 - 2012-07-10 22:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2012-06-02 09:20 - 2012-07-10 22:23 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2012-06-02 09:19 - 2012-07-10 22:23 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2012-06-02 09:19 - 2012-07-10 22:23 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2012-06-02 09:17 - 2012-07-10 22:23 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2012-06-02 09:16 - 2012-07-10 22:23 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2012-06-02 09:14 - 2012-07-10 22:23 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2012-06-02 05:45 - 2012-07-10 22:18 - 00134000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
    2012-06-02 05:45 - 2012-07-10 22:18 - 00067440 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
    2012-06-02 05:40 - 2012-07-10 22:18 - 00369336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
    2012-06-02 05:40 - 2012-07-10 22:18 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
    2012-06-02 05:39 - 2012-07-10 22:18 - 00219136 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
    2012-05-29 19:23 - 2012-05-29 19:23 - 00002170 ____A C:\Users\Public\Desktop\Google Earth.lnk
    2012-05-29 08:30 - 2012-01-24 19:51 - 00000935 ____A C:\Users\Public\Desktop\AVG 2012.lnk
    2012-05-15 19:43 - 2011-11-08 18:51 - 00002479 ____A C:\Users\Public\Desktop\Safari.lnk
    2012-05-01 05:44 - 2012-06-14 07:54 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
    2012-04-28 04:17 - 2012-06-14 07:54 - 00183808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
    2012-04-26 05:45 - 2012-06-14 07:54 - 00129536 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
    2012-04-26 05:45 - 2012-06-14 07:54 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
    2012-04-26 05:41 - 2012-06-14 07:54 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
    2012-04-24 05:36 - 2012-06-14 07:54 - 01158656 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
    2012-04-24 05:36 - 2012-06-14 07:54 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
    2012-04-24 05:36 - 2012-06-14 07:54 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll


    ZeroAccess:
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\@
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\L
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\U
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\L\00000004.@
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\L\1afb2d56
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\L\201d3dde
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\U\00000004.@
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\U\00000008.@
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\U\000000cb.@
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\U\80000000.@
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\U\80000032.@

    ZeroAccess:
    C:\Users\Wayne\AppData\Local\{344001ee-42f7-1a2d-a4f0-5a595955afd3}
    C:\Users\Wayne\AppData\Local\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\@
    C:\Users\Wayne\AppData\Local\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\L
    C:\Users\Wayne\AppData\Local\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\n
    C:\Users\Wayne\AppData\Local\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\U

    ZeroAccess:
    C:\Windows\assembly\GAC\Desktop.ini

    ========================= Bamital & volsnap Check ============

    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe A302BBFF2A7278C0E239EE5D471D86A9 ZeroAccess <==== ATTENTION!.
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ========================= Memory info ======================

    Percentage of memory in use: 31%
    Total physical RAM: 3519.09 MB
    Available physical RAM: 2399.56 MB
    Total Pagefile: 7034.4 MB
    Available Pagefile: 5865.81 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1961.74 MB

    ======================= Partitions =========================

    1 Drive c: () (Fixed) (Total:465.66 GB) (Free:55.63 GB) NTFS
    3 Drive e: () (Removable) (Total:0.94 GB) (Free:0.94 GB) FAT

    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 465 GB 0 B
    Disk 1 Online 961 MB 0 B

    Partitions of Disk 0:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 100 MB 1024 KB
    Partition 2 Primary 465 GB 101 MB

    ==================================================================================

    Disk: 0
    Partition 1
    Type : 07
    Hidden: No
    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 1 System Rese NTFS Partition 100 MB Healthy System (partition with boot components)

    ==================================================================================

    Disk: 0
    Partition 2
    Type : 07
    Hidden: No
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 C NTFS Partition 465 GB Healthy Boot

    ==================================================================================

    Partitions of Disk 1:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 960 MB 16 KB

    ==================================================================================

    Disk: 1
    Partition 1
    Type : 06
    Hidden: No
    this is the log from FRST, unfortunately i could not run it from ops sys account in the note pad because i do not know the password to get into the command prompt (i have never put a password in so i do not know what to do). I just started the computer as normal and run FRST from the flash drive, so i dont know if these results will be any good to you.

    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 E FAT Removable 960 MB Healthy

    ==================================================================================

    ==========================================================

    Last Boot: 2011-12-21 16:14

    ======================= End Of Log ==========================
     
    wayne jones,
    #17
  19. 2012/07/19
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    You ran the tool from within Windows.
    That won't work.
    Re-read my instructions.
     
    broni,
    #18
  20. 2012/07/20
    wayne jones

    wayne jones Inactive Thread Starter

    Joined:
    2008/02/24
    Messages:
    86
    Likes Received:
    0
    FRST log as requested

    Ran by SYSTEM at 20-07-2012 09:31:22
    Running from F:\
    Windows 7 Home Premium (X86) OS Language: English(US)
    The current controlset is ControlSet001

    ========================== Registry (Whitelisted) =============

    HKLM\...\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r [1728512 2009-12-03] (VIA)
    HKLM\...\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" [2587008 2012-04-04] (AVG Technologies CZ, s.r.o.)
    HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
    HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.)
    HKLM\...\Run: [Monitor] "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe" [268640 2011-11-12] (LeapFrog Enterprises, Inc.)
    HKLM\...\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe" [979328 2010-08-30] (SEIKO EPSON CORPORATION)
    HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
    HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
    HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421776 2012-06-07] (Apple Inc.)
    HKU\Wayne\...\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe" [121640 2006-11-06] (Microsoft Corporation)
    HKU\Wayne\...\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent [1242448 2011-11-14] (Valve Corporation)
    HKU\Wayne\...\Run: [EPSON SX130 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHJE.EXE /FU "C:\Windows\TEMP\E_S28F3.tmp" /EF "HKCU" [208384 2010-12-07] (SEIKO EPSON CORPORATION)
    HKU\Wayne\...\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Startup: C:\Users\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
    ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
    Startup: C:\Users\All Users\Start Menu\Programs\Startup\PictureMover.lnk
    ShortcutTarget: PictureMover.lnk -> C:\Program Files\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
    Startup: C:\Users\Wayne\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
    ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

    ================================ Services (Whitelisted) ==================

    2 ABBYY.Licensing.FineReader.Sprint.9.0; "C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service [759048 2009-05-14] (ABBYY)
    2 AVGIDSAgent; "C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe" [5106744 2012-04-30] (AVG Technologies CZ, s.r.o.)
    2 avgwd; "C:\Program Files\AVG\AVG2012\avgwdsvc.exe" [193288 2012-02-13] (AVG Technologies CZ, s.r.o.)
    2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [153600 2009-09-14] (SEIKO EPSON CORPORATION)
    2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [121856 2009-09-14] (SEIKO EPSON CORPORATION)
    2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
    2 MDM; "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe" [322120 2003-06-19] (Microsoft Corporation)
    2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2348352 2012-02-29] (NVIDIA Corporation)
    2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2011-07-10] ()
    2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [189248 2011-07-10] ()
    2 Stereo Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [382272 2012-02-29] (NVIDIA Corporation)

    ========================== Drivers (Whitelisted) =============

    3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [139856 2011-12-23] (AVG Technologies CZ, s.r.o. )
    3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfilterx.sys [24144 2011-12-23] (AVG Technologies CZ, s.r.o. )
    0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [24896 2012-04-18] (AVG Technologies CZ, s.r.o. )
    3 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [17232 2011-12-23] (AVG Technologies CZ, s.r.o. )
    1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [235216 2012-02-21] (AVG Technologies CZ, s.r.o.)
    1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [41040 2011-12-23] (AVG Technologies CZ, s.r.o.)
    0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [31952 2012-01-30] (AVG Technologies CZ, s.r.o.)
    1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [301248 2012-03-18] (AVG Technologies CZ, s.r.o.)
    3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1108480 2009-11-25] (VIA Technologies, Inc.)

    ========================== NetSvcs (Whitelisted) ===========


    ============ One Month Created Files and Folders ==============

    2012-07-19 09:15 - 2012-07-20 00:22 - 00000000 ____D C:\FRST
    2012-07-19 09:15 - 2012-07-19 09:15 - 00891630 ____A (Farbar) C:\Users\Wayne\Downloads\FRST.exe
    2012-07-17 05:51 - 2012-07-17 05:51 - 00001646 ____A C:\Users\Wayne\Desktop\aswMBR.log
    2012-07-17 05:51 - 2012-07-17 05:51 - 00000512 ____A C:\Users\Wayne\Desktop\MBR.dat
    2012-07-17 05:44 - 2012-07-17 05:44 - 00214237 ____A C:\Users\Wayne\Desktop\gmer.log
    2012-07-15 07:01 - 2012-07-15 07:01 - 00000000 __SHD C:\Windows\System32\%APPDATA%
    2012-07-15 05:32 - 2012-07-15 05:32 - 00000093 ____A C:\Users\Wayne\AppData\Local\fusioncache.dat
    2012-07-15 05:31 - 2012-07-15 05:31 - 00000000 ____D C:\Users\Wayne\AppData\Local\Turbine
    2012-07-10 13:23 - 2012-06-02 01:07 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2012-07-10 13:23 - 2012-06-02 00:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2012-07-10 13:23 - 2012-06-02 00:33 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2012-07-10 13:23 - 2012-06-02 00:26 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2012-07-10 13:23 - 2012-06-02 00:25 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2012-07-10 13:23 - 2012-06-02 00:25 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2012-07-10 13:23 - 2012-06-02 00:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2012-07-10 13:23 - 2012-06-02 00:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2012-07-10 13:23 - 2012-06-02 00:20 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2012-07-10 13:23 - 2012-06-02 00:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2012-07-10 13:23 - 2012-06-02 00:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2012-07-10 13:23 - 2012-06-02 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2012-07-10 13:23 - 2012-06-02 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2012-07-10 13:23 - 2012-06-02 00:14 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2012-07-10 13:22 - 2012-06-11 18:40 - 02345984 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2012-07-10 13:18 - 2012-06-08 20:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
    2012-07-10 13:18 - 2012-06-05 21:05 - 01390080 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
    2012-07-10 13:18 - 2012-06-05 21:05 - 01236992 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
    2012-07-10 13:18 - 2012-06-05 21:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
    2012-07-10 13:18 - 2012-06-01 20:45 - 00134000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
    2012-07-10 13:18 - 2012-06-01 20:45 - 00067440 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
    2012-07-10 13:18 - 2012-06-01 20:40 - 00369336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
    2012-07-10 13:18 - 2012-06-01 20:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
    2012-07-10 13:18 - 2012-06-01 20:39 - 00219136 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
    2012-07-10 13:18 - 2010-06-25 19:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
    2012-06-29 02:22 - 2012-06-29 02:22 - 00000000 ____D C:\Users\Wayne\AppData\Roaming\dvdcss
    2012-06-23 00:48 - 2012-06-23 00:49 - 47520256 ____A C:\Users\Wayne\Downloads\calibre-0.8.57.msi
    2012-06-22 12:00 - 2012-06-22 12:00 - 00000000 ____D C:\Program Files\1ClickDownload

    ============ 3 Months Modified Files ========================

    2012-07-20 00:28 - 2011-03-23 18:44 - 01223173 ____A C:\Windows\WindowsUpdate.log
    2012-07-20 00:28 - 2009-07-13 20:34 - 00014752 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2012-07-20 00:28 - 2009-07-13 20:34 - 00014752 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2012-07-20 00:26 - 2012-04-16 22:26 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
    2012-07-20 00:25 - 2011-06-13 07:12 - 00000880 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2012-07-20 00:24 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2012-07-20 00:24 - 2009-07-13 20:39 - 01072249 ____A C:\Windows\setupact.log
    2012-07-19 23:47 - 2011-06-13 07:12 - 00000884 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2012-07-19 10:38 - 2011-03-23 18:49 - 00739790 ____A C:\Windows\System32\PerfStringBackup.INI
    2012-07-19 09:15 - 2012-07-19 09:15 - 00891630 ____A (Farbar) C:\Users\Wayne\Downloads\FRST.exe
    2012-07-18 23:15 - 2011-03-23 18:00 - 00021722 ____A C:\Windows\PFRO.log
    2012-07-17 05:51 - 2012-07-17 05:51 - 00001646 ____A C:\Users\Wayne\Desktop\aswMBR.log
    2012-07-17 05:51 - 2012-07-17 05:51 - 00000512 ____A C:\Users\Wayne\Desktop\MBR.dat
    2012-07-17 05:44 - 2012-07-17 05:44 - 00214237 ____A C:\Users\Wayne\Desktop\gmer.log
    2012-07-15 07:08 - 2012-02-20 06:53 - 00001067 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2012-07-15 05:32 - 2012-07-15 05:32 - 00000093 ____A C:\Users\Wayne\AppData\Local\fusioncache.dat
    2012-07-12 08:44 - 2012-05-29 10:23 - 00002286 ____A C:\Users\Public\Desktop\Google Chrome.lnk
    2012-07-11 13:26 - 2012-04-16 22:26 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
    2012-07-11 13:26 - 2011-05-12 22:49 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
    2012-07-11 07:09 - 2009-07-13 20:33 - 00314648 ____A C:\Windows\System32\FNTCACHE.DAT
    2012-07-10 13:22 - 2011-03-23 19:07 - 57442464 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2012-07-03 04:46 - 2011-03-24 12:20 - 00022344 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
    2012-07-02 23:25 - 2011-09-05 01:46 - 00014595 ____A C:\Users\Wayne\Documents\walking on (no more tears).odt
    2012-06-23 00:51 - 2012-05-03 06:21 - 00000930 ____A C:\Users\Public\Desktop\calibre - E-book management.lnk
    2012-06-23 00:49 - 2012-06-23 00:48 - 47520256 ____A C:\Users\Wayne\Downloads\calibre-0.8.57.msi
    2012-06-20 07:51 - 2011-03-24 14:33 - 00000933 ____A C:\Users\Public\Desktop\BitTorrent.lnk
    2012-06-14 12:52 - 2009-07-13 20:53 - 00032620 ____A C:\Windows\Tasks\SCHEDLGU.TXT
    2012-06-12 09:18 - 2012-06-12 09:18 - 00001753 ____A C:\Users\Public\Desktop\iTunes.lnk
    2012-06-11 18:40 - 2012-07-10 13:22 - 02345984 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2012-06-11 01:14 - 2012-06-11 01:14 - 00001815 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
    2012-06-08 20:41 - 2012-07-10 13:18 - 12873728 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
    2012-06-05 21:05 - 2012-07-10 13:18 - 01390080 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
    2012-06-05 21:05 - 2012-07-10 13:18 - 01236992 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
    2012-06-05 21:03 - 2012-07-10 13:18 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
    2012-06-02 14:19 - 2012-06-18 22:38 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
    2012-06-02 14:19 - 2012-06-18 22:38 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
    2012-06-02 14:19 - 2012-06-18 22:38 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
    2012-06-02 14:19 - 2012-06-18 22:38 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
    2012-06-02 14:19 - 2012-06-18 22:38 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
    2012-06-02 14:12 - 2012-06-18 22:38 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
    2012-06-02 14:12 - 2012-06-18 22:38 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
    2012-06-02 06:20 - 2011-03-24 00:04 - 00120235 ____A C:\Windows\DirectX.log
    2012-06-02 06:19 - 2012-06-18 22:38 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
    2012-06-02 06:12 - 2012-06-18 22:38 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
    2012-06-02 01:07 - 2012-07-10 13:23 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2012-06-02 00:43 - 2012-07-10 13:23 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2012-06-02 00:33 - 2012-07-10 13:23 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2012-06-02 00:26 - 2012-07-10 13:23 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2012-06-02 00:25 - 2012-07-10 13:23 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2012-06-02 00:25 - 2012-07-10 13:23 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2012-06-02 00:23 - 2012-07-10 13:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2012-06-02 00:21 - 2012-07-10 13:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2012-06-02 00:20 - 2012-07-10 13:23 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2012-06-02 00:19 - 2012-07-10 13:23 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2012-06-02 00:19 - 2012-07-10 13:23 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2012-06-02 00:17 - 2012-07-10 13:23 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2012-06-02 00:16 - 2012-07-10 13:23 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2012-06-02 00:14 - 2012-07-10 13:23 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2012-06-01 20:45 - 2012-07-10 13:18 - 00134000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
    2012-06-01 20:45 - 2012-07-10 13:18 - 00067440 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
    2012-06-01 20:40 - 2012-07-10 13:18 - 00369336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
    2012-06-01 20:40 - 2012-07-10 13:18 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
    2012-06-01 20:39 - 2012-07-10 13:18 - 00219136 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
    2012-05-29 10:23 - 2012-05-29 10:23 - 00002170 ____A C:\Users\Public\Desktop\Google Earth.lnk
    2012-05-28 23:30 - 2012-01-24 10:51 - 00000935 ____A C:\Users\Public\Desktop\AVG 2012.lnk
    2012-05-15 10:43 - 2011-11-08 09:51 - 00002479 ____A C:\Users\Public\Desktop\Safari.lnk
    2012-04-30 20:44 - 2012-06-13 22:54 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
    2012-04-27 19:17 - 2012-06-13 22:54 - 00183808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
    2012-04-25 20:45 - 2012-06-13 22:54 - 00129536 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
    2012-04-25 20:45 - 2012-06-13 22:54 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
    2012-04-25 20:41 - 2012-06-13 22:54 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
    2012-04-23 20:36 - 2012-06-13 22:54 - 01158656 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
    2012-04-23 20:36 - 2012-06-13 22:54 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
    2012-04-23 20:36 - 2012-06-13 22:54 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll


    ZeroAccess:
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\@
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\L
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\U
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\L\00000004.@
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\L\1afb2d56
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\L\201d3dde
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\U\00000004.@
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\U\00000008.@
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\U\000000cb.@
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\U\80000000.@
    C:\Windows\Installer\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\U\80000032.@

    ZeroAccess:
    C:\Users\Wayne\AppData\Local\{344001ee-42f7-1a2d-a4f0-5a595955afd3}
    C:\Users\Wayne\AppData\Local\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\@
    C:\Users\Wayne\AppData\Local\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\L
    C:\Users\Wayne\AppData\Local\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\n
    C:\Users\Wayne\AppData\Local\{344001ee-42f7-1a2d-a4f0-5a595955afd3}\U

    ZeroAccess:
    C:\Windows\assembly\GAC\Desktop.ini

    ========================= Known DLLs (Whitelisted) ============


    ========================= Bamital & volsnap Check ============

    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe A302BBFF2A7278C0E239EE5D471D86A9 ZeroAccess <==== ATTENTION!.
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK

    ========================= Memory info ======================

    Percentage of memory in use: 13%
    Total physical RAM: 3519.09 MB
    Available physical RAM: 3045.56 MB
    Total Pagefile: 3515.3 MB
    Available Pagefile: 3052.4 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1965.62 MB

    ======================= Partitions =========================

    1 Drive c: () (Fixed) (Total:465.66 GB) (Free:54.56 GB) NTFS
    3 Drive f: () (Removable) (Total:0.94 GB) (Free:0.94 GB) FAT
    4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
    5 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 465 GB 0 B
    Disk 1 Online 961 MB 0 B

    Partitions of Disk 0:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 100 MB 1024 KB
    Partition 2 Primary 465 GB 101 MB

    ==================================================================================

    Disk: 0
    Partition 1
    Type : 07
    Hidden: No
    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 1 Y System Rese NTFS Partition 100 MB Healthy

    ==================================================================================

    Disk: 0
    Partition 2
    Type : 07
    Hidden: No
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 C NTFS Partition 465 GB Healthy

    ==================================================================================

    Partitions of Disk 1:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 960 MB 16 KB

    ==================================================================================

    Disk: 1
    Partition 1
    Type : 06
    Hidden: No
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 F FAT Removable 960 MB Healthy

    ==================================================================================

    ==========================================================

    Last Boot: 2011-12-21 07:14

    ======================= End Of Log ==========================
     
    wayne jones,
    #19
  21. 2012/07/20
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Good :)

    In Vista or Windows 7: Boot to System Recovery Options and run FRST.
    In Windows XP: Please boot to UBCD and run FRST.
    Type the following in the edit box after "Search: ".

    services.exe

    Click Search button and post the log (Search.txt) it makes to your reply.
     
    broni,
    #20
Page 1 of 2

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...