PDA

View Full Version : Dns problem (Inactive)



RootEnabled
2009-08-05, 21:27
Hi. I hope anyone could help me, my dns setting keep changing and I cant figure out what the problem is. But i sure look like the comp have been hijacked. I've scan with

Norton



Kaspersky



Malwarebytes



SUPERAntiSpyware



Bitdefender


But come up with nothing.
I would appreciate you assistent. Thank you in advance.


HijackThis log below.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:25:39, on 2009-08-05
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\cmd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Sandboxie\SandboxieCrypto.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell.se.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe.bak"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office2000\Office\OSA9.EXE
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = nilpan.se
O17 - HKLM\Software\..\Telephony: DomainName = nilpan.se
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B047C8A-92C4-4374-BA99-42FB7DD86EED}: NameServer = 195.68.103.130 195.58.103.18
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = home
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = home
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: James Mail Server (James next-major) - Unknown owner - D:\server-apps\james-server-3.0\james-server-3.0-SNAPSHOT\bin\Wrapper.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

katana
2009-08-07, 15:50
Please note that all instructions given are customised for this computer only,
the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:
Please Read All Instructions Carefully
If you don't understand something, stop and ask! Don't keep going on.
Please do not run any other tools or scans whilst I am helping you
Failure to reply within 5 days will result in the topic being closed.
Please continue to respond until I give you the "All Clear"
(Just because you can't see a problem doesn't mean it isn't there)

If you can do those few things, everything should go smoothly http://www.countingcows.de/laechel.gif

Some of the logs I request will be quite large, You may need to split them over a couple of replies.

Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe
----------------------------------------------------------------------------------------



Download and Run RSIT

Please download Random's System Information Tool by random/random from here (http://images.malwareremoval.com/random/RSIT.exe) and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open:

log.txt will be opened maximized.
info.txt will be opened minimized.

Please post the contents of both log.txt and info.txt.
( They can also be found in the C:\RSIT folder )


Please Download GMER to your desktop

Download GMER (http://www.gmer.net/gmer.zip) and extract it to your desktop.

***Please close any open programs ***

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised by a trained Security Analyst

If possible rootkit activity is found, you will be asked if you would like to perform a full scan. Click Yes.

Once the scan is complete, you may receive another notice about rootkit activity.
Click OK.

GMER will produce a log. Click on the Save button, and save the log as gmer.txt somewhere you can easily find it, such as your desktop.
If you do not receive notice about possible rootkit activity remain on the Rootkit/Malware tab & make sure the 'Show All' button is unticked. Click the Scan button and let the program do its work. GMER will produce a log.
Click on the Save button, and save the log as gmer.txt somewhere you can easily find it, such as your desktop.


DO NOT touch the PC at ALL for Whatever reason/s until it has 100% completed its scan, or attempted scan in case of some error etc !


----------------------------------------------------------------------------------------
Logs/Information to Post in Reply
Please post the following logs/Information in your reply
Some of the logs I request will be quite large, You may need to split them over a couple of replies.

RSIT Logs
GMER Log

RootEnabled
2009-08-09, 04:37
info.txt logfile of random's system information tool 1.06 2009-08-09 03:29:33

======Uninstall list======

7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.1.3 - Svenska-->MsiExec.exe /I{AC76BA86-7AD7-1053-7B44-A91000000001}
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x9
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Dell Edoc Viewer-->MsiExec.exe /I{3138EAD3-700B-4A10-B617-B3F8096EE30D}
Dell Resource CD-->MsiExec.exe /X{42929F0F-CE14-47AF-9FC7-FF297A603021}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Java(TM) 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
JGsoft RegexBuddy 3 v.3.2.1-->C:\Windows\UnDeployV.exe "C:\Program Files\JGsoft\RegexBuddy3\Deploy.log"
Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
K-Lite Mega Codec Pack 4.9.5-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - sve-->MsiExec.exe /I{7D7152AF-581B-316F-8CA4-15342C3EFA4B}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2000 SR-1 Standard-->MsiExec.exe /I{0002041D-78E1-11D2-B60F-006097C998E7}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /I{299CF645-48C7-4FA1-8BCD-5CE200CF180D}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\2454B0AB\16.5.0.134\InstStub.exe /X
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x001d -removeonly
Realtek Ethernet Network Card Diagnostic tool for Windows Vista-->C:\Program Files\InstallShield Installation Information\{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Roxio Creator Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
Roxio Creator Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
Roxio Creator Data-->MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693}
Roxio Creator DE-->C:\ProgramData\Uninstall\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}\setup.exe /x {09760D42-E223-42AD-8C3E-55B47D0DDAC3}
Roxio Creator DE-->MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB}
Roxio Creator Tools-->MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Sandboxie 3.38-->"C:\Windows\Installer\SandboxieInstall.exe" /remove
Språkpaket för Microsoft .NET Framework 3.5 SP 1 - sve-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - sve\setup.exe
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Windows Live Call-->MsiExec.exe /I{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{D9D754A1-EAC5-406C-A28B-C49B1E846711}
Windows Live Mail-->MsiExec.exe /I{63C1109E-D977-49ED-BCE3-D00D0BF187D6}
Windows Live Messenger-->MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
Windows Live Photo Gallery-->MsiExec.exe /X{F73A5B18-EB75-4B2C-B32D-9457576E2417}
Windows Live Sync-->MsiExec.exe /X{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}
Windows Live Toolbar-->MsiExec.exe /X{2B4C7E1E-E446-4740-ADB5-9842E742EE8A}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Writer-->MsiExec.exe /X{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}
VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe
XML Notepad 2007-->MsiExec.exe /I{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}

======Hosts File======

127.0.0.1 mail.nk.nilpan.se

======Security center information======

AS: Spybot - Search and Destroy
AS: Windows Defender
AS: SUPERAntiSpyware

======System event log======

Computer Name: noname
Event Code: 10010
Message: Servern {0002DF01-0000-0000-C000-000000000046} registrerades inte med DCOM inom erforderlig timeout.
Record Number: 430685
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090808075428.000000-000
Event Type: Fel
User:

Computer Name: noname
Event Code: 10005
Message: DCOM fick felet "1053" vid försök att starta tjänsten WSearch med argumenten "" för att köra servern:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Record Number: 430691
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090808080741.000000-000
Event Type: Fel
User:

Computer Name: noname
Event Code: 7009
Message: En timeout (30000 ms) inträffade vid väntan på att tjänsten Windows Search skulle ansluta.
Record Number: 430692
Source Name: Service Control Manager
Time Written: 20090808080741.000000-000
Event Type: Fel
User:

Computer Name: noname
Event Code: 7000
Message: Tjänsten Windows Search kunde inte startas på grund av följande fel:
Tjänsten svarade inte på start- eller kontrollbegäran i tid.
Record Number: 430693
Source Name: Service Control Manager
Time Written: 20090808080741.000000-000
Event Type: Fel
User:

Computer Name: noname
Event Code: 4227
Message: TCP/IP kunde inte upprätta en utgående anslutning eftersom den valda lokala slutpunkten nyligen användes för att ansluta till samma fjärrslutpunkt. Detta fel uppstår vanligen när utgående anslutningar öppnas och stängs i hög takt, något som leder till att alla tillgängliga lokala portar blir upptagna, vilket tvingar TCP/IP att återanvända en lokal port för en utgående anslutning. För att minska risken för datafel, kräver TCP/IP-standarden att det förflyter en viss tid mellan de många anslutningarna från en viss lokal slutpunkt till en viss given fjärrslutpunkt.
Record Number: 430741
Source Name: Tcpip
Time Written: 20090808235312.605538-000
Event Type: Varning
User:

=====Application event log=====

Computer Name: noname
Event Code: 1002
Message: Programmet iexplore.exe, version 8.0.6001.18813, avslutades eftersom det slutade att samverka med Windows. Ytterligare information kan finnas i problemhistoriken på kontrollpanelen för Problemrapporter och lösningar. Process-ID: 1010 Starttid: 01ca1847a3bbfd57 Avslutningstid: 0
Record Number: 5293
Source Name: Application Hang
Time Written: 20090808235456.000000-000
Event Type: Fel
User:

Computer Name: noname
Event Code: 1010
Message: Insamlingsproceduren för tjänsten EmdCache i DLL-filen C:\Windows\system32\emdmgmt.dll skapade ett undantagsfel eller returnerade felaktig status. Prestandadata som returnerades av DLL-filen returneras inte till prestandadatablocket. Undantags- eller statuskoden anges av datasektionens första fyra byte (DWORD).
Record Number: 5294
Source Name: Microsoft-Windows-Perflib
Time Written: 20090809012030.000000-000
Event Type: Fel
User:

Computer Name: noname
Event Code: 1000
Message: Felet uppstod i programmet HelpPane.exe, version 6.0.6001.18000, tidsstämpel 0x4791945e, felet uppstod i modulen ntdll.dll, version 6.0.6001.18000, tidsstämpel 0x4791a7a6, undantagskod 0xc0000022, felförskjutning 0x00009cac, process-ID 0x1688, programmets starttid 0x01ca1890281a1bc7.
Record Number: 5295
Source Name: Application Error
Time Written: 20090809012436.000000-000
Event Type: Fel
User:

Computer Name: noname
Event Code: 1000
Message: Felet uppstod i programmet HelpPane.exe, version 6.0.6001.18000, tidsstämpel 0x4791945e, felet uppstod i modulen ntdll.dll, version 6.0.6001.18000, tidsstämpel 0x4791a7a6, undantagskod 0xc0000022, felförskjutning 0x00009cac, process-ID 0x2b8c, programmets starttid 0x01ca18903c771f07.
Record Number: 5296
Source Name: Application Error
Time Written: 20090809012510.000000-000
Event Type: Fel
User:

Computer Name: noname
Event Code: 1000
Message: Felet uppstod i programmet HelpPane.exe, version 6.0.6001.18000, tidsstämpel 0x4791945e, felet uppstod i modulen ntdll.dll, version 6.0.6001.18000, tidsstämpel 0x4791a7a6, undantagskod 0xc0000022, felförskjutning 0x00009cac, process-ID 0x2488, programmets starttid 0x01ca18905210b927.
Record Number: 5298
Source Name: Application Error
Time Written: 20090809012546.000000-000
Event Type: Fel
User:

=====Security event log=====

Computer Name: noname
Event Code: 5038
Message: Code Integrity har fastställt att bildens hash för en fil är ogiltig. Filen kan ha skadats av en icke-auktoriserad ändring eller så kan detta tyda på ett fel på diskenheten.

Filnamn: \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys
Record Number: 7906
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090809012844.709538-000
Event Type: Misslyckad granskning
User:

Computer Name: noname
Event Code: 5038
Message: Code Integrity har fastställt att bildens hash för en fil är ogiltig. Filen kan ha skadats av en icke-auktoriserad ändring eller så kan detta tyda på ett fel på diskenheten.

Filnamn: \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys
Record Number: 7907
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090809012844.740738-000
Event Type: Misslyckad granskning
User:

Computer Name: noname
Event Code: 5038
Message: Code Integrity har fastställt att bildens hash för en fil är ogiltig. Filen kan ha skadats av en icke-auktoriserad ändring eller så kan detta tyda på ett fel på diskenheten.

Filnamn: \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys
Record Number: 7908
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090809012844.787538-000
Event Type: Misslyckad granskning
User:

Computer Name: noname
Event Code: 5038
Message: Code Integrity har fastställt att bildens hash för en fil är ogiltig. Filen kan ha skadats av en icke-auktoriserad ändring eller så kan detta tyda på ett fel på diskenheten.

Filnamn: \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys
Record Number: 7909
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090809012844.818738-000
Event Type: Misslyckad granskning
User:

Computer Name: noname
Event Code: 5038
Message: Code Integrity har fastställt att bildens hash för en fil är ogiltig. Filen kan ha skadats av en icke-auktoriserad ändring eller så kan detta tyda på ett fel på diskenheten.

Filnamn: \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys
Record Number: 7910
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090809012844.865538-000
Event Type: Misslyckad granskning
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"DFSTRACINGON"=FALSE
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\10.0\DLLShared\;C:\Program Files\MySQL\MySQL Server 5.1\bin
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=1706
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"USERNAME"=SYSTEM
"windir"=%SystemRoot%

-----------------EOF-----------------

RootEnabled
2009-08-09, 04:40
Logfile of random's system information tool 1.06 (written by random/random)
Run by Hemdator at 2009-08-09 03:28:29
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 221 GB (76%) free of 290 GB
Total RAM: 3070 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:28:45, on 2009-08-09
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\conime.exe
D:\server-apps\ClamAV\clamd.exe
D:\server-apps\mysql-5.1.35-win32\bin\mysqld.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Defender\MSASCui.exe
D:\server-apps\SpamAssassin\spamd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Sandboxie\SandboxieCrypto.exe
C:\Users\Hemdator\Desktop\gmer\gmer.exe
C:\Windows\system32\taskeng.exe
C:\Users\Hemdator\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Hemdator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell.se.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office2000\Office\OSA9.EXE
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = nilpan.se
O17 - HKLM\Software\..\Telephony: DomainName = nilpan.se
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B047C8A-92C4-4374-BA99-42FB7DD86EED}: NameServer = 195.58.103.124 195.58.103.18
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = nilpan.se
O17 - HKLM\System\CS1\Services\Tcpip\..\{6B047C8A-92C4-4374-BA99-42FB7DD86EED}: NameServer = 195.58.103.124 195.58.103.18
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = nilpan.se
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 8621 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Malwarebytes' Scheduled Update for Hemdator.job
C:\Windows\tasks\Norton Internet Security - Hemdator - Fullständig systemsökning.job
C:\Windows\tasks\RtlNICDiagVistaStart.job
C:\Windows\tasks\User_Feed_Synchronization-{2CB804AB-3767-4BF4-9D92-5DBCEF4DB958}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll [2009-06-30 372592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\IPSBHO.DLL [2009-06-30 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-21 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.5.0.134\coIEPlg.dll [2009-06-30 372592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-21 148888]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-06-16 7547424]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-08-03 419088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2009-05-28 380416]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-07-28 1830128]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office2000\Office\OSA9.EXE

C:\Users\Hemdator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-08-09 03:28:29 ----D---- C:\rsit
2009-08-08 19:09:10 ----A---- C:\mail.txt
2009-08-06 18:14:08 ----D---- C:\Program Files\SUPERAntiSpyware
2009-08-06 18:13:36 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-08-06 18:08:56 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-08-06 18:08:56 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-08-06 02:18:29 ----D---- C:\ssl
2009-08-05 23:04:40 ----D---- C:\Windows\LastGood
2009-08-05 23:04:22 ----D---- C:\Users\Hemdator\AppData\Roaming\InstallShield
2009-08-05 20:43:20 ----D---- C:\Rooter$
2009-08-05 19:55:43 ----D---- C:\Program Files\Trend Micro
2009-08-05 18:51:49 ----D---- C:\Windows\BDOSCAN8
2009-08-05 18:30:02 ----SHD---- C:\Config.Msi
2009-08-05 16:14:55 ----D---- C:\Windows\Sun
2009-08-05 15:15:15 ----A---- C:\Windows\ntbtlog.txt
2009-08-05 15:06:04 ----RD---- C:\SDFix
2009-08-05 14:28:14 ----D---- C:\Program Files\IDT
2009-08-05 13:43:43 ----D---- C:\Users\Hemdator\AppData\Roaming\Malwarebytes
2009-08-05 13:43:35 ----D---- C:\ProgramData\Malwarebytes
2009-08-05 13:43:31 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-05 13:25:29 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2009-08-05 13:25:16 ----D---- C:\Users\Hemdator\AppData\Roaming\SUPERAntiSpyware.com
2009-07-29 18:08:37 ----D---- C:\gnuwin32
2009-07-29 00:33:12 ----A---- C:\Windows\system32\mshtml.dll
2009-07-29 00:33:11 ----A---- C:\Windows\system32\wininet.dll
2009-07-29 00:33:11 ----A---- C:\Windows\system32\urlmon.dll
2009-07-29 00:33:11 ----A---- C:\Windows\system32\occache.dll
2009-07-29 00:33:11 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-29 00:33:11 ----A---- C:\Windows\system32\iertutil.dll
2009-07-29 00:33:11 ----A---- C:\Windows\system32\ieframe.dll
2009-07-29 00:33:11 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-29 00:33:10 ----A---- C:\Windows\system32\msfeedssync.exe
2009-07-29 00:33:10 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-07-29 00:33:10 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-29 00:33:10 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-29 00:33:10 ----A---- C:\Windows\system32\ieui.dll
2009-07-29 00:33:10 ----A---- C:\Windows\system32\iesysprep.dll
2009-07-29 00:33:10 ----A---- C:\Windows\system32\iesetup.dll
2009-07-29 00:33:10 ----A---- C:\Windows\system32\iernonce.dll
2009-07-29 00:33:10 ----A---- C:\Windows\system32\iepeers.dll
2009-07-29 00:33:10 ----A---- C:\Windows\system32\ie4uinit.exe
2009-07-28 02:13:30 ----D---- C:\temp
2009-07-25 00:03:04 ----D---- C:\ProgramData\Adobe
2009-07-25 00:03:01 ----D---- C:\Program Files\Common Files\Adobe
2009-07-25 00:03:01 ----D---- C:\Program Files\Adobe
2009-07-25 00:01:36 ----D---- C:\ProgramData\NOS
2009-07-25 00:01:36 ----D---- C:\Program Files\NOS
2009-07-22 13:44:32 ----A---- C:\chp.exe
2009-07-22 13:39:20 ----SH---- C:\desktop.ini
2009-07-22 13:36:41 ----A---- C:\KeepAlive.bat
2009-07-21 16:02:18 ----D---- C:\Users\Hemdator\AppData\Roaming\BitTorrent
2009-07-21 16:02:05 ----D---- C:\Program Files\BitTorrent
2009-07-18 21:17:48 ----RD---- C:\Program Files\Norton Support
2009-07-17 12:28:17 ----D---- C:\Users\Hemdator\AppData\Roaming\Google
2009-07-17 09:53:03 ----D---- C:\Program Files\coverXP
2009-07-15 14:52:54 ----A---- C:\Windows\system32\t2embed.dll
2009-07-15 14:52:53 ----A---- C:\Windows\system32\fontsub.dll
2009-07-15 14:52:53 ----A---- C:\Windows\system32\dciman32.dll
2009-07-15 14:52:53 ----A---- C:\Windows\system32\atmfd.dll
2009-07-14 13:09:23 ----D---- C:\Users\Hemdator\AppData\Roaming\Playrix Entertainment
2009-07-14 13:09:13 ----D---- C:\ProgramData\Google
2009-07-14 13:09:09 ----D---- C:\Program Files\Google
2009-07-14 13:09:02 ----D---- C:\Users\Hemdator\AppData\Roaming\Zylom
2009-07-14 06:45:25 ----D---- C:\Spool
2009-07-13 23:06:51 ----D---- C:\Users\Hemdator\AppData\Roaming\JGsoft
2009-07-13 17:30:14 ----D---- C:\Program Files\JGsoft
2009-07-13 17:30:14 ----A---- C:\Windows\UnDeployV.exe
2009-07-13 16:07:54 ----A---- C:\Windows\ODBC.INI
2009-07-13 16:06:02 ----D---- C:\Users\Hemdator\AppData\Roaming\Microsoft Web Folders
2009-07-13 16:06:02 ----D---- C:\Program Files\Microsoft Office2000
2009-07-11 21:52:24 ----D---- C:\Program Files\Lexmark
2009-07-11 21:51:45 ----D---- C:\Program Files\LexmarkX83
2009-07-11 20:39:40 ----A---- C:\Windows\unvise32.exe

======List of files/folders modified in the last 1 months======

2009-08-09 03:28:31 ----D---- C:\Windows\Temp
2009-08-09 03:26:37 ----D---- C:\Windows
2009-08-09 03:26:37 ----A---- C:\Windows\Sandboxie.ini
2009-08-08 21:01:10 ----D---- C:\Windows\Prefetch
2009-08-08 10:13:09 ----SHD---- C:\Windows\Installer
2009-08-08 10:07:35 ----D---- C:\Windows\System32
2009-08-08 00:00:30 ----SHD---- C:\System Volume Information
2009-08-07 23:44:51 ----D---- C:\Windows\tracing
2009-08-06 22:28:58 ----RD---- C:\Program Files
2009-08-06 18:13:36 ----D---- C:\Program Files\Common Files
2009-08-06 18:08:56 ----HD---- C:\ProgramData
2009-08-05 23:04:42 ----D---- C:\Windows\system32\drivers
2009-08-05 23:04:40 ----D---- C:\Windows\system32\catroot
2009-08-05 23:04:40 ----D---- C:\Windows\inf
2009-08-05 23:04:28 ----HD---- C:\Program Files\InstallShield Installation Information
2009-08-05 23:04:28 ----D---- C:\Program Files\Realtek
2009-08-05 21:35:16 ----D---- C:\Program Files\Common Files\microsoft shared
2009-08-05 18:51:51 ----SD---- C:\Windows\Downloaded Program Files
2009-08-05 18:12:18 ----D---- C:\Windows\Tasks
2009-08-05 18:11:52 ----D---- C:\Windows\system32\Tasks
2009-07-31 18:05:28 ----D---- C:\ProgramData\Microsoft Help
2009-07-29 03:05:39 ----D---- C:\Windows\system32\migration
2009-07-29 03:05:39 ----D---- C:\Program Files\Internet Explorer
2009-07-29 03:00:28 ----D---- C:\Windows\winsxs
2009-07-29 00:32:16 ----D---- C:\Windows\system32\catroot2
2009-07-26 13:18:51 ----D---- C:\Users\Hemdator\AppData\Roaming\Adobe
2009-07-22 12:18:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-07-20 23:37:08 ----D---- C:\Windows\system32\WDI
2009-07-16 17:31:59 ----D---- C:\Windows\twain_32
2009-07-16 08:52:04 ----D---- C:\Program Files\Windows Mail
2009-07-14 13:09:21 ----D---- C:\Users\Hemdator\AppData\Roaming\Identities
2009-07-13 16:08:10 ----SD---- C:\Users\Hemdator\AppData\Roaming\Microsoft
2009-07-13 16:06:54 ----D---- C:\Windows\ShellNew
2009-07-13 16:06:34 ----D---- C:\Windows\Help
2009-07-13 16:06:33 ----D---- C:\Windows\MSAgent
2009-07-13 16:01:33 ----D---- C:\Windows\system
2009-07-11 21:53:28 ----A---- C:\Windows\ACMonitor_X83.ini
2009-07-10 11:03:46 ----D---- C:\Windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 BHDrvx86;Symantec Heuristics Driver; \??\C:\Windows\system32\drivers\NIS\1005000.086\BHDrvx86.sys [2009-06-30 258608]
R1 ccHP;Symantec Hash Provider; \??\C:\Windows\system32\drivers\NIS\1005000.086\ccHPx86.sys [2009-06-30 482352]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-07-05 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090730.003\IDSvix86.sys [2009-07-11 293424]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\Windows\system32\drivers\NIS\1005000.086\SRTSPX.SYS [2009-06-30 43696]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-06-30 25136]
R1 SYMTDI;Symantec Network Dispatch Driver; \??\C:\Windows\system32\drivers\NIS\1005000.086\SYMTDI.SYS [2009-06-30 217392]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2008-07-21 27648]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-06-13 3592704]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-07-05 101936]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-06-16 2375776]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2009-08-03 19096]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090808.003\NAVENG.SYS [2009-07-13 87888]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090808.003\NAVEX15.SYS [2009-07-13 875728]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-06-10 123904]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2009-07-28 7408]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2009-05-28 108032]
R3 SRTSP;Symantec Real Time Storage Protection; \??\C:\Windows\system32\drivers\NIS\1005000.086\SRTSP.SYS [2009-06-30 307760]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-06-30 124464]
R3 SYMFW;Symantec Network Filter Driver; \??\C:\Windows\system32\drivers\NIS\1005000.086\SYMFW.SYS [2009-06-30 89776]
R3 SYMNDISV;Symantec Network Filter Driver; \??\C:\Windows\system32\drivers\NIS\1005000.086\SYMNDISV.SYS [2009-06-30 39984]
S2 BulkUsb;Genesys Logic USB Scanner Controller NT 5.0; C:\Windows\System32\Drivers\usbscan.sys [2008-01-21 35328]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2009-03-18 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 inyafakj;inyafakj; \??\C:\Users\Hemdator\AppData\Local\Temp\inyafakj.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-06-13 3592704]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2008-07-15 312344]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe [2009-03-31 81920]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-06-13 675840]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-08-03 232720]
R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.5.0.134\ccSvcHst.exe [2009-06-30 115560]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2009-05-28 53760]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2008-03-24 74384]

-----------------EOF-----------------

katana
2009-08-09, 12:33
Do you have the GMER log ?

RootEnabled
2009-08-09, 13:24
sry for the delay..here y go.





SSDT 86774D60 ZwAlertResumeThread
SSDT 86773568 ZwAlertThread
SSDT 8673C138 ZwAllocateVirtualMemory
SSDT 86700AB0 ZwAlpcConnectPort
SSDT 8667ACA0 ZwAssignProcessToJobObject
SSDT 867A31A0 ZwCreateMutant
SSDT 867A0AC0 ZwCreateSymbolicLinkObject
SSDT 86681D40 ZwCreateThread
SSDT 86734150 ZwDebugActiveProcess
SSDT 866F39D0 ZwDuplicateObject
SSDT 8673D768 ZwFreeVirtualMemory
SSDT 867AC148 ZwImpersonateAnonymousToken
SSDT 867A6140 ZwImpersonateThread
SSDT 86700A38 ZwLoadDriver
SSDT 8673D6C8 ZwMapViewOfSection
SSDT 867AB148 ZwOpenEvent
SSDT 866F4558 ZwOpenProcess
SSDT 866F2E08 ZwOpenProcessToken
SSDT 867C1300 ZwOpenSection
SSDT 86684F60 ZwOpenThread
SSDT 8673EA68 ZwProtectVirtualMemory
SSDT 8664C6D8 ZwResumeThread
SSDT 866293D0 ZwSetContextThread
SSDT 8673D2C0 ZwSetInformationProcess
SSDT 867C2140 ZwSetSystemInformation
SSDT 8685C148 ZwSuspendProcess
SSDT 866FB900 ZwSuspendThread
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys ZwTerminateProcess [0xA05B5DF0]
SSDT 86BC9030 ZwTerminateThread
SSDT 86628618 ZwUnmapViewOfSection
SSDT 8673DCF0 ZwWriteVirtualMemory
SSDT 867A1928 ZwCreateThreadEx

---- Kernel code sections - GMER 1.0.15 ----

.text win32k.sys!EngCombineRgn + 3161 9C0DF8F9 5 Bytes JMP 882F86B0
.text win32k.sys!EngGradientFill + 7E1F 9C131E7F 5 Bytes JMP 882F8610

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!LdrLoadDll 779A7933 5 Bytes JMP 7D243080 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!RtlGetCurrentDirectory_U 779AA5D3 5 Bytes JMP 7D233A90 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!RtlSetCurrentDirectory_U 779AA664 5 Bytes JMP 7D233D00 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!RtlCreateProcessParametersEx 779B4D11 5 Bytes JMP 7D2442C0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!RtlQueryElevationFlags 779B6F68 5 Bytes JMP 7D24C6F0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!LdrUnloadDll 779BE89C 5 Bytes JMP 7D243100 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtAdjustPrivilegesToken 779D7D08 5 Bytes JMP 7D24C6B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtAlpcConnectPort 779D7D98 5 Bytes JMP 7D23EB90 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtAlpcCreatePort 779D7DA8 5 Bytes JMP 7D23D310 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtAlpcQueryInformation 779D7E78 5 Bytes JMP 7D23D490 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtAlpcQueryInformationMessage 779D7E88 5 Bytes JMP 7D23D4C0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtClose 779D7F48 5 Bytes JMP 7D233770 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtConnectPort 779D7FA8 5 Bytes JMP 7D23E6F0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtCreateEvent 779D7FE8 5 Bytes JMP 7D23D500 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtCreateFile 779D8008 5 Bytes JMP 7D233F80 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtCreateKey 779D8048 5 Bytes JMP 7D240FC0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtCreateMailslotFile 779D8068 5 Bytes JMP 7D231A40 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtCreateMutant 779D8078 5 Bytes JMP 7D23D850 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtCreateNamedPipeFile 779D8088 5 Bytes JMP 7D231BE0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtCreatePort 779D80B8 5 Bytes JMP 7D23D190 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtCreateSection 779D80F8 5 Bytes JMP 7D23DF00 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtCreateSemaphore 779D8108 5 Bytes JMP 7D23DBB0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtDeleteFile 779D83E8 5 Bytes JMP 7D22F6F0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtDeleteKey 779D83F8 5 Bytes JMP 7D241A00 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtDeleteValueKey 779D8428 5 Bytes JMP 7D2426E0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtDuplicateObject 779D8458 5 Bytes JMP 7D24C340 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtEnumerateKey 779D8498 5 Bytes JMP 7D241D80 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtEnumerateValueKey 779D84C8 5 Bytes JMP 7D242320 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtFsControlFile 779D85A8 5 Bytes JMP 7D233490 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtLoadDriver 779D8698 5 Bytes JMP 7D242EA0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtNotifyChangeKey 779D8798 5 Bytes JMP 7D240DB0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtNotifyChangeMultipleKeys 779D87A8 5 Bytes JMP 7D240500 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtOpenEvent 779D87C8 5 Bytes JMP 7D23D6A0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtOpenFile 779D87E8 5 Bytes JMP 7D234EA0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtOpenKey 779D8818 5 Bytes JMP 7D241980 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtOpenMutant 779D8838 5 Bytes JMP 7D23DA00 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtOpenProcess 779D8868 5 Bytes JMP 7D24C280 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtOpenSection 779D8898 5 Bytes JMP 7D23E0E0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtOpenSemaphore 779D88A8 5 Bytes JMP 7D23DD50 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtOpenThread 779D88D8 5 Bytes JMP 7D24C2E0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtQueryAttributesFile 779D8988 5 Bytes JMP 7D22F690 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtQueryDirectoryFile 779D89E8 5 Bytes JMP 7D234B40 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtQueryFullAttributesFile 779D8A38 5 Bytes JMP 7D231220 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtQueryInformationFile 779D8A58 5 Bytes JMP 7D232C40 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtQueryInformationToken 779D8AA8 5 Bytes JMP 7D24C5F0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtQueryKey 779D8AE8 5 Bytes JMP 7D241A20 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtQueryMultipleValueKey 779D8AF8 5 Bytes JMP 7D2424B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtQuerySecurityObject 779D8B78 5 Bytes JMP 7D24C410 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtQuerySystemInformation 779D8BC8 5 Bytes JMP 7D24F340 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtQueryValueKey 779D8C08 5 Bytes JMP 7D242150 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtQueryVolumeInformationFile 779D8C28 5 Bytes JMP 7D233D80 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtReadFile 779D8C68 5 Bytes JMP 7D22D600 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtRenameKey 779D8CF8 5 Bytes JMP 7D240250 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtSaveKey 779D8DF8 5 Bytes JMP 7D250190 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtSecureConnectPort 779D8E28 5 Bytes JMP 7D23E920 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtSetInformationFile 779D8F18 5 Bytes JMP 7D2349E0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtSetInformationToken 779D8F78 5 Bytes JMP 7D24C670 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtSetSecurityObject 779D8FE8 5 Bytes JMP 7D24C530 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtSetValueKey 779D9088 5 Bytes JMP 7D240C60 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!NtWriteFile 779D9278 5 Bytes JMP 7D22D6F0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!RtlGetFullPathName_U 779EAC1F 5 Bytes JMP 7D22E4C0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ntdll.dll!RtlCreateProcessParameters 77A16D0C 5 Bytes JMP 7D244280 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] kernel32.dll!CreateProcessW 77141C01 5 Bytes JMP 7D245B70 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] kernel32.dll!CreateProcessA 77141C36 5 Bytes JMP 7D245190 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] kernel32.dll!CreateActCtxA 7714828B 5 Bytes JMP 7D250350 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] kernel32.dll!WaitNamedPipeW 7714D2B3 5 Bytes JMP 7D22F930 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] kernel32.dll!SetConsoleTitleW 7714F12F 5 Bytes JMP 7D235E60 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] kernel32.dll!CreateActCtxW 7715D0B2 5 Bytes JMP 7D250330 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] kernel32.dll!MoveFileWithProgressW 7716104C 5 Bytes JMP 7D2319D0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] kernel32.dll!GetConsoleScreenBufferInfoEx + EB 771630BE 7 Bytes JMP 05670034
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] kernel32.dll!GetModuleFileNameW 771858E5 5 Bytes JMP 7D242D90 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] kernel32.dll!WinExec 771D54FF 5 Bytes JMP 7D245200 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] kernel32.dll!SetConsoleTitleA 771E5FFD 5 Bytes JMP 7D235EB0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] kernel32.dll!SetLocaleInfoA 771EB8FF 5 Bytes JMP 7D24F320 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] kernel32.dll!SetLocaleInfoW 771ED125 5 Bytes JMP 7D24F320 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!RegisterServiceCtrlHandlerA 76172E78 5 Bytes JMP 7D247C20 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!ReportEventA 7617888D 5 Bytes JMP 7D247F30 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!RegisterServiceCtrlHandlerExW 7617C7B3 5 Bytes JMP 7D247C40 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!StartServiceCtrlDispatcherW 7617D8C3 5 Bytes JMP 7D249140 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!RegisterServiceCtrlHandlerW 7617DDB0 5 Bytes JMP 7D247C20 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!SetServiceStatus 7617E0C5 5 Bytes JMP 7D247DE0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!StartServiceW 76182A49 5 Bytes JMP 7D24A500 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!ReportEventW 761843DB 5 Bytes JMP 7D247F30 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!RegisterEventSourceW 7618748D 5 Bytes JMP 7D247E90 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!RegisterEventSourceA 76188696 5 Bytes JMP 7D247EB0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!DeregisterEventSource 76189AA5 5 Bytes JMP 7D247F10 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!OpenSCManagerA 7618A275 5 Bytes JMP 7D247F50 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!OpenServiceA 7618A383 5 Bytes JMP 7D24A810 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!CreateProcessAsUserW 7618A8F5 5 Bytes JMP 7D245750 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!QueryServiceConfigW 7618C115 5 Bytes JMP 7D249740 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!QueryServiceConfigA 7618C5E5 5 Bytes JMP 7D249850 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!LookupAccountNameW 7618CB6C 5 Bytes JMP 7D2270E0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!QueryServiceStatusEx 7618EBF9 5 Bytes JMP 7D249640 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!OpenSCManagerW 7618EECF 5 Bytes JMP 7D247F50 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!OpenServiceW 7618FFC3 5 Bytes JMP 7D24A740 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!CloseServiceHandle 761900CD 5 Bytes JMP 7D249180 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!QueryServiceStatus 7619038E 5 Bytes JMP 7D2496D0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!RegisterServiceCtrlHandlerExA 761B109C 5 Bytes JMP 7D247C40 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!StartServiceA 761B10DB 5 Bytes JMP 7D24A5B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!EnumServicesStatusExW 761B3832 5 Bytes JMP 7D24ACE0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!CreateServiceW 761B38FF 5 Bytes JMP 7D24AD80 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!ControlService 761B3B2D 5 Bytes JMP 7D24A5C0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!DeleteService 761B3BEE 5 Bytes JMP 7D24A3D0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!RegConnectRegistryW 761B4C04 5 Bytes JMP 7D2271B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!GetServiceDisplayNameW 761B4D47 5 Bytes JMP 7D249C50 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!GetServiceKeyNameW 761B4DFC 5 Bytes JMP 7D249DB0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!EnumServicesStatusExA 761B4FB3 5 Bytes JMP 7D24AD30 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!CreateProcessAsUserA 761D48A6 5 Bytes JMP 7D244E40 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!CredWriteA 761D9EF1 5 Bytes JMP 7D22A640 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!CredWriteW 761D9FB1 5 Bytes JMP 7D229FF0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!CredReadA 761DA071 5 Bytes JMP 7D22A700 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!CredReadW 761DA161 5 Bytes JMP 7D22A080 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!CredEnumerateA 761DA251 5 Bytes JMP 7D22A760 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!CredEnumerateW 761DA359 5 Bytes JMP 7D22A3E0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!CredWriteDomainCredentialsA 761DA461 5 Bytes JMP 7D22A670 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!CredWriteDomainCredentialsW 761DA549 5 Bytes JMP 7D22A160 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!CredReadDomainCredentialsA 761DA631 5 Bytes JMP 7D22A730 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!CredReadDomainCredentialsW 761DA739 5 Bytes JMP 7D22A250 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!CredDeleteA 761DA841 5 Bytes JMP 7D22A6D0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!CredDeleteW 761DA8F9 5 Bytes JMP 7D22A390 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!CredRenameA 761DA9B1 5 Bytes JMP 7D22A610 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!RegConnectRegistryA 761F29C1 5 Bytes JMP 7D227170 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!EnumServicesStatusA 761F6517 5 Bytes JMP 7D24ACA0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!QueryServiceObjectSecurity 761F65F1 5 Bytes JMP 7D2489B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!SetServiceObjectSecurity 761F66A9 5 Bytes JMP 7D248AE0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!ChangeServiceConfigA 761F67A9 5 Bytes JMP 7D24A1C0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!ChangeServiceConfigW 761F6951 5 Bytes JMP 7D249FD0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!ChangeServiceConfig2A 761F6A69 5 Bytes JMP 7D24A380 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!ChangeServiceConfig2W 761F6BB1 5 Bytes JMP 7D24A380 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!CreateServiceA 761F6C71 5 Bytes JMP 7D24B070 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!EnumDependentServicesA 761F6ED5 5 Bytes JMP 7D247B00 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!EnumDependentServicesW 761F6FA9 5 Bytes JMP 7D247B00 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!GetServiceDisplayNameA 761F7081 5 Bytes JMP 7D249CF0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!GetServiceKeyNameA 761F7129 5 Bytes JMP 7D249EB0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!LockServiceDatabase 761F71D1 5 Bytes JMP 7D247B30 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!QueryServiceConfig2A 761F7261 5 Bytes JMP 7D249AE0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!QueryServiceConfig2W 761F73E9 5 Bytes JMP 7D249A10 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!QueryServiceLockStatusA 761F7571 5 Bytes JMP 7D247AB0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!QueryServiceLockStatusW 761F7619 5 Bytes JMP 7D247AB0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!UnlockServiceDatabase 761F76C1 5 Bytes JMP 7D247B60 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!EnumServicesStatusW 761F7931 5 Bytes JMP 7D24AC60 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ADVAPI32.dll!StartServiceCtrlDispatcherA 761F7C16 5 Bytes JMP 7D249160 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!RegisterDeviceNotificationA 76596076 5 Bytes JMP 7D235F80 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!UnregisterDeviceNotification 76596107 5 Bytes JMP 7D247F10 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!RegisterClassExA 7659618B 5 Bytes JMP 7D238380 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!GetClassNameA 765965A4 5 Bytes JMP 7D238990 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!EnumDesktopWindows 7659799A 5 Bytes JMP 7D238F00 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!SetWindowsHookExW 76597B69 5 Bytes JMP 6FC49521 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!SystemParametersInfoA 76597C90 5 Bytes JMP 7D235FA0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!CallNextHookEx 76598C33 5 Bytes JMP 6FC3CB69 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!SendNotifyMessageW 76598D0D 5 Bytes JMP 7D239F60 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!FindWindowA 76599DB7 5 Bytes JMP 7D2390B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!GetWindowTextW 7659ACC3 5 Bytes JMP 7D235B50 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!UnregisterClassA 7659B614 5 Bytes JMP 7D238650 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!DefDlgProcW 7659BA59 5 Bytes JMP 7D235A70 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!DialogBoxIndirectParamAorW 7659BCE6 5 Bytes JMP 7D23B100 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!DialogBoxIndirectParamW 7659BD25 5 Bytes JMP 6FD43C10 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!EnumChildWindows 7659CAF8 5 Bytes JMP 7D238EA0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!RegisterClassExW 7659EC69 5 Bytes JMP 7D2382B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!RegisterClassW 7659EE3E 5 Bytes JMP 7D238450 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!GetClassInfoW 7659EE84 5 Bytes JMP 7D2387B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!DefWindowProcA 7659F9E1 5 Bytes JMP 7D235A10 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!CreateWindowExA 7659FD5E 5 Bytes JMP 7D236320 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!RegisterClassA 7659FD9A 5 Bytes JMP 7D238520 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!SendMessageA 765A0459 5 Bytes JMP 7D239D30 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!GetClassNameW 765A0513 5 Bytes JMP 7D2388B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!SetWindowLongA 765A0736 5 Bytes JMP 7D2399B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!EnumThreadWindows 765A09B7 5 Bytes JMP 7D238ED0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!GetClassInfoExA 765A0CC1 5 Bytes JMP 7D238730 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!GetClassInfoA 765A0E54 5 Bytes JMP 7D238830 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!GetWindowTextA 765A0F7B 5 Bytes JMP 7D235C50 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!FindWindowExA 765A1001 5 Bytes JMP 7D239230 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!PostMessageA 765A11CE 5 Bytes JMP 7D239FC0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!UnregisterClassW 765A1240 5 Bytes JMP 7D2385F0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!SendMessageTimeoutW 765A1571 5 Bytes JMP 7D239E50 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!EnumWindows 765A1835 5 Bytes JMP 7D238E50 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!RemovePropW 765A1949 5 Bytes JMP 7D239770 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!SetWindowLongW 765A1F35 5 Bytes JMP 7D239910 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!SetPropW 765A246E 5 Bytes JMP 7D2396D0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!CreateWindowExW 765A3D67 5 Bytes JMP 6FC4D3AC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!GetShellWindow 765A49A4 5 Bytes JMP 7D239310 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!DispatchMessageA 765A5A1D 5 Bytes JMP 7D239C20 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!GetClassInfoExW 765A7765 5 Bytes JMP 7D2386B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!SetWindowTextW 765A925B 5 Bytes JMP 7D235D60 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!GetWindowLongA 765A93DA 5 Bytes JMP 7D239880 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!FindWindowW 765A9949 5 Bytes JMP 7D239010 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!SystemParametersInfoW 765A9DBC 5 Bytes JMP 7D235FE0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!PostMessageW 765AA064 5 Bytes JMP 7D23A040 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!GetWindowLongW 765AF67F 5 Bytes JMP 7D2397F0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!DispatchMessageW 765B0051 5 Bytes JMP 7D239C70 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!DefWindowProcW 765B04BD 5 Bytes JMP 7D2359B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!GetPropW 765B075A 5 Bytes JMP 7D239650 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!SendMessageW 765B0AB1 5 Bytes JMP 7D239D90 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!CreateDialogParamA 765B16FD 5 Bytes JMP 7D23B280 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!DialogBoxParamW 765B1FD5 5 Bytes JMP 6FB751FD C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!DefDlgProcA 765B2735 5 Bytes JMP 7D235AE0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!CreateDialogIndirectParamA 765B27CD 5 Bytes JMP 7D23B190 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!CreateDialogIndirectParamW 765B9AFA 5 Bytes JMP 7D23B160 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!SetWindowTextA 765BA7D9 5 Bytes JMP 7D235DE0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!SetPropA 765BB3AC 5 Bytes JMP 7D239720 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!RemovePropA 765BB404 5 Bytes JMP 7D2397B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!GetPropA 765BB99B 5 Bytes JMP 7D239690 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode

RootEnabled
2009-08-09, 13:29
USER32.dll!SetWindowsHookExA 765BBB0E 5 Bytes JMP 7D23A680 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!SendNotifyMessageA 765BE543 5 Bytes JMP 7D239F00 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!UnhookWindowsHookEx 765C08BE 5 Bytes JMP 6FBB43F6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!SendMessageTimeoutA 765C0B27 5 Bytes JMP 7D239DF0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!CreateDialogIndirectParamAorW 765C1C04 5 Bytes JMP 7D23B0A0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!CreateDialogParamW 765C1C58 5 Bytes JMP 7D23B220 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!FindWindowExW 765C2DCA 5 Bytes JMP 7D239180 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!DialogBoxParamA 765D80B2 5 Bytes JMP 6FD43BAD C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!DialogBoxIndirectParamA 765D83DD 5 Bytes JMP 6FD43C73 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!EndTask 765DACCF 5 Bytes JMP 7D235F40 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!ExitWindowsEx 765DB763 5 Bytes JMP 7D235F00 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!MessageBoxIndirectA 765ED471 5 Bytes JMP 6FD43B42 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!MessageBoxIndirectW 765ED56B 5 Bytes JMP 6FD43AD7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!MessageBoxExA 765ED5D1 5 Bytes JMP 6FD43A75 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] USER32.dll!MessageBoxExW 765ED5F5 5 Bytes JMP 6FD43A13 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] GDI32.dll!GdiAddFontResourceW 778AE35B 5 Bytes JMP 7D235350 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] GDI32.dll!CreateScalableFontResourceW 778CC4BB 5 Bytes JMP 7D2353A0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] SHELL32.dll!ShellExecuteExW 7669FFBD 5 Bytes JMP 7D24EE20 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] SHELL32.dll!SHSetInstanceExplorer 767B7741 5 Bytes JMP 7D24F170 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] SHELL32.dll!ShellExecuteEx 76848A6A 5 Bytes JMP 7D24EF60 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ole32.dll!RegisterDragDrop 762559BF 5 Bytes JMP 7D251130 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ole32.dll!OleLoadFromStream 76259726 5 Bytes JMP 6FD43F78 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ole32.dll!CoUnmarshalInterface 7625B7D0 5 Bytes JMP 7D229400 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ole32.dll!CoGetClassObject 76276120 5 Bytes JMP 0567013A
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ole32.dll!CoInitializeEx 7628B89A 5 Bytes JMP 7D251050 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ole32.dll!CoCreateInstance 7628E188 5 Bytes JMP 6FC4D408 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ole32.dll!CoCreateInstanceEx 7628E1CB 5 Bytes JMP 056700B8
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] ole32.dll!RevokeDragDrop 762B81D5 5 Bytes JMP 7D2511B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] Secur32.dll!LsaRegisterLogonProcess 75EC7285 5 Bytes JMP 7D243340 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] WS2_32.dll!WSANSPIoctl 77AB9E1F 5 Bytes JMP 7D243C10 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] CRYPT32.dll!CryptUnprotectData 7596546D 5 Bytes JMP 7D22AAB0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[2584] CRYPT32.dll!CryptProtectData 759656B2 5 Bytes JMP 7D22ACA0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!LdrLoadDll 779A7933 5 Bytes JMP 7D243080 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!RtlGetCurrentDirectory_U 779AA5D3 5 Bytes JMP 7D233A90 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!RtlSetCurrentDirectory_U 779AA664 5 Bytes JMP 7D233D00 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!RtlCreateProcessParametersEx 779B4D11 5 Bytes JMP 7D2442C0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!RtlQueryElevationFlags 779B6F68 5 Bytes JMP 7D24C6F0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!LdrUnloadDll 779BE89C 5 Bytes JMP 7D243100 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtAdjustPrivilegesToken 779D7D08 5 Bytes JMP 7D24C6B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtAlpcConnectPort 779D7D98 5 Bytes JMP 7D23EB90 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtAlpcCreatePort 779D7DA8 5 Bytes JMP 7D23D310 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtAlpcQueryInformation 779D7E78 5 Bytes JMP 7D23D490 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtAlpcQueryInformationMessage 779D7E88 5 Bytes JMP 7D23D4C0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtClose 779D7F48 5 Bytes JMP 7D233770 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtConnectPort 779D7FA8 5 Bytes JMP 7D23E6F0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtCreateEvent 779D7FE8 5 Bytes JMP 7D23D500 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtCreateFile 779D8008 5 Bytes JMP 7D233F80 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtCreateKey 779D8048 5 Bytes JMP 7D240FC0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtCreateMailslotFile 779D8068 5 Bytes JMP 7D231A40 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtCreateMutant 779D8078 5 Bytes JMP 7D23D850 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtCreateNamedPipeFile 779D8088 5 Bytes JMP 7D231BE0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtCreatePort 779D80B8 5 Bytes JMP 7D23D190 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtCreateSection 779D80F8 5 Bytes JMP 7D23DF00 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtCreateSemaphore 779D8108 5 Bytes JMP 7D23DBB0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtDeleteFile 779D83E8 5 Bytes JMP 7D22F6F0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtDeleteKey 779D83F8 5 Bytes JMP 7D241A00 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtDeleteValueKey 779D8428 5 Bytes JMP 7D2426E0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtDuplicateObject 779D8458 5 Bytes JMP 7D24C340 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtEnumerateKey 779D8498 5 Bytes JMP 7D241D80 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtEnumerateValueKey 779D84C8 5 Bytes JMP 7D242320 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtFsControlFile 779D85A8 5 Bytes JMP 7D233490 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtLoadDriver 779D8698 5 Bytes JMP 7D242EA0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtNotifyChangeKey 779D8798 5 Bytes JMP 7D240DB0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtNotifyChangeMultipleKeys 779D87A8 5 Bytes JMP 7D240500 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtOpenEvent 779D87C8 5 Bytes JMP 7D23D6A0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtOpenFile 779D87E8 5 Bytes JMP 7D234EA0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtOpenKey 779D8818 5 Bytes JMP 7D241980 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtOpenMutant 779D8838 5 Bytes JMP 7D23DA00 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtOpenProcess 779D8868 5 Bytes JMP 7D24C280 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtOpenSection 779D8898 5 Bytes JMP 7D23E0E0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtOpenSemaphore 779D88A8 5 Bytes JMP 7D23DD50 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtOpenThread 779D88D8 5 Bytes JMP 7D24C2E0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtQueryAttributesFile 779D8988 5 Bytes JMP 7D22F690 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtQueryDirectoryFile 779D89E8 5 Bytes JMP 7D234B40 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtQueryFullAttributesFile 779D8A38 5 Bytes JMP 7D231220 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtQueryInformationFile 779D8A58 5 Bytes JMP 7D232C40 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtQueryInformationToken 779D8AA8 5 Bytes JMP 7D24C5F0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtQueryKey 779D8AE8 5 Bytes JMP 7D241A20 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtQueryMultipleValueKey 779D8AF8 5 Bytes JMP 7D2424B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtQuerySecurityObject 779D8B78 5 Bytes JMP 7D24C410 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtQuerySystemInformation 779D8BC8 5 Bytes JMP 7D24F340 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtQueryValueKey 779D8C08 5 Bytes JMP 7D242150 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtQueryVolumeInformationFile 779D8C28 5 Bytes JMP 7D233D80 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtReadFile 779D8C68 5 Bytes JMP 7D22D600 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtRenameKey 779D8CF8 5 Bytes JMP 7D240250 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtSaveKey 779D8DF8 5 Bytes JMP 7D250190 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtSecureConnectPort 779D8E28 5 Bytes JMP 7D23E920 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtSetInformationFile 779D8F18 5 Bytes JMP 7D2349E0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtSetInformationToken 779D8F78 5 Bytes JMP 7D24C670 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtSetSecurityObject 779D8FE8 5 Bytes JMP 7D24C530 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtSetValueKey 779D9088 5 Bytes JMP 7D240C60 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!NtWriteFile 779D9278 5 Bytes JMP 7D22D6F0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!RtlGetFullPathName_U 779EAC1F 5 Bytes JMP 7D22E4C0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ntdll.dll!RtlCreateProcessParameters 77A16D0C 5 Bytes JMP 7D244280 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] kernel32.dll!CreateProcessW 77141C01 5 Bytes JMP 7D245B70 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] kernel32.dll!CreateProcessA 77141C36 5 Bytes JMP 7D245190 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] kernel32.dll!CreateActCtxA 7714828B 5 Bytes JMP 7D250350 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] kernel32.dll!WaitNamedPipeW 7714D2B3 5 Bytes JMP 7D22F930 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] kernel32.dll!SetConsoleTitleW 7714F12F 5 Bytes JMP 7D235E60 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] kernel32.dll!CreateActCtxW 7715D0B2 5 Bytes JMP 7D250330 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] kernel32.dll!MoveFileWithProgressW 7716104C 5 Bytes JMP 7D2319D0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] kernel32.dll!GetModuleFileNameW 771858E5 5 Bytes JMP 7D242D90 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] kernel32.dll!WinExec 771D54FF 5 Bytes JMP 7D245200 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] kernel32.dll!SetConsoleTitleA 771E5FFD 5 Bytes JMP 7D235EB0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] kernel32.dll!SetLocaleInfoA 771EB8FF 5 Bytes JMP 7D24F320 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] kernel32.dll!SetLocaleInfoW 771ED125 5 Bytes JMP 7D24F320 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!RegisterServiceCtrlHandlerA 76172E78 5 Bytes JMP 7D247C20 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!ReportEventA 7617888D 5 Bytes JMP 7D247F30 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!RegisterServiceCtrlHandlerExW 7617C7B3 5 Bytes JMP 7D247C40 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!StartServiceCtrlDispatcherW 7617D8C3 5 Bytes JMP 7D249140 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!RegisterServiceCtrlHandlerW 7617DDB0 5 Bytes JMP 7D247C20 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!SetServiceStatus 7617E0C5 5 Bytes JMP 7D247DE0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!StartServiceW 76182A49 5 Bytes JMP 7D24A500 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!ReportEventW 761843DB 5 Bytes JMP 7D247F30 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!RegisterEventSourceW 7618748D 5 Bytes JMP 7D247E90 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!RegisterEventSourceA 76188696 5 Bytes JMP 7D247EB0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!DeregisterEventSource 76189AA5 5 Bytes JMP 7D247F10 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!OpenSCManagerA 7618A275 5 Bytes JMP 7D247F50 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!OpenServiceA 7618A383 5 Bytes JMP 7D24A810 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!CreateProcessAsUserW 7618A8F5 5 Bytes JMP 7D245750 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!QueryServiceConfigW 7618C115 5 Bytes JMP 7D249740 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!QueryServiceConfigA 7618C5E5 5 Bytes JMP 7D249850 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!LookupAccountNameW 7618CB6C 5 Bytes JMP 7D2270E0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!QueryServiceStatusEx 7618EBF9 5 Bytes JMP 7D249640 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!OpenSCManagerW 7618EECF 5 Bytes JMP 7D247F50 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!OpenServiceW 7618FFC3 5 Bytes JMP 7D24A740 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!CloseServiceHandle 761900CD 5 Bytes JMP 7D249180 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!QueryServiceStatus 7619038E 5 Bytes JMP 7D2496D0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!RegisterServiceCtrlHandlerExA 761B109C 5 Bytes JMP 7D247C40 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!StartServiceA 761B10DB 5 Bytes JMP 7D24A5B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!EnumServicesStatusExW 761B3832 5 Bytes JMP 7D24ACE0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!CreateServiceW 761B38FF 5 Bytes JMP 7D24AD80 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!ControlService 761B3B2D 5 Bytes JMP 7D24A5C0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!DeleteService 761B3BEE 5 Bytes JMP 7D24A3D0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!RegConnectRegistryW 761B4C04 5 Bytes JMP 7D2271B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!GetServiceDisplayNameW 761B4D47 5 Bytes JMP 7D249C50 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!GetServiceKeyNameW 761B4DFC 5 Bytes JMP 7D249DB0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!EnumServicesStatusExA 761B4FB3 5 Bytes JMP 7D24AD30 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!CreateProcessAsUserA 761D48A6 5 Bytes JMP 7D244E40 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!CredWriteA 761D9EF1 5 Bytes JMP 7D22A640 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!CredWriteW 761D9FB1 5 Bytes JMP 7D229FF0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!CredReadA 761DA071 5 Bytes JMP 7D22A700 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!CredReadW 761DA161 5 Bytes JMP 7D22A080 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!CredEnumerateA 761DA251 5 Bytes JMP 7D22A760 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!CredEnumerateW 761DA359 5 Bytes JMP 7D22A3E0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!CredWriteDomainCredentialsA 761DA461 5 Bytes JMP 7D22A670 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!CredWriteDomainCredentialsW 761DA549 5 Bytes JMP 7D22A160 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!CredReadDomainCredentialsA 761DA631 5 Bytes JMP 7D22A730 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!CredReadDomainCredentialsW 761DA739 5 Bytes JMP 7D22A250 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!CredDeleteA 761DA841 5 Bytes JMP 7D22A6D0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!CredDeleteW 761DA8F9 5 Bytes JMP 7D22A390 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!CredRenameA 761DA9B1 5 Bytes JMP 7D22A610 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!RegConnectRegistryA 761F29C1 5 Bytes JMP 7D227170 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!EnumServicesStatusA 761F6517 5 Bytes JMP 7D24ACA0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!QueryServiceObjectSecurity 761F65F1 5 Bytes JMP 7D2489B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!SetServiceObjectSecurity 761F66A9 5 Bytes JMP 7D248AE0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!ChangeServiceConfigA 761F67A9 5 Bytes JMP 7D24A1C0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!ChangeServiceConfigW 761F6951 5 Bytes JMP 7D249FD0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!ChangeServiceConfig2A 761F6A69 5 Bytes JMP 7D24A380 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!ChangeServiceConfig2W 761F6BB1 5 Bytes JMP 7D24A380 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!CreateServiceA 761F6C71 5 Bytes JMP 7D24B070 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!EnumDependentServicesA 761F6ED5 5 Bytes JMP 7D247B00 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!EnumDependentServicesW 761F6FA9 5 Bytes JMP 7D247B00 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!GetServiceDisplayNameA 761F7081 5 Bytes JMP 7D249CF0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!GetServiceKeyNameA 761F7129 5 Bytes JMP 7D249EB0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!LockServiceDatabase 761F71D1 5 Bytes JMP 7D247B30 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!QueryServiceConfig2A 761F7261 5 Bytes JMP 7D249AE0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!QueryServiceConfig2W 761F73E9 5 Bytes JMP 7D249A10 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!QueryServiceLockStatusA 761F7571 5 Bytes JMP 7D247AB0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!QueryServiceLockStatusW 761F7619 5 Bytes JMP 7D247AB0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!UnlockServiceDatabase 761F76C1 5 Bytes JMP 7D247B60 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!EnumServicesStatusW 761F7931 5 Bytes JMP 7D24AC60 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] ADVAPI32.dll!StartServiceCtrlDispatcherA 761F7C16 5 Bytes JMP 7D249160 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!RegisterDeviceNotificationA 76596076 5 Bytes JMP 7D235F80 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!UnregisterDeviceNotification 76596107 5 Bytes JMP 7D247F10 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!RegisterClassExA 7659618B 5 Bytes JMP 7D238380 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!GetClassNameA 765965A4 5 Bytes JMP 7D238990 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!EnumDesktopWindows 7659799A 5 Bytes JMP 7D238F00 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!SetWindowsHookExW 76597B69 5 Bytes JMP 7D23A6D0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!SystemParametersInfoA 76597C90 5 Bytes JMP 7D235FA0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!SendNotifyMessageW 76598D0D 5 Bytes JMP 7D239F60 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!FindWindowA 76599DB7 5 Bytes JMP 7D2390B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!GetWindowTextW 7659ACC3 5 Bytes JMP 7D235B50 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!UnregisterClassA 7659B614 5 Bytes JMP 7D238650 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!DefDlgProcW 7659BA59 5 Bytes JMP 7D235A70 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!DialogBoxIndirectParamAorW 7659BCE6 5 Bytes JMP 7D23B100 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!DialogBoxIndirectParamW 7659BD25 5 Bytes JMP 6FD43C10 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!EnumChildWindows 7659CAF8 5 Bytes JMP 7D238EA0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!RegisterClassExW 7659EC69 5 Bytes JMP 7D2382B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!RegisterClassW 7659EE3E 5 Bytes JMP 7D238450 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!GetClassInfoW 7659EE84 5 Bytes JMP 7D2387B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!DefWindowProcA 7659F9E1 5 Bytes JMP 7D235A10 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!CreateWindowExA 7659FD5E 5 Bytes JMP 7D236320 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!RegisterClassA 7659FD9A 5 Bytes JMP 7D238520 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!SendMessageA 765A0459 5 Bytes JMP 7D239D30 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!GetClassNameW 765A0513 5 Bytes JMP 7D2388B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!SetWindowLongA 765A0736 5 Bytes JMP 7D2399B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!EnumThreadWindows 765A09B7 5 Bytes JMP 7D238ED0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!GetClassInfoExA 765A0CC1 5 Bytes JMP 7D238730 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!GetClassInfoA 765A0E54 5 Bytes JMP 7D238830 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!GetWindowTextA 765A0F7B 5 Bytes JMP 7D235C50 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!FindWindowExA 765A1001 5 Bytes JMP 7D239230 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!PostMessageA 765A11CE 5 Bytes JMP 7D239FC0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!UnregisterClassW 765A1240 5 Bytes JMP 7D2385F0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!SendMessageTimeoutW 765A1571 5 Bytes JMP 7D239E50 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!EnumWindows 765A1835 5 Bytes JMP 7D238E50 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!RemovePropW 765A1949 5 Bytes JMP 7D239770 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!SetWindowLongW 765A1F35 5 Bytes JMP 7D239910 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!SetPropW 765A246E 5 Bytes JMP 7D2396D0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!CreateWindowExW 765A3D67 5 Bytes JMP 6FC4D3AC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!GetShellWindow 765A49A4 5 Bytes JMP 7D239310 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!DispatchMessageA 765A5A1D 5 Bytes JMP 7D239C20 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!GetClassInfoExW 765A7765 5 Bytes JMP 7D2386B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!SetWindowTextW 765A925B 5 Bytes JMP 7D235D60 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!GetWindowLongA 765A93DA 5 Bytes JMP 7D239880 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!FindWindowW 765A9949 5 Bytes JMP 7D239010 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!SystemParametersInfoW 765A9DBC 5 Bytes JMP 7D235FE0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!PostMessageW 765AA064 5 Bytes JMP 7D23A040 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!GetWindowLongW 765AF67F 5 Bytes JMP 7D2397F0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!DispatchMessageW 765B0051 5 Bytes JMP 7D239C70 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!DefWindowProcW 765B04BD 5 Bytes JMP 7D2359B0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!GetPropW 765B075A 5 Bytes JMP 7D239650 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!SendMessageW 765B0AB1 5 Bytes JMP 7D239D90 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!CreateDialogParamA 765B16FD 5 Bytes JMP 7D23B280 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
.text C:\Program Files\Internet Explorer\iexplore.exe[3596] USER32.dll!DialogBoxParamW 765B1FD5 5 Bytes JMP 6FB751FD C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft

RootEnabled
2009-08-09, 13:30
USER32.dll!DefDlgProcA 765B2735 5 Bytes JMP 7D235AE0 C:\Program Files\Sandboxie\SbieDll.dll (Sandboxie User Mode DLL/tzuk)
~
Sandboxie User

RootEnabled
2009-08-09, 14:20
I screw that up miserly. produced a fare to large log for being able to post in here, and me for handle. I compressed it and attach it as zip. I hope that works for you. Please Ignore those previest post i did, appreciate all help I'll get.

katana
2009-08-09, 16:26
There is no obvious sign of infection, please can you describe your problem in a bit more detail.



Malwarebytes' Anti-Malware
I notice that you have MBAM installed, please do the following

Start MalwareBytes AntiMalware

Update Malwarebytes' Anti-Malware
Select the Update tab
Click Update

When the update is complete, select the Scanner tab
Select Perform full scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. please copy and paste the log into your next reply
If you accidently close it, the log file is saved here and will be named like this:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt


Kaspersky Online Scanner .
Your Antivirus and/or Antispyware may give a warning during the scan. This is perfectly normal
NOTE:- This scan is best done from IE (Internet Explorer)
NOTE:- Vista users should start IE by Start(Vista Orb) >> Internet Explorer >> Right-Click Run As Admin
Go Here http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html

Read the Requirements and limitations before you click Accept.
Once the database has downloaded, click My Computer in the left pane
Now go and put the kettle on !
When the scan has completed, click Save Report As...
Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.


**Note**

To optimize scanning time and produce a more sensible report for review: Close any open programs.
Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.
Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.

RootEnabled
2009-08-09, 17:54
Hi katana, I pretty secure adware and ushelly have a good feeling when even the tiniest thing changes. This doesnt make me a network expert in anyway, I tell you I'm not. Unforgntly I dont have much to bescrive my problem. I've cleaned out and disabled some toolbars and BHO object and generlly grabage to see if that may to locate the problem. "disable/enable | install/unstall newtork card. Reset winsock and alot dribbling with my network setting DHCP enable/disable tcip over netbios etc. When we here you may tell me what "Symatec Network security Intermediate Filter driver" is. If happens you dont now. Google it, I promise you a nice trip cuz we're not alone AMEN on that. I told my isp technical support my DNS keep changing. "laughed, and said: ohh really" keep changing to a french address. isn't that ironic, it just might me a french hot women on the other side.
Conclusion. -Not much really, you really didnt need to bother read all this in the first place
I've will do what you told me, some of this scanners will take some time. I'll be back. peace and out



Every time I connect: 195.68.103.130
reverse: access103-130.lan-ls.imaginet.fr
report:

inetnum: 195.68.0.0 - 195.68.127.255
netname: UK-COLT-960610
descr: COLT Telecom Group Limited
country: GB # FR
org: ORG-CI9-RIPE
admin-c: CHM4-RIPE
tech-c: CHM4-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: COLT-FR-MNT
mnt-routes: COLT-FR-MNT
source: RIPE # Filtered

organisation: ORG-CI9-RIPE
org-name: COLT Telecom Group Limited
org-type: LIR
address: COLT Telecom Group Limited
Emma Fitzgerald
Beaufort House, 15 St Botolph Street
EC3A 7QN London
UNITED KINGDOM
phone: +44 2073903900
fax-no: +44 2078635610
admin-c: AG7626-RIPE
admin-c: CHM4-RIPE
admin-c: EF139-RIPE
admin-c: FD431-RIPE
admin-c: NG1400-RIPE
admin-c: VT1270-RIPE
mnt-ref: COLT-UK
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
source: RIPE # Filtered

role: COLT Hostmaster
address: COLT Telecommunications
address: Beaufort House
address: 15 St Botolph Street
address: London
address: EC3A 7QN
phone: +44 20 7390 3900
fax-no: +44 20 7863 5610
remarks: trouble: In the first instance email
remarks: trouble: or call +44 (0)800 3583667
remarks: trouble: Abuse queries to
admin-c: FB6824-RIPE
admin-c: EF139-RIPE
admin-c: RW1339-RIPE
tech-c: EF139-RIPE
tech-c: RW1339-RIPE
nic-hdl: CHM4-RIPE
mnt-by: COLT-UK
source: RIPE # Filtered
abuse-mailbox:

route: 195.68.0.0/17
descr: ImagiNET France
origin: AS8220
mnt-by: COLT-FR-MNT
source: RIPE # Filtered

RootEnabled
2009-08-09, 17:56
Hi katana, I pretty secure adware and ushelly have a good feeling when even the tiniest thing changes. This doesnt make me a network expert in anyway, I tell you I'm not. Unforgntly I dont have much to bescrive my problem. I've cleaned out and disabled some toolbars and BHO object and generlly grabage to see if that may to locate the problem. "disable/enable | install/unstall newtork card. Reset winsock and alot dribbling with my network setting DHCP enable/disable tcip over netbios etc. When we here you may tell me what "Symatec Network security Intermediate Filter driver" is. If happens you dont now. Google it, I promise you a nice trip cuz we're not alone AMEN on that. I told my isp technical support my DNS keep changing. "laughed, and said: ohh really" keep changing to a french address. isn't that ironic, it just might me a french hot women on the other side.
Conclusion. -Not much really, you really didnt need to bother read all this in the first place
I've will do what you told me, some of this scanners will take some time. I'll be back. peace and out



Every time I connect: 195.68.103.130
reverse: access103-130.lan-ls.imaginet.fr
report:

inetnum: 195.68.0.0 - 195.68.127.255
netname: UK-COLT-960610
descr: COLT Telecom Group Limited
country: GB # FR
org: ORG-CI9-RIPE
admin-c: CHM4-RIPE
tech-c: CHM4-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: COLT-FR-MNT
mnt-routes: COLT-FR-MNT
source: RIPE # Filtered

organisation: ORG-CI9-RIPE
org-name: COLT Telecom Group Limited
org-type: LIR
address: COLT Telecom Group Limited
Emma Fitzgerald
Beaufort House, 15 St Botolph Street
EC3A 7QN London
UNITED KINGDOM
phone: +44 2073903900
fax-no: +44 2078635610
admin-c: AG7626-RIPE
admin-c: CHM4-RIPE
admin-c: EF139-RIPE
admin-c: FD431-RIPE
admin-c: NG1400-RIPE
admin-c: VT1270-RIPE
mnt-ref: COLT-UK
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
source: RIPE # Filtered

role: COLT Hostmaster
address: COLT Telecommunications
address: Beaufort House
address: 15 St Botolph Street
address: London
address: EC3A 7QN
phone: +44 20 7390 3900
fax-no: +44 20 7863 5610
remarks: trouble: In the first instance email
remarks: trouble: or call +44 (0)800 3583667
remarks: trouble: Abuse queries to
admin-c: FB6824-RIPE
admin-c: EF139-RIPE
admin-c: RW1339-RIPE
tech-c: EF139-RIPE
tech-c: RW1339-RIPE
nic-hdl: CHM4-RIPE
mnt-by: COLT-UK
source: RIPE # Filtered
abuse-mailbox:

route: 195.68.0.0/17
descr: ImagiNET France
origin: AS8220
mnt-by: COLT-FR-MNT
source: RIPE # Filtered

katana
2009-08-13, 03:59
Due to inactivity, this thread will now be closed.

Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.