Hello guys. My girlfriend told me her computer has been running poorly so I decided to take a look. I previously downloaded AVG for her and had it set to update automatically and run daily scans. On Jan 24th, it found and healed two infections: Trojan Horse Generic16.ALUX. I just updated and scanned, turning up zero results. I updated MBAM and scanned, returning zero results. I went through and deleted a bunch of useless programs, bloatware, etc., and updated Java and Adobe. I also cleaned out the cookies and cache. It seems to running pretty slowly. There are several other issues:

- IE crashes periodically. I tried reinstalling IE 8 but it won't let me finish the install, saying there is already a newer version installed.

- The fan runs non stop. I'm assuming there are too many processes running but I don't know for sure.

- After I got done uninstalling all the useless stuff, minimized windows go to the right of the tray, near the clock, instead of the left like normal.

Thank you for any help. I'm hoping the machine is at least virus/malware free so I can try to fix the rest of the issues.

ERUNT was run and the registry is backed up. HJT was also run, but the log will not save to notepad. I'm not sure why, first time I've encountered a problem with that. Perhaps this computer is sicker than I originally thought.

Thanks for any help guys, much appreciated.

OK, I got it to save the log file.

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 1:39:23 PM, on 2/13/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Windows\vsnp2uvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
O4 - Global Startup: Vongo Tray.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: AddFiltr - Unknown owner - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Vongo Service - Unknown owner - C:\Program Files\Vongo\VongoService.exe (file missing)

--
End of file - 6621 bytes

Hi,

Download DDS and save it to your desktop from here (http://www.techsupportforum.com/sectools/sUBs/dds) or here (http://download.bleepingcomputer.com/sUBs/dds.scr) or here (http://www.forospyware.com/sUBs/dds).
Disable any script blocker, and then double click dds.scr to run the tool.
When done, DDS will open two (2) logs:
DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.



Download GMER (http://www.gmer.net) here by clicking download exe -button and then saving it your desktop:
Double-click .exe that you downloaded
Click rootkit-tab and then scan.
Don't check
Show All
box while scanning in progress!
When scanning is ready, click Copy.
This copies log to clipboard
Post log (if the log is long, archive it into a zip file and attach instead of posting) in your reply.

Thanks for the response. As I opened GMER I got the "blue screen of death" and the computer crashed. It restarted normally and I was able to complete the scans you requested:

DDS (Ver_09-12-01.01) - NTFSx86
Run by Stephanie at 20:08:21.46 on Sat 02/13/2010
Internet Explorer: 8.0.6001.18882
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1013.190 [GMT -5:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskeng.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Windows\vsnp2uvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Users\Stephanie\Desktop\dds.scr
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [snp2uvc] c:\windows\vsnp2uvc.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vongot~1.lnk - c:\windows\installer\{8c3ae2d1-854d-4650-a73d-c7cc7ee36b80}\NewShortcut2_DB7E00C96DEF489A8112D8F81614F45A.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\progra~1\aim\aim.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: avgrsstx.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-11-23 333192]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-11-23 28424]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-11-23 360584]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2009-11-23 906520]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2009-11-23 285392]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-17 21504]

=============== Created Last 30 ================

2010-02-09 23:16:28 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-02-09 23:16:27 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-02-09 23:16:16 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-09 23:16:16 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-09 23:16:04 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-02-09 23:16:00 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2010-02-09 23:15:52 1314816 ----a-w- c:\windows\system32\quartz.dll
2010-02-09 23:15:51 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-02-09 23:15:51 22528 ----a-w- c:\windows\system32\msyuv.dll
2010-02-09 23:15:51 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2010-02-09 23:15:50 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-02-09 23:15:49 82944 ----a-w- c:\windows\system32\mciavi32.dll
2010-02-09 23:15:49 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-02-09 23:15:48 91136 ----a-w- c:\windows\system32\avifil32.dll
2010-02-09 23:15:48 123904 ----a-w- c:\windows\system32\msvfw32.dll
2010-02-09 23:15:42 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-09 23:15:40 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-09 18:58:52 0 d-----w- c:\program files\TrendMicro
2010-02-09 16:12:40 0 d-----w- c:\program files\iPod
2010-02-09 16:12:27 0 d-----w- c:\program files\iTunes
2010-02-09 15:30:50 0 d-----w- c:\programdata\Sun

==================== Find3M ====================

2010-02-09 16:06:04 86016 ----a-w- c:\windows\inf\infstor.dat
2010-02-09 16:06:04 51200 ----a-w- c:\windows\inf\infpub.dat
2010-02-09 16:06:04 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-01-07 21:07:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 21:07:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-02 06:38:20 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32:33 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32:33 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57:00 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-17 22:14:00 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-23 13:46:31 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-11-17 08:20:27 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-10-06 15:04:09 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-10-26 21:57:26 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2009-10-16 23:15:24 245760 --sha-w- c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\ietldcache\index.dat

============= FINISH: 20:12:04.98 ===============



DDS (Ver_09-12-01.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 6/8/2007 9:30:02 PM
System Uptime: 2/13/2010 8:04:12 PM (0 hours ago)

Motherboard: Wistron | | 30B2
Processor: Intel(R) Core(TM) Duo CPU T2450 @ 2.00GHz | U1 | 2000/667mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 141 GiB total, 91.628 GiB free.
D: is FIXED (NTFS) - 8 GiB total, 1.777 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================


==== Installed Programs ======================

Activation Assistant for the 2007 Microsoft Office suites
ActiveCheck component for HP Active Support Library
Adobe Flash Player 10 ActiveX
Adobe Reader 8.2.0
AOL Instant Messenger
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG Free 9.0
Conexant HD Audio
ERUNT 1.1j
ESU for Microsoft Vista
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Active Support Library 32 bit components
HP Doc Viewer
HP Help and Support
HP Pavilion Webcam Driver for Vista v061.001.00006
HP Update
HP User Guides 0083
HP Wireless Assistant
HPAsset component for HP Active Support Library
HPNetworkAssistant
Intel(R) Graphics Media Accelerator Driver
iTunes
Java Auto Updater
Java(TM) 6 Update 18
LightScribe 1.4.136.1
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MSCU for Microsoft Vista
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
QuickTime
Rhapsody Player Engine
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator EasyArchive
Roxio Creator Tools
Roxio MyDVD Basic v9
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Vongo

==== End Of File ===========================

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-13 20:54:39
Windows 6.0.6002 Service Pack 2
Running: ry4z78ms.exe; Driver: C:\Users\STEPHA~1\AppData\Local\Temp\fwdiruob.sys


---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!CreateDialogParamW 774C72A2 5 Bytes JMP 6EA0DD48 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!GetAsyncKeyState 774C863C 5 Bytes JMP 6E9290A7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!SetWindowsHookExW 774C87AD 5 Bytes JMP 6EA09B29 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!CallNextHookEx 774C8E3B 5 Bytes JMP 6E9FD171 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!UnhookWindowsHookEx 774C98DB 5 Bytes JMP 6E97486E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!EnableWindow 774CCD8B 5 Bytes JMP 6EA0DBD5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!CreateWindowExW 774D1305 5 Bytes JMP 6EA0D9BC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!GetKeyState 774D8CB1 5 Bytes JMP 6EA0D183 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!IsDialogMessageW 774E0745 5 Bytes JMP 6E935B9B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!CreateDialogParamA 774E17AA 5 Bytes JMP 6EB0507C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!IsDialogMessage 774E1847 5 Bytes JMP 6EB04918 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!CreateDialogIndirectParamA 774E26F1 5 Bytes JMP 6EB050B3 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!CreateDialogIndirectParamW 774E9A62 5 Bytes JMP 6EB050EA C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!SetKeyboardState 774F0987 5 Bytes JMP 6EB04C87 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!DialogBoxParamW 774F10B0 5 Bytes JMP 6E935689 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!DialogBoxIndirectParamW 774F2EF5 5 Bytes JMP 6EB043F7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!SendInput 774F2F75 5 Bytes JMP 6EB05843 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!EndDialog 774F326E 5 Bytes JMP 6E938042 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!SetCursorPos 77506FB2 5 Bytes JMP 6EB05897 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!DialogBoxParamA 77508152 5 Bytes JMP 6EB04394 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!DialogBoxIndirectParamA 7750847D 5 Bytes JMP 6EB0445A C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!MessageBoxIndirectA 7751D4D9 5 Bytes JMP 6EB04329 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!MessageBoxIndirectW 7751D5D3 5 Bytes JMP 6EB042BE C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!MessageBoxExA 7751D639 5 Bytes JMP 6EB0425C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!MessageBoxExW 7751D65D 5 Bytes JMP 6EB041FA C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!keybd_event 7751D972 5 Bytes JMP 6EB05BC7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] SHELL32.dll!SHRestricted + D95 75BF8988 4 Bytes [4D, 30, 25, 70]
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] SHELL32.dll!SHRestricted + D9D 75BF8990 8 Bytes [57, 2F, 25, 70, 9C, 5B, 24, ...]
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] ole32.dll!OleLoadFromStream 76D71E12 5 Bytes JMP 6EB04778 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2436] ole32.dll!CoCreateInstance 76DA9EA6 5 Bytes JMP 6EA0DA18 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3036] USER32.dll!CreateWindowExW 774D1305 5 Bytes JMP 6EA0D9BC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3036] USER32.dll!DialogBoxParamW 774F10B0 5 Bytes JMP 6E935689 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3036] USER32.dll!DialogBoxIndirectParamW 774F2EF5 5 Bytes JMP 6EB043F7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3036] USER32.dll!DialogBoxParamA 77508152 5 Bytes JMP 6EB04394 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3036] USER32.dll!DialogBoxIndirectParamA 7750847D 5 Bytes JMP 6EB0445A C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3036] USER32.dll!MessageBoxIndirectA 7751D4D9 5 Bytes JMP 6EB04329 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3036] USER32.dll!MessageBoxIndirectW 7751D5D3 5 Bytes JMP 6EB042BE C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3036] USER32.dll!MessageBoxExA 7751D639 5 Bytes JMP 6EB0425C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3036] USER32.dll!MessageBoxExW 7751D65D 5 Bytes JMP 6EB041FA C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [70241AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7024007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [7023E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [70240994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [7023EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [7023A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [70241D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [70243ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [70242999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [70243035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7023FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [7023E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [7023DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7023FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [7023D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [7024FBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegEnumValueW] [7025051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [7024EB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] [7024F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] [7024EF31] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [7024E5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCloseKey] [7024ED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7024007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7023FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [7023E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7023FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [7023E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [70241AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [7023EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindClose] [70243ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileA] [70242CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileA] [70242926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileW] [70243035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileW] [70242999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesA] [7023BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryA] [7024173F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesA] [7023BFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryA] [70240F0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryA] [702414E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileA] [7023ED1B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesW] [7023BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryW] [70241D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesW] [7023C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryW] [7024103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileW] [7023EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileW] [70240994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryW] [70241614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileA] [70240921] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [7023FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [7023A073] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [7023A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileA] [7023E717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileW] [7023E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] [7023FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7023FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [70240C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [7023DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [7023D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [7023D361] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [7023EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7024007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [7023C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [7023E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [70243035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [70242999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [70241AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [7023BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [7023BFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [7023E717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [70242CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [70242926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [70243ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [702423A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [7023BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7023FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpW] [7023FAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpA] [7023F973] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCloseKey] [7024ED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [7024E43D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyA] [7024EDE8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyA] [7024F9B7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [7024E9C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [7024E5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [7024EB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExW] [7025020D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] [7024F4DB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW]

IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyW] [7024FBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] [7024F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueW] [7025051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyW] [7024FF19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExA] [70250085] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueA] [70250395] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyA] [7024FDAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] [7024F677] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [7023CFA8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW] [70242999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [70240C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [7023D22A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [7023D9DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [7023DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [7023EB68] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetCurrentDirectoryW] [70241D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [7023E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [7023CAA7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7024007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [7023A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [70240994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW] [70243035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindClose] [70243ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [7023C709] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesA] [7023BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SearchPathW] [70241AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [7023CD20] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [7023D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!RemoveDirectoryW] [70241614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateDirectoryW] [7024103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [7023EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [7023C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesW] [7023BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [702409B9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameW] [7023C848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7023FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [7023E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesExW] [7023C368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7023FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetLongPathNameW] [7023C5D8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [7023F0D0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [7023FAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [7023F5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [702465DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [7024620B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [70247595] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [702460AE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [7024615B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [702475E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [70246533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [7024799A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [7024684F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [70246E45] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [70246AFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [70246B47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [70247281] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [70246716] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [702471ED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [70247021] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [70247FBE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [70247159] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [702468E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsSystemFolderW] [70246BE2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [70246803] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [70246F81] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [702463A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [702480BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [70248513] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [70248176] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [70247BA4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [70248235] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [7024697F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [70246DAD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [70246D15] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [7024731F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [70246EDD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [70246C7D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [70246AAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [702478EA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [702463F4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [702476D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [70248732] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [7024777E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [70247831] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [7024667B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [70247636] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [7023BB38] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindClose] [70243ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindFirstFileW] [70243035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7024007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SearchPathW] [70241AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [7023A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [7023EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetShortPathNameW] [7023C848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [7023C368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [7023E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7023FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [7023BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7023FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [70248235] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [702481D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [702472CD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [702475E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [702476D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [702465DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [7024788F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [702486D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [702478EA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [70248732] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCombineW] [70246533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\IPHLPAPI.DLL [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\BTHUSB \Device\00000070 bthport.sys (Bluetooth Bus Driver/Microsoft Corporation)
Device \Driver\BTHUSB \Device\00000072 bthport.sys (Bluetooth Bus Driver/Microsoft Corporation)

AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001a6b7c72b3
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001a6b7c72b3 (not active ControlSet)

---- EOF - GMER 1.0.15 ----

Hi,

Looks ok there.

Check here (http://www.adobe.com/software/flash/about/) to see if your Flash is up-to-date (do it separately with each of your browsers). If not, uninstall vulnerable versions by following instructions here (http://kb2.adobe.com/cps/141/tn_14157.html). Fresh version can be obtained here (http://get.adobe.com/flashplayer/).


Download ATF (Atribune Temp File) Cleaner© by Atribune (http://www.atribune.org/ccount/click.php?id=1) to your desktop.

Double-click ATF Cleaner.exe to open it

Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.

If you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

If you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program.


Please run an online scan with Kaspersky Online Scanner (http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html) as instructed in the screenshot here (http://i275.photobucket.com/albums/jj285/Bleeping/KAS/KAS9.gif).

Flash is up to date and the ATF cleaner was run. I'm having a problem running the Kaspersky scan. It opens and tells me other anti-virus programs have to be disabled to run. I closed the resident shield on AVG. It downloads the program and runs the update, and then it stalls. I can't tell if the update hangs or if the problem is somewhere else, but the "settings" option is shaded out and can't be clicked, as well as the scan option. Any suggestions? Thank you for the help.

Hi,

It may be a temporary problem. Please reboot and see if you're able to run Kaspersky after that.

Reboot produced the same results. Could it be that I'm only disabling the active shield and not completely shutting down AVG? It tells me I have to be logged on as administrator also. I'm pretty sure I'm logged on as admin, "Stephanie" is the only option and it requires a password.

Ok. Let's try Kaspersky offline scan instead.

Download the latest version of Kaspersky Virus Removal Tool (http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/)

* Close all other applications and double-click and run the installer.
* When AVPTool starts, select all the scanable items except for CD-ROM drives and click the Scan button.
* If malware is detected, don't remove anything.
* After the scan finishes, don't neutralize anything.
* In the Scan window click the Reports button and select Save to file.
* Name the report AVPT.txt, and save it to the Desktop.
* Close AVPTool.
* You will be prompted if you want to uninstall the program; click Yes.
* You will then be prompted that to complete the uninstallation, the computer must be restarted. Select Yes to restart the system.
* Copy and paste the first part of the report (Detected) that you saved in your next reply. Do not include the longer list marked Events.

OK...

The scan took over 3 hours, and 2 critical "events" were reported. I can't seem to figure out how to find out what they are, or save the report. Per your instructions, I'm supposed to click Reports, then Save to File. Save to File is not an option anywhere on the screen following clicking the report.

Hi,

Could you take screenshots of the program and attach those to your post?

http://i4.photobucket.com/albums/y131/ILLZ/Windowssnippet.jpg
http://i4.photobucket.com/albums/y131/ILLZ/snippet2.jpg

Hi,

The first screenshot says that scan hasn't been run earlier. Please run a new scan and then see the reports section for detailed report (take a screenshot of the findings).

OK, the 2nd scan was run. Here is what the reports page looks like following the scan. Nowhere on here can I get any kind of detailed report or list of infections or anything. Am I missing it somewhere?

http://i4.photobucket.com/albums/y131/ILLZ/Kaspersky3.jpg

Hi,

If you press that +-sign does it show any infections?

The +/- sign to the left of "Autoscan"? It just shows when the task was started and when the task was completed, no other information.

Great! Then it means there were no issues found :)

How's the system running now?

Still pretty poorly. It seems slow and the fan still continuously runs. I'm going to download firefox and ditch IE, that should hopefully fix the IE crash issues. Any idea why minimized windows go the right of the tray instead of the left?

Hi,

Let's see if there's something that was hiding from logs.

Please visit this webpage for download links, and instructions for running ComboFix tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please ensure you read this guide carefully first.


Please continue as follows:


Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link (http://www.bleepingcomputer.com/forums/topic114351.html)
Remember to re-enable them afterwards.


Click Yes to allow ComboFix to continue scanning for malware.


When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.

ComboFix 10-02-18.07 - Stephanie 02/18/2010 19:52:35.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1013.302 [GMT -5:00]
Running from: c:\users\Stephanie\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-3243829120-3873577764-3776027936-500
c:\$recycle.bin\S-1-5-21-3833665739-4154496780-627808274-500

.
((((((((((((((((((((((((( Files Created from 2010-01-19 to 2010-02-19 )))))))))))))))))))))))))))))))
.

2010-02-19 01:07 . 2010-02-19 01:08 -------- d-----w- c:\users\Stephanie\AppData\Local\temp
2010-02-19 01:07 . 2010-02-19 01:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-16 22:09 . 2010-02-16 22:10 -------- d-----w- c:\users\Stephanie\AppData\Local\Adobe
2010-02-15 14:51 . 2009-10-22 17:54 37392 ----a-w- c:\windows\system32\drivers\32424132.sys
2010-02-15 14:51 . 2009-10-10 03:31 311312 ----a-w- c:\windows\system32\drivers\3242413.sys
2010-02-15 14:51 . 2009-09-25 21:59 128016 ----a-w- c:\windows\system32\drivers\32424131.sys
2010-02-14 22:34 . 2009-10-22 17:54 37392 ----a-w- c:\windows\system32\drivers\34947832.sys
2010-02-14 22:34 . 2009-10-10 03:31 311312 ----a-w- c:\windows\system32\drivers\3494783.sys
2010-02-14 22:34 . 2009-09-25 21:59 128016 ----a-w- c:\windows\system32\drivers\34947831.sys
2010-02-14 18:41 . 2009-10-22 17:54 37392 ----a-w- c:\windows\system32\drivers\93328472.sys
2010-02-14 18:41 . 2009-10-10 03:31 311312 ----a-w- c:\windows\system32\drivers\9332847.sys
2010-02-14 18:41 . 2009-09-25 21:59 128016 ----a-w- c:\windows\system32\drivers\93328471.sys
2010-02-09 23:16 . 2009-12-11 11:43 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-02-09 23:16 . 2009-12-11 11:43 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-02-09 23:16 . 2009-12-08 20:01 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-09 23:16 . 2009-12-08 20:01 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-09 23:16 . 2009-12-08 20:01 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-02-09 23:16 . 2009-12-08 17:26 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2010-02-09 23:15 . 2009-12-04 18:29 1314816 ----a-w- c:\windows\system32\quartz.dll
2010-02-09 23:15 . 2009-12-04 18:30 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2010-02-09 23:15 . 2009-12-04 18:28 22528 ----a-w- c:\windows\system32\msyuv.dll
2010-02-09 23:15 . 2009-12-04 18:28 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-02-09 23:15 . 2009-12-04 18:28 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-02-09 23:15 . 2009-12-04 18:28 82944 ----a-w- c:\windows\system32\mciavi32.dll
2010-02-09 23:15 . 2009-12-04 18:28 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-02-09 23:15 . 2009-12-04 18:28 123904 ----a-w- c:\windows\system32\msvfw32.dll
2010-02-09 23:15 . 2009-12-04 18:27 91136 ----a-w- c:\windows\system32\avifil32.dll
2010-02-09 23:15 . 2009-12-04 15:56 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-09 23:15 . 2009-12-04 15:56 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-09 18:58 . 2010-02-09 18:58 -------- d-----w- c:\program files\TrendMicro
2010-02-09 18:52 . 2010-02-09 18:53 -------- d-----w- c:\program files\ERUNT
2010-02-09 16:12 . 2010-02-09 16:12 -------- d-----w- c:\program files\iPod
2010-02-09 16:12 . 2010-02-09 16:13 -------- d-----w- c:\program files\iTunes
2010-02-09 16:07 . 2010-02-09 16:07 -------- d-----w- c:\program files\Apple Software Update
2010-02-09 15:30 . 2010-02-09 15:30 -------- d-----w- c:\program files\Common Files\Java

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-17 15:35 . 2007-08-26 21:08 -------- d-----w- c:\programdata\Kaspersky Lab
2010-02-15 14:45 . 2007-06-08 23:33 12 ----a-w- c:\windows\bthservsdp.dat
2010-02-10 08:19 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-02-09 18:58 . 2010-02-09 18:58 388096 ----a-r- c:\users\Stephanie\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-02-09 16:26 . 2009-11-23 14:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-09 16:24 . 2010-02-09 16:24 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-02-09 16:12 . 2009-01-26 02:13 -------- d-----w- c:\program files\Common Files\Apple
2010-02-09 15:47 . 2007-06-08 23:54 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-09 15:41 . 2007-06-09 00:41 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-09 15:30 . 2007-06-09 01:15 -------- d-----w- c:\program files\Java
2010-02-09 15:25 . 2007-08-27 06:05 87320 ----a-w- c:\users\Stephanie\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-09 15:23 . 2007-08-26 20:51 -------- d-----w- c:\program files\Common Files\AOL
2010-02-09 15:23 . 2007-08-26 20:51 -------- d-----w- c:\programdata\AOL
2010-02-09 15:19 . 2007-06-08 23:40 -------- d-----w- c:\program files\CONEXANT
2010-02-09 15:16 . 2007-06-08 23:51 -------- d-----w- c:\program files\Hewlett-Packard
2010-02-09 15:15 . 2007-06-08 23:54 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-09 15:15 . 2007-06-09 00:31 -------- d-----w- c:\programdata\CyberLink
2010-02-09 15:15 . 2007-06-08 23:55 -------- d-----w- c:\program files\Hp
2010-02-09 15:14 . 2007-06-09 00:40 -------- d-----w- c:\programdata\HP
2010-02-09 15:07 . 2009-03-12 02:00 -------- d-----w- c:\users\Stephanie\AppData\Roaming\Move Networks
2010-02-09 15:04 . 2007-06-09 00:51 -------- d-----w- c:\program files\Common Files\muvee Technologies
2010-02-09 15:02 . 2007-06-09 00:00 -------- d-----w- c:\program files\Roxio
2010-01-23 00:51 . 2010-01-23 00:51 72488 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2010-01-07 21:07 . 2009-11-23 14:32 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 21:07 . 2009-11-23 14:32 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-02 06:38 . 2010-01-22 06:36 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-22 06:36 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32 . 2010-01-22 06:36 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57 . 2010-01-22 06:36 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-17 22:14 . 2009-04-04 15:00 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-23 13:46 . 2009-11-23 13:46 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-11-23 13:46 . 2009-11-23 13:46 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-11-23 13:46 . 2009-11-23 13:46 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-11-23 13:46 . 2009-11-23 13:46 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-30 131072]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-30 151552]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-30 126976]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2008-08-02 675840]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-01-23 141608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-08 44128]

c:\users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
setup_9.0.0.722_14.02.2010_21-27.lnk - c:\users\Stephanie\Desktop\Virus Removal Tool\setup_9.0.0.722_14.02.2010_21-27\startup.exe [2010-2-15 72208]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Vongo Tray.lnk - c:\windows\Installer\{8C3AE2D1-854D-4650-A73D-C7CC7EE36B80}\NewShortcut2_DB7E00C96DEF489A8112D8F81614F45A.exe [2007-6-8 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):26,76,18,00,e9,51,ca,01

R0 32424132;32424132 Boot Guard Driver;c:\windows\System32\drivers\32424132.sys [2/15/2010 9:51 AM 37392]
R0 34947832;34947832 Boot Guard Driver;c:\windows\System32\drivers\34947832.sys [2/14/2010 5:34 PM 37392]
R0 93328472;93328472 Boot Guard Driver;c:\windows\System32\drivers\93328472.sys [2/14/2010 1:41 PM 37392]
R1 32424131;32424131;c:\windows\System32\drivers\32424131.sys [2/15/2010 9:51 AM 128016]
R1 34947831;34947831;c:\windows\System32\drivers\34947831.sys [2/14/2010 5:34 PM 128016]
R1 93328471;93328471;c:\windows\System32\drivers\93328471.sys [2/14/2010 1:41 PM 128016]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [11/23/2009 8:46 AM 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\drivers\avgtdix.sys [11/23/2009 8:46 AM 360584]
R1 setup_9.0.0.722_14.02.2010_21-27drv;setup_9.0.0.722_14.02.2010_21-27drv;c:\windows\System32\drivers\3242413.sys [2/15/2010 9:51 AM 311312]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [11/23/2009 8:45 AM 906520]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [11/23/2009 8:44 AM 285392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-18 20:08
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-02-18 20:18:09
ComboFix-quarantined-files.txt 2010-02-19 01:18

Pre-Run: 97,723,105,280 bytes free
Post-Run: 97,786,408,960 bytes free

- - End Of File - - 7E58DA5B62C64BCCEA844EF71369AED0

Hi,

Please upload these files to http://www.virustotal.com and post back the results:
c:\windows\System32\drivers\93328472.sys
c:\windows\System32\drivers\32424131.sys

Hi, thanks for all the help.

Both files came back clean. Is this computer really virus/malware free?

Hi,


Is this computer really virus/malware free?
Logs are indicating that.

You could try to run IE with add-ons disabled to see if it makes any difference:
Click the Start button, click All Programs, click Accessories, click System Tools, and then click Internet Explorer (No Add-ons).

Great, thanks. You've been a tremendous help. I guess there are only 2 more issues that I'd like an opinion on, if you can. Firstly, minimized windows are still going to the right of the tray by the clock. I've downloaded Firefox and it's still an issue. Secondly, the fan is still running and the computer is noticeably hot to the touch. Is that an indication that there are too many programs running?

Hi,

Right-click taskbar and select unlock. Then see if you can drag left boundary (on the right side of quick launch buttons beside start button) left. If the icons are still appearing on the right side of taskbar then attach a screenshot, please.

Access task manager (ctrl+alt+del) and on processes tab see what items have big CPU %-values (system idle process is always near 100, it can be ignored).

Unlocking the task bar fixed that problem, thanks.

As for CPU usage... nothing is more than 05, and most are 00 or 01. There are about 60 processes running total.

Hi,


As for CPU usage... nothing is more than 05, and most are 00 or 01
Then that fan issue sounds a bit odd. Might be hardware related issue too. You could ask on some forum, like Tech Support Guy (http://forums.techguy.org/), that has area for general computer issues too.

Before that, let's remove tools we used.

Now lets uninstall ComboFix:

Click START then RUN
Now copy-paste Combofix /uninstall in the runbox and click OK


Please download OTC (http://oldtimer.geekstogo.com/OTC.exe) and save it to desktop.

Double-click OTC.exe.
Click the CleanUp! button.
Select Yes when the
Begin cleanup Process?
prompt appears.
If you are prompted to Reboot during the cleanup, select Yes.
The tool will delete itself once it finishes, if not delete it by yourself.


Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.

Due to inactivity, this thread will now be closed.

Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.