dslreports logo
site
    All Forums Hot Topics Gallery
spc
Search Topic:
uniqs
2
share rss forum feed


LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:26
Reviews:
·Comcast

1 recommendation

reply to mizzshan

Re: [Trojan] Virus, trojan issues

Let's check for rootkits to be safe. If negative, we can start cleanup.

Download and run Sophos AntiRootkit. Post the log in this thread, even if nothing is found.

You find link(s) and instructions here:
»Security Cleanup FAQ »Rootkit Detection Applications
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum

mizzshan

join:2013-01-04
North, SC
Here's the GMER log...

GMER 2.0.18327 - http://www.gmer.net
Rootkit scan 2013-01-05 20:09:20
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.GT00 298.09GB
Running: 4qx8cyng.exe; Driver: C:\Users\Owner\AppData\Local\Temp\pflirfog.sys

---- System - GMER 2.0 ----

SSDT \??\C:\Windows\system32\DRIVERS\PavProc.sys ZwTerminateProcess [0xAFEE573A]

---- Kernel code sections - GMER 2.0 ----

.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 82E83A49 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82EBD4D2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 166F 82EC4AA4 4 Bytes [3A, 57, EE, AF] {CMP DL, [EDI-0x12]; SCASD }
? system32\drivers\av5flt.sys The system cannot find the path specified. !

---- User code sections - GMER 2.0 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[2316] USER32.dll!EnableWindow 76C88D02 5 Bytes JMP 6D079EB4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2316] USER32.dll!DialogBoxParamW 76CA3B9B 5 Bytes JMP 6CFD1893 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2316] USER32.dll!DialogBoxIndirectParamW 76CB3B7F 5 Bytes JMP 6D1C8FB6 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2316] USER32.dll!DialogBoxParamA 76CCCF42 5 Bytes JMP 6D1C8F51 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2316] USER32.dll!DialogBoxIndirectParamA 76CCD274 5 Bytes JMP 6D1C901B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2316] USER32.dll!MessageBoxIndirectA 76CDE869 5 Bytes JMP 6D1C8ED8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2316] USER32.dll!MessageBoxIndirectW 76CDE963 5 Bytes JMP 6D1C8E5F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2316] USER32.dll!MessageBoxExA 76CDE9C9 5 Bytes JMP 6D1C8DFB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2316] USER32.dll!MessageBoxExW 76CDE9ED 5 Bytes JMP 6D1C8D97 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] kernel32.dll!CreateThread 75CADCC2 5 Bytes JMP 6D0375DB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!EnableWindow 76C88D02 5 Bytes JMP 6D079EB4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!GetAsyncKeyState 76C8A256 5 Bytes JMP 6D01DED5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!CallNextHookEx 76C8ABE1 5 Bytes JMP 6D097FDF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!UnhookWindowsHookEx 76C8ADF9 5 Bytes JMP 6D0BED00 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!DefWindowProcA 76C8BB1C 7 Bytes JMP 6D039805 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!CreateWindowExA 76C8BF40 5 Bytes JMP 6D04363B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!SetWindowsHookExW 76C8E30C 5 Bytes JMP 6D0725AC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!CreateWindowExW 76C8EC7C 5 Bytes JMP 6D0A03CF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!GetKeyState 76C92B4D 5 Bytes JMP 6D01DDAB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!IsDialogMessageW 76C94104 5 Bytes JMP 6D1C9A7A C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!DefWindowProcW 76C9507D 7 Bytes JMP 6D098042 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!CreateDialogParamA 76CA1F42 5 Bytes JMP 6D1C92E8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!IsDialogMessage 76CA2019 5 Bytes JMP 6D1C9A52 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!DialogBoxParamW 76CA3B9B 5 Bytes JMP 6CFD1893 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!CreateDialogIndirectParamA 76CA721D 5 Bytes JMP 6D1C9358 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!CreateDialogIndirectParamW 76CAEA10 5 Bytes JMP 6D1C9390 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!DialogBoxIndirectParamW 76CB3B7F 5 Bytes JMP 6D1C8FB6 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!EndDialog 76CB3BA3 5 Bytes JMP 6D1C9D26 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!CreateDialogParamW 76CB5630 5 Bytes JMP 6D1C9320 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!SetKeyboardState 76CB695A 5 Bytes JMP 6D1CA341 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!SendInput 76CB7019 5 Bytes JMP 6D1CA2E9 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!SetCursorPos 76CCC1B0 5 Bytes JMP 6D1CA3C2 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!DialogBoxParamA 76CCCF42 5 Bytes JMP 6D1C8F51 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!DialogBoxIndirectParamA 76CCD274 5 Bytes JMP 6D1C901B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!MessageBoxIndirectA 76CDE869 5 Bytes JMP 6D1C8ED8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!MessageBoxIndirectW 76CDE963 5 Bytes JMP 6D1C8E5F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!MessageBoxExA 76CDE9C9 5 Bytes JMP 6D1C8DFB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!MessageBoxExW 76CDE9ED 5 Bytes JMP 6D1C8D97 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] USER32.dll!keybd_event 76CDEC3B 5 Bytes JMP 6D1CA2A6 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] SHELL32.dll!RealDriveType + 173D 75F5FE30 4 Bytes [CF, 01, 22, 6F] {IRET ; ADD [EDX], ESP; OUTSD }
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] SHELL32.dll!RealDriveType + 1745 75F5FE38 8 Bytes [E0, 61, 21, 6F, 79, F7, 21, ...] {LOOPNZ 0x63; AND [EDI+0x79], EBP; MUL DWORD [ECX]; OUTSD }
.text C:\Program Files\Internet Explorer\iexplore.exe[5228] ole32.dll!OleLoadFromStream 76B16143 5 Bytes JMP 6D1C9784 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)

---- User IAT/EAT - GMER 2.0 ----

IAT C:\Windows\Explorer.EXE[2608] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [742D24CB] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2608] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [742B562E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2608] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [742B56EC] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2608] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [742D2546] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2608] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [742C85AA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2608] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [742C4D5E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2608] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [742C5105] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2608] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [742C51DA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2608] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [742C6707] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2608] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [742C8301] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2608] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [742C8850] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2608] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [742C90B1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2608] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [742CE254] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2608] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [742C4C90] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6F2147BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [6F22029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6F215EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [6F227F4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6F22F500] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [6F22F94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [6F2307CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [6F22FCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [6F215E4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6F22ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6F2147BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6F214E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6F2163E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6F22B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6F216D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6F22BC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6F22C811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [6F22029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6F214E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6F215EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6F2147BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6F2163E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6F214E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6F22C811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [6F22E457] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [6F22AA37] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [6F22ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [6F22B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6F216D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6F215EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [6F22FCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [6F2307CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6F22939B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6F2163E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [6F22029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [6F215F62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6F229229] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6F21F1F1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6F2147BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6F215E4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [6F220ADF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [6F22F2BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [6F22F94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [6F23072B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [6F22F9A0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [6F231542] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [6F231C5E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [6F21FA79] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [6F231191] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [6F21F725] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [6F21FB25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [6F231095] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [6F231F32] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [6F2312D2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [6F230DFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [6F220178] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [6F231B2E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [6F23194A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsContentTypeW] [6F231233] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegQueryUSValueW] [6F21F86E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegEnumUSKeyW] [6F21F472] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyA] [6F2327C3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [6F23136E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [6F231284] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [6F230F4E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [6F232769] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCanonicalizeW] [6F21F9DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [6F232937] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [6F217430] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [6F21F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [6F21E265] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [6F215D08] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [6F23140A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [6F231590] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [6F231F83] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [6F220123] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [6F23218A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [6F231BC6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyW] [6F21FACB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [6F2319EE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [6F21FC0B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [6F2320D3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [6F232B62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [6F232028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [6F230F9F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [6F214927] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [6F230D47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [6F21FA2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [6F2318A2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [6F231CAC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [6F23171C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [6F2317B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [6F214984] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [6F228C1A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [6F22CB0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [6F22D6BF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [6F22D11F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6F216D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [6F22C49D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6F22B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [6F22B245] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6F22A89F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6F22E0C1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6F214E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6F22ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [6F22A249] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [6F229AF3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [6F22E457] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6F22E089] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [6F229F4B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6F22BC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [6F22A56D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6F214E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6F216D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [6F21F6D1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [6F231F32] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [6F232028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [6F232B05] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [6F232B62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [6F220178] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetUSValueA] [6F2164C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [6F214CAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [6F214927] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [6F214984] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [6F216528] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [6F2147BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6F2147BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5228] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [6F2147BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

---- Registry - GMER 2.0 ----

Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xE2 0x63 0x26 0xF1 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x46 0x47 0x15 0xB0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x86 0x8C 0x21 0x01 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xF5 0x1D 0x4D 0x73 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xDF 0x20 0x58 0x62 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x83 0x6C 0x56 0x8B ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xF6 0x0F 0x4E 0x58 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0x3D 0xCE 0xEA 0x26 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xE3 0x0E 0x66 0xD5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ...

---- EOF - GMER 2.0 ----