Page 1 of 3 123 LastLast
Results 1 to 10 of 30

Thread: Possible sick PC; Trojan Horse Generic16.ALUX

  1. #1
    Member
    Join Date
    Feb 2009
    Posts
    45

    Default Possible sick PC; Trojan Horse Generic16.ALUX

    Hello guys. My girlfriend told me her computer has been running poorly so I decided to take a look. I previously downloaded AVG for her and had it set to update automatically and run daily scans. On Jan 24th, it found and healed two infections: Trojan Horse Generic16.ALUX. I just updated and scanned, turning up zero results. I updated MBAM and scanned, returning zero results. I went through and deleted a bunch of useless programs, bloatware, etc., and updated Java and Adobe. I also cleaned out the cookies and cache. It seems to running pretty slowly. There are several other issues:

    - IE crashes periodically. I tried reinstalling IE 8 but it won't let me finish the install, saying there is already a newer version installed.

    - The fan runs non stop. I'm assuming there are too many processes running but I don't know for sure.

    - After I got done uninstalling all the useless stuff, minimized windows go to the right of the tray, near the clock, instead of the left like normal.

    Thank you for any help. I'm hoping the machine is at least virus/malware free so I can try to fix the rest of the issues.

    ERUNT was run and the registry is backed up. HJT was also run, but the log will not save to notepad. I'm not sure why, first time I've encountered a problem with that. Perhaps this computer is sicker than I originally thought.

    Thanks for any help guys, much appreciated.

  2. #2
    Member
    Join Date
    Feb 2009
    Posts
    45

    Default

    OK, I got it to save the log file.

    Logfile of Trend Micro HijackThis v2.0.3 (BETA)
    Scan saved at 1:39:23 PM, on 2/13/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18882)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
    C:\Windows\vsnp2uvc.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\AVG\AVG9\avgtray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
    C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
    O4 - Global Startup: Vongo Tray.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O13 - Gopher Prefix:
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
    O20 - AppInit_DLLs: avgrsstx.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: AddFiltr - Unknown owner - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
    O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
    O23 - Service: Vongo Service - Unknown owner - C:\Program Files\Vongo\VongoService.exe (file missing)

    --
    End of file - 6621 bytes

  3. #3
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    Download DDS and save it to your desktop from here or here or here.
    Disable any script blocker, and then double click dds.scr to run the tool.
    • When done, DDS will open two (2) logs:
      1. DDS.txt
      2. Attach.txt
    • Save both reports to your desktop. Post them back to your topic.



    Download GMER here by clicking download exe -button and then saving it your desktop:
    • Double-click .exe that you downloaded
    • Click rootkit-tab and then scan.
    • Don't check
      Show All
      box while scanning in progress!
    • When scanning is ready, click Copy.
    • This copies log to clipboard
    • Post log (if the log is long, archive it into a zip file and attach instead of posting) in your reply.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  4. #4
    Member
    Join Date
    Feb 2009
    Posts
    45

    Default

    Thanks for the response. As I opened GMER I got the "blue screen of death" and the computer crashed. It restarted normally and I was able to complete the scans you requested:

    DDS (Ver_09-12-01.01) - NTFSx86
    Run by Stephanie at 20:08:21.46 on Sat 02/13/2010
    Internet Explorer: 8.0.6001.18882
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1013.190 [GMT -5:00]

    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Program Files\AVG\AVG9\avgchsvx.exe
    C:\Program Files\AVG\AVG9\avgrsx.exe
    C:\Program Files\AVG\AVG9\avgcsrvx.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\AVG\AVG9\avgwdsvc.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\Dwm.exe
    C:\Program Files\AVG\AVG9\avgnsx.exe
    C:\Program Files\AVG\AVG9\avgemc.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\AVG\AVG9\avgcsrvx.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
    C:\Windows\vsnp2uvc.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\AVG\AVG9\avgtray.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Windows\ehome\ehtray.exe
    C:\Windows\system32\msiexec.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Users\Stephanie\Desktop\dds.scr
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com/
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
    mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
    mRun: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    mRun: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [snp2uvc] c:\windows\vsnp2uvc.exe
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vongot~1.lnk - c:\windows\installer\{8c3ae2d1-854d-4650-a73d-c7cc7ee36b80}\NewShortcut2_DB7E00C96DEF489A8112D8F81614F45A.exe
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\progra~1\aim\aim.exe
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
    Notify: igfxcui - igfxdev.dll
    AppInit_DLLs: avgrsstx.dll

    ============= SERVICES / DRIVERS ===============

    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-11-23 333192]
    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-11-23 28424]
    R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-11-23 360584]
    R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2009-11-23 906520]
    R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2009-11-23 285392]
    S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-17 21504]

    =============== Created Last 30 ================

    2010-02-09 23:16:28 302080 ----a-w- c:\windows\system32\drivers\srv.sys
    2010-02-09 23:16:27 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2010-02-09 23:16:16 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2010-02-09 23:16:16 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
    2010-02-09 23:16:04 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2010-02-09 23:16:00 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
    2010-02-09 23:15:52 1314816 ----a-w- c:\windows\system32\quartz.dll
    2010-02-09 23:15:51 31744 ----a-w- c:\windows\system32\msvidc32.dll
    2010-02-09 23:15:51 22528 ----a-w- c:\windows\system32\msyuv.dll
    2010-02-09 23:15:51 12288 ----a-w- c:\windows\system32\tsbyuv.dll
    2010-02-09 23:15:50 13312 ----a-w- c:\windows\system32\msrle32.dll
    2010-02-09 23:15:49 82944 ----a-w- c:\windows\system32\mciavi32.dll
    2010-02-09 23:15:49 50176 ----a-w- c:\windows\system32\iyuv_32.dll
    2010-02-09 23:15:48 91136 ----a-w- c:\windows\system32\avifil32.dll
    2010-02-09 23:15:48 123904 ----a-w- c:\windows\system32\msvfw32.dll
    2010-02-09 23:15:42 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2010-02-09 23:15:40 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
    2010-02-09 18:58:52 0 d-----w- c:\program files\TrendMicro
    2010-02-09 16:12:40 0 d-----w- c:\program files\iPod
    2010-02-09 16:12:27 0 d-----w- c:\program files\iTunes
    2010-02-09 15:30:50 0 d-----w- c:\programdata\Sun

    ==================== Find3M ====================

    2010-02-09 16:06:04 86016 ----a-w- c:\windows\inf\infstor.dat
    2010-02-09 16:06:04 51200 ----a-w- c:\windows\inf\infpub.dat
    2010-02-09 16:06:04 143360 ----a-w- c:\windows\inf\infstrng.dat
    2010-01-07 21:07:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-01-07 21:07:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-01-02 06:38:20 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-01-02 06:32:33 71680 ----a-w- c:\windows\system32\iesetup.dll
    2010-01-02 06:32:33 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2010-01-02 04:57:00 133632 ----a-w- c:\windows\system32\ieUnatt.exe
    2009-12-17 22:14:00 411368 ----a-w- c:\windows\system32\deploytk.dll
    2009-11-23 13:46:31 12464 ----a-w- c:\windows\system32\avgrsstx.dll
    2009-11-17 08:20:27 665600 ----a-w- c:\windows\inf\drvindex.dat
    2008-10-06 15:04:09 174 --sha-w- c:\program files\desktop.ini
    2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
    2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
    2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
    2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
    2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
    2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
    2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
    2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
    2009-10-26 21:57:26 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
    2009-10-16 23:15:24 245760 --sha-w- c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\ietldcache\index.dat

    ============= FINISH: 20:12:04.98 ===============



    DDS (Ver_09-12-01.01)

    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 6/8/2007 9:30:02 PM
    System Uptime: 2/13/2010 8:04:12 PM (0 hours ago)

    Motherboard: Wistron | | 30B2
    Processor: Intel(R) Core(TM) Duo CPU T2450 @ 2.00GHz | U1 | 2000/667mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 141 GiB total, 91.628 GiB free.
    D: is FIXED (NTFS) - 8 GiB total, 1.777 GiB free.
    E: is CDROM ()

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================


    ==== Installed Programs ======================

    Activation Assistant for the 2007 Microsoft Office suites
    ActiveCheck component for HP Active Support Library
    Adobe Flash Player 10 ActiveX
    Adobe Reader 8.2.0
    AOL Instant Messenger
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    AVG Free 9.0
    Conexant HD Audio
    ERUNT 1.1j
    ESU for Microsoft Vista
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP Active Support Library
    HP Active Support Library 32 bit components
    HP Doc Viewer
    HP Help and Support
    HP Pavilion Webcam Driver for Vista v061.001.00006
    HP Update
    HP User Guides 0083
    HP Wireless Assistant
    HPAsset component for HP Active Support Library
    HPNetworkAssistant
    Intel(R) Graphics Media Accelerator Driver
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 18
    LightScribe 1.4.136.1
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 3.5 SP1
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Home and Student 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Works
    MSCU for Microsoft Vista
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB941833)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    QuickTime
    Rhapsody Player Engine
    Roxio Activation Module
    Roxio Creator Audio
    Roxio Creator Basic v9
    Roxio Creator Copy
    Roxio Creator Data
    Roxio Creator EasyArchive
    Roxio Creator Tools
    Roxio MyDVD Basic v9
    Synaptics Pointing Device Driver
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Vongo

    ==== End Of File ===========================

  5. #5
    Member
    Join Date
    Feb 2009
    Posts
    45

    Default

    GMER 1.0.15.15281 - http://www.gmer.net
    Rootkit scan 2010-02-13 20:54:39
    Windows 6.0.6002 Service Pack 2
    Running: ry4z78ms.exe; Driver: C:\Users\STEPHA~1\AppData\Local\Temp\fwdiruob.sys


    ---- User code sections - GMER 1.0.15 ----

    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!CreateDialogParamW 774C72A2 5 Bytes JMP 6EA0DD48 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!GetAsyncKeyState 774C863C 5 Bytes JMP 6E9290A7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!SetWindowsHookExW 774C87AD 5 Bytes JMP 6EA09B29 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!CallNextHookEx 774C8E3B 5 Bytes JMP 6E9FD171 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!UnhookWindowsHookEx 774C98DB 5 Bytes JMP 6E97486E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!EnableWindow 774CCD8B 5 Bytes JMP 6EA0DBD5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!CreateWindowExW 774D1305 5 Bytes JMP 6EA0D9BC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!GetKeyState 774D8CB1 5 Bytes JMP 6EA0D183 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!IsDialogMessageW 774E0745 5 Bytes JMP 6E935B9B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!CreateDialogParamA 774E17AA 5 Bytes JMP 6EB0507C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!IsDialogMessage 774E1847 5 Bytes JMP 6EB04918 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!CreateDialogIndirectParamA 774E26F1 5 Bytes JMP 6EB050B3 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!CreateDialogIndirectParamW 774E9A62 5 Bytes JMP 6EB050EA C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!SetKeyboardState 774F0987 5 Bytes JMP 6EB04C87 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!DialogBoxParamW 774F10B0 5 Bytes JMP 6E935689 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!DialogBoxIndirectParamW 774F2EF5 5 Bytes JMP 6EB043F7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!SendInput 774F2F75 5 Bytes JMP 6EB05843 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!EndDialog 774F326E 5 Bytes JMP 6E938042 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!SetCursorPos 77506FB2 5 Bytes JMP 6EB05897 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!DialogBoxParamA 77508152 5 Bytes JMP 6EB04394 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!DialogBoxIndirectParamA 7750847D 5 Bytes JMP 6EB0445A C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!MessageBoxIndirectA 7751D4D9 5 Bytes JMP 6EB04329 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!MessageBoxIndirectW 7751D5D3 5 Bytes JMP 6EB042BE C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!MessageBoxExA 7751D639 5 Bytes JMP 6EB0425C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!MessageBoxExW 7751D65D 5 Bytes JMP 6EB041FA C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] USER32.dll!keybd_event 7751D972 5 Bytes JMP 6EB05BC7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] SHELL32.dll!SHRestricted + D95 75BF8988 4 Bytes [4D, 30, 25, 70]
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] SHELL32.dll!SHRestricted + D9D 75BF8990 8 Bytes [57, 2F, 25, 70, 9C, 5B, 24, ...]
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] ole32.dll!OleLoadFromStream 76D71E12 5 Bytes JMP 6EB04778 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2436] ole32.dll!CoCreateInstance 76DA9EA6 5 Bytes JMP 6EA0DA18 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3036] USER32.dll!CreateWindowExW 774D1305 5 Bytes JMP 6EA0D9BC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3036] USER32.dll!DialogBoxParamW 774F10B0 5 Bytes JMP 6E935689 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3036] USER32.dll!DialogBoxIndirectParamW 774F2EF5 5 Bytes JMP 6EB043F7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3036] USER32.dll!DialogBoxParamA 77508152 5 Bytes JMP 6EB04394 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3036] USER32.dll!DialogBoxIndirectParamA 7750847D 5 Bytes JMP 6EB0445A C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3036] USER32.dll!MessageBoxIndirectA 7751D4D9 5 Bytes JMP 6EB04329 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3036] USER32.dll!MessageBoxIndirectW 7751D5D3 5 Bytes JMP 6EB042BE C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3036] USER32.dll!MessageBoxExA 7751D639 5 Bytes JMP 6EB0425C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3036] USER32.dll!MessageBoxExW 7751D65D 5 Bytes JMP 6EB041FA C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    ---- User IAT/EAT - GMER 1.0.15 ----

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [70241AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7024007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [7023E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [70240994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [7023EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [7023A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [70241D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [70243ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [70242999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [70243035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7023FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [7023E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [7023DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7023FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [7023D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [7024FBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegEnumValueW] [7025051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [7024EB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] [7024F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] [7024EF31] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [7024E5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCloseKey] [7024ED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7024007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7023FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [7023E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7023FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [7023E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [70241AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [7023EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindClose] [70243ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileA] [70242CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileA] [70242926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileW] [70243035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileW] [70242999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesA] [7023BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryA] [7024173F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesA] [7023BFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryA] [70240F0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryA] [702414E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileA] [7023ED1B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesW] [7023BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryW] [70241D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesW] [7023C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryW] [7024103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileW] [7023EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileW] [70240994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryW] [70241614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileA] [70240921] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [7023FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [7023A073] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [7023A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileA] [7023E717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileW] [7023E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] [7023FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7023FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [70240C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [7023DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [7023D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [7023D361] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [7023EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7024007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [7023C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [7023E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [70243035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [70242999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [70241AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [7023BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [7023BFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [7023E717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [70242CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [70242926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [70243ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [702423A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [7023BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7023FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpW] [7023FAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpA] [7023F973] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCloseKey] [7024ED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [7024E43D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyA] [7024EDE8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyA] [7024F9B7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [7024E9C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [7024E5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [7024EB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExW] [7025020D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] [7024F4DB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW]

  6. #6
    Member
    Join Date
    Feb 2009
    Posts
    45

    Default

    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyW] [7024FBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] [7024F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueW] [7025051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyW] [7024FF19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExA] [70250085] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueA] [70250395] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyA] [7024FDAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] [7024F677] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [7023CFA8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW] [70242999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [70240C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [7023D22A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [7023D9DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [7023DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [7023EB68] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetCurrentDirectoryW] [70241D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [7023E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [7023CAA7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7024007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [7023A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [70240994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW] [70243035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindClose] [70243ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [7023C709] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesA] [7023BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SearchPathW] [70241AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [7023CD20] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [7023D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!RemoveDirectoryW] [70241614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateDirectoryW] [7024103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [7023EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [7023C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesW] [7023BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [702409B9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameW] [7023C848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7023FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [7023E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesExW] [7023C368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7023FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetLongPathNameW] [7023C5D8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [7023F0D0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [7023FAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [7023F5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [702465DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [7024620B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [70247595] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [702460AE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [7024615B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [702475E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [70246533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [7024799A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [7024684F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [70246E45] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [70246AFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [70246B47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [70247281] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [70246716] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [702471ED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [70247021] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [70247FBE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [70247159] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [702468E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsSystemFolderW] [70246BE2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [70246803] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [70246F81] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [702463A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [702480BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [70248513] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [70248176] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [70247BA4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [70248235] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [7024697F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [70246DAD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [70246D15] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [7024731F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [70246EDD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [70246C7D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [70246AAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [702478EA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [702463F4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [702476D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [70248732] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [7024777E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [70247831] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [7024667B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [70247636] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [7023BB38] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindClose] [70243ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindFirstFileW] [70243035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7024007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SearchPathW] [70241AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [7023A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [7023EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetShortPathNameW] [7023C848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [7023C368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [7023E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7023FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [7023BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7023FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [70248235] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [702481D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [702472CD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [702475E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [702476D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [702465DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [7024788F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [702486D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [702478EA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [70248732] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCombineW] [70246533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\IPHLPAPI.DLL [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
    IAT C:\Program Files\Internet Explorer\iexplore.exe[2436] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [702382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
    AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

    Device \Driver\BTHUSB \Device\00000070 bthport.sys (Bluetooth Bus Driver/Microsoft Corporation)
    Device \Driver\BTHUSB \Device\00000072 bthport.sys (Bluetooth Bus Driver/Microsoft Corporation)

    AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001a6b7c72b3
    Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001a6b7c72b3 (not active ControlSet)

    ---- EOF - GMER 1.0.15 ----

  7. #7
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    Looks ok there.

    Check here to see if your Flash is up-to-date (do it separately with each of your browsers). If not, uninstall vulnerable versions by following instructions here. Fresh version can be obtained here.


    Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.

    Double-click ATF Cleaner.exe to open it

    Under Main choose:
    Windows Temp
    Current User Temp
    All Users Temp
    Cookies
    Temporary Internet Files
    Java Cache

    *The other boxes are optional*
    Then click the Empty Selected button.

    If you use Firefox:
    Click Firefox at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

    If you use Opera:
    Click Opera at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

    Click Exit on the Main menu to close the program.


    Please run an online scan with Kaspersky Online Scanner as instructed in the screenshot here.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  8. #8
    Member
    Join Date
    Feb 2009
    Posts
    45

    Default

    Flash is up to date and the ATF cleaner was run. I'm having a problem running the Kaspersky scan. It opens and tells me other anti-virus programs have to be disabled to run. I closed the resident shield on AVG. It downloads the program and runs the update, and then it stalls. I can't tell if the update hangs or if the problem is somewhere else, but the "settings" option is shaded out and can't be clicked, as well as the scan option. Any suggestions? Thank you for the help.

  9. #9
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    It may be a temporary problem. Please reboot and see if you're able to run Kaspersky after that.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  10. #10
    Member
    Join Date
    Feb 2009
    Posts
    45

    Default

    Reboot produced the same results. Could it be that I'm only disabling the active shield and not completely shutting down AVG? It tells me I have to be logged on as administrator also. I'm pretty sure I'm logged on as admin, "Stephanie" is the only option and it requires a password.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •