Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

google redirect, undetected by malware bytes and microsoft security essentials


  • Please log in to reply
18 replies to this topic

#1 Camiilla

Camiilla

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 13 February 2012 - 01:00 AM

Hello!

In my terror-induced trigger-happiness I posted my problem under the spyware removal log section, but haven't got such log, nor do I know how to get one, so perhaps better to start at the right place. I know it will take up to five days to get back to me, I'm waiting patiently for that.

I first tried to follow advice given to another member with a problem that sounded similar to mine, but I suspect I will need specific step by step instructions, so I would rather wait for one of the bleeping-computer genii to get back to me.

I am using Windows 7 on an HP laptop, not sure how to ascertain the exact specs though, I have currently got Malware Bytes and Microsoft Security Essentials running at same time (?) but further than that I don't know what info to give.

Thanks in advance for your time and assistance.

Here is a copy of my previous query in the wrong topic:

Hi,

I recently got infected with an AVG trojan virus while trying to download Avast anti-virus(this is according to the IT technitian who formatted my laptop for me to fix the problem, what I know about computers is dangerous.) Then yesterday when I could finally get on the internet again, I was randomly redirected to some weird unrelated sites, and not knowing that this could mean I had a virus, I blithely clicked on a button called "report bugs" and since then I can barely use google at all. I have an anti-virus called Microsoft Security Essentials, I don't know if it is legit, I paid the IT guy to put it on my laptop, but now I'm not so sure. This antivirus doesn't pick up any viruses.

I googled the problem as best I could and found your site, then took the advice you had given another virus-besieged individual and downloaded Malware Bytes. I ran the scan as you suggested in your answer to the post, but nothing was picked up. I have no way of knowing how many viruses I have or how to fix them, and now I'm scared that I have been given dodgy, virus-laden software by the "IT expert" and I currently live 10 000 km away from my husband, friends and family. I NEED the internet! Please help if you can, I understand if it takes a while to get back to me.

Thank you so much.

Regards.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:59 AM

Posted 13 February 2012 - 01:06 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 Camiilla

Camiilla
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 14 February 2012 - 12:19 AM

Hi!

Thank you for your reply, I appreciate it. I have done the TDSSkiller scan, the log is attached below. Please tell me before I download and run GMER if I need to be connected to the internet or not while doing this, I'm nervous of disabling antivirus and staying connected at the same time.

New symptoms: a popup notifying me that windows does not detect any antivirus protection on my computer, and also IE closing by itself and computer shutting down by itself.

TDSSKiller log:

09:11:57.0027 5940 TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52
09:11:57.0745 5940 ============================================================
09:11:57.0745 5940 Current date / time: 2012/02/14 09:11:57.0745
09:11:57.0745 5940 SystemInfo:
09:11:57.0745 5940
09:11:57.0745 5940 OS Version: 6.1.7600 ServicePack: 0.0
09:11:57.0745 5940 Product type: Workstation
09:11:57.0745 5940 ComputerName: CAMILLE-HP
09:11:57.0745 5940 UserName: Camille
09:11:57.0745 5940 Windows directory: C:\windows
09:11:57.0745 5940 System windows directory: C:\windows
09:11:57.0745 5940 Processor architecture: Intel x86
09:11:57.0745 5940 Number of processors: 2
09:11:57.0745 5940 Page size: 0x1000
09:11:57.0745 5940 Boot type: Normal boot
09:11:57.0745 5940 ============================================================
09:12:05.0451 5940 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:12:05.0467 5940 \Device\Harddisk0\DR0:
09:12:05.0467 5940 MBR used
09:12:05.0467 5940 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
09:12:05.0467 5940 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x23197000
09:12:05.0467 5940 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2322D800, BlocksNum 0x1E00000
09:12:05.0467 5940 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x2502D800, BlocksNum 0x400800
09:12:05.0779 5940 Initialize success
09:12:05.0779 5940 ============================================================
09:12:18.0898 4124 ============================================================
09:12:18.0898 4124 Scan started
09:12:18.0898 4124 Mode: Manual; TDLFS;
09:12:18.0898 4124 ============================================================
09:12:35.0029 4124 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
09:12:35.0029 4124 1394ohci - ok
09:12:35.0231 4124 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
09:12:35.0231 4124 ACPI - ok
09:12:35.0481 4124 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
09:12:35.0481 4124 AcpiPmi - ok
09:12:35.0606 4124 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
09:12:35.0637 4124 adp94xx - ok
09:12:35.0777 4124 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
09:12:35.0793 4124 adpahci - ok
09:12:35.0855 4124 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
09:12:35.0871 4124 adpu320 - ok
09:12:36.0105 4124 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\windows\system32\drivers\afd.sys
09:12:36.0136 4124 AFD - ok
09:12:37.0088 4124 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\windows\system32\DRIVERS\AGRSM.sys
09:12:37.0166 4124 AgereSoftModem - ok
09:12:37.0759 4124 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
09:12:37.0790 4124 agp440 - ok
09:12:37.0961 4124 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
09:12:37.0977 4124 aic78xx - ok
09:12:38.0570 4124 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
09:12:38.0585 4124 aliide - ok
09:12:38.0991 4124 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
09:12:39.0007 4124 amdagp - ok
09:12:39.0178 4124 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
09:12:39.0194 4124 amdide - ok
09:12:39.0443 4124 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
09:12:39.0459 4124 AmdK8 - ok
09:12:39.0584 4124 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
09:12:39.0599 4124 AmdPPM - ok
09:12:39.0755 4124 amdsata (e8887df31600cee28eddd5e6ffaaeed7) C:\windows\system32\DRIVERS\amdsata.sys
09:12:39.0755 4124 amdsata - ok
09:12:40.0582 4124 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
09:12:40.0582 4124 amdsbs - ok
09:12:40.0769 4124 amdxata (2d31914d521c5d36613063cb06d1b12c) C:\windows\system32\DRIVERS\amdxata.sys
09:12:40.0785 4124 amdxata - ok
09:12:40.0847 4124 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
09:12:40.0863 4124 AppID - ok
09:12:41.0113 4124 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
09:12:41.0113 4124 arc - ok
09:12:41.0191 4124 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
09:12:41.0191 4124 arcsas - ok
09:12:41.0300 4124 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
09:12:41.0300 4124 AsyncMac - ok
09:12:41.0487 4124 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
09:12:41.0487 4124 atapi - ok
09:12:43.0952 4124 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
09:12:43.0967 4124 b06bdrv - ok
09:12:44.0825 4124 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
09:12:44.0841 4124 b57nd60x - ok
09:12:45.0137 4124 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
09:12:45.0137 4124 Beep - ok
09:12:45.0449 4124 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
09:12:45.0465 4124 blbdrive - ok
09:12:45.0746 4124 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys
09:12:45.0746 4124 bowser - ok
09:12:45.0793 4124 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
09:12:45.0808 4124 BrFiltLo - ok
09:12:45.0855 4124 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
09:12:45.0871 4124 BrFiltUp - ok
09:12:46.0729 4124 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
09:12:46.0729 4124 Brserid - ok
09:12:48.0367 4124 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
09:12:48.0367 4124 BrSerWdm - ok
09:12:49.0427 4124 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
09:12:49.0427 4124 BrUsbMdm - ok
09:12:50.0098 4124 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
09:12:50.0114 4124 BrUsbSer - ok
09:12:50.0473 4124 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\DRIVERS\BthEnum.sys
09:12:50.0473 4124 BthEnum - ok
09:12:50.0925 4124 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
09:12:50.0941 4124 BTHMODEM - ok
09:12:51.0237 4124 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys
09:12:51.0237 4124 BthPan - ok
09:12:51.0580 4124 BTHPORT (12e2c56656ec2b8b5e96d3584aeabd46) C:\windows\system32\Drivers\BTHport.sys
09:12:51.0611 4124 BTHPORT - ok
09:12:52.0501 4124 BTHUSB (e41b011f3372606b9de71698606f37ad) C:\windows\system32\Drivers\BTHUSB.sys
09:12:52.0516 4124 BTHUSB - ok
09:12:54.0388 4124 BTMCOM (44ffff590169e88441fb2bc86277457a) C:\windows\system32\Drivers\btmcom.sys
09:12:54.0388 4124 BTMCOM - ok
09:12:54.0513 4124 BTMUSB (68fb465327ce3a980911b197f19e1614) C:\windows\system32\Drivers\btmusb.sys
09:12:54.0529 4124 BTMUSB - ok
09:12:55.0402 4124 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
09:12:55.0402 4124 cdfs - ok
09:12:56.0198 4124 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
09:12:56.0198 4124 cdrom - ok
09:12:56.0728 4124 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
09:12:56.0744 4124 circlass - ok
09:12:57.0602 4124 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
09:12:57.0618 4124 CLFS - ok
09:12:58.0335 4124 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
09:12:58.0351 4124 CmBatt - ok
09:12:59.0068 4124 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
09:12:59.0068 4124 cmdide - ok
09:12:59.0646 4124 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\windows\system32\Drivers\cng.sys
09:12:59.0661 4124 CNG - ok
09:13:00.0082 4124 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
09:13:00.0098 4124 Compbatt - ok
09:13:00.0566 4124 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
09:13:00.0566 4124 CompositeBus - ok
09:13:01.0081 4124 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
09:13:01.0081 4124 crcdisk - ok
09:13:01.0611 4124 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys
09:13:01.0611 4124 DfsC - ok
09:13:01.0720 4124 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
09:13:01.0720 4124 discache - ok
09:13:02.0173 4124 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
09:13:02.0188 4124 Disk - ok
09:13:02.0812 4124 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
09:13:02.0828 4124 drmkaud - ok
09:13:03.0998 4124 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\windows\System32\drivers\dxgkrnl.sys
09:13:04.0092 4124 DXGKrnl - ok
09:13:06.0588 4124 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
09:13:06.0681 4124 ebdrv - ok
09:13:06.0962 4124 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
09:13:07.0009 4124 elxstor - ok
09:13:08.0007 4124 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
09:13:08.0023 4124 ErrDev - ok
09:13:11.0065 4124 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
09:13:11.0112 4124 exfat - ok
09:13:11.0642 4124 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
09:13:11.0642 4124 fastfat - ok
09:13:13.0530 4124 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
09:13:13.0545 4124 fdc - ok
09:13:15.0682 4124 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
09:13:15.0698 4124 FileInfo - ok
09:13:16.0010 4124 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
09:13:16.0010 4124 Filetrace - ok
09:13:17.0180 4124 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
09:13:17.0196 4124 flpydisk - ok
09:13:17.0508 4124 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
09:13:17.0508 4124 FltMgr - ok
09:13:18.0568 4124 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
09:13:18.0584 4124 FsDepends - ok
09:13:19.0489 4124 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
09:13:19.0504 4124 Fs_Rec - ok
09:13:20.0472 4124 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\windows\system32\DRIVERS\fvevol.sys
09:13:20.0550 4124 fvevol - ok
09:13:21.0111 4124 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
09:13:21.0111 4124 gagp30kx - ok
09:13:21.0392 4124 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
09:13:21.0408 4124 hcw85cir - ok
09:13:21.0782 4124 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
09:13:21.0782 4124 HdAudAddService - ok
09:13:22.0125 4124 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
09:13:22.0141 4124 HDAudBus - ok
09:13:22.0453 4124 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
09:13:22.0484 4124 HidBatt - ok
09:13:22.0874 4124 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
09:13:22.0874 4124 HidBth - ok
09:13:23.0326 4124 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
09:13:23.0342 4124 HidIr - ok
09:13:23.0779 4124 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
09:13:23.0779 4124 HidUsb - ok
09:13:24.0075 4124 HpqKbFiltr (ee9f88368739554dcca142ae0214bcb1) C:\windows\system32\DRIVERS\HpqKbFiltr.sys
09:13:24.0106 4124 HpqKbFiltr - ok
09:13:24.0216 4124 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
09:13:24.0231 4124 HpSAMD - ok
09:13:24.0309 4124 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
09:13:24.0340 4124 HTTP - ok
09:13:24.0574 4124 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
09:13:24.0590 4124 hwpolicy - ok
09:13:25.0370 4124 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
09:13:25.0370 4124 i8042prt - ok
09:13:25.0526 4124 iaStor (26541a068572f650a2fa490726fe81be) C:\windows\system32\DRIVERS\iaStor.sys
09:13:25.0526 4124 iaStor - ok
09:13:25.0916 4124 iaStorV (2d2918606673c46769fb516a5ace958e) C:\windows\system32\DRIVERS\iaStorV.sys
09:13:25.0932 4124 iaStorV - ok
09:13:27.0024 4124 igfx (4ee7874572a515d112d2f35112f5ad41) C:\windows\system32\DRIVERS\igdkmd32.sys
09:13:27.0180 4124 igfx - ok
09:13:27.0476 4124 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
09:13:27.0492 4124 iirsp - ok
09:13:27.0710 4124 IntcHdmiAddService (81486f0eb4238b65c317f97de246c4ac) C:\windows\system32\drivers\IntcHdmi.sys
09:13:27.0710 4124 IntcHdmiAddService - ok
09:13:27.0975 4124 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
09:13:27.0975 4124 intelide - ok
09:13:28.0240 4124 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
09:13:28.0240 4124 intelppm - ok
09:13:28.0521 4124 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
09:13:28.0537 4124 IpFilterDriver - ok
09:13:28.0818 4124 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
09:13:28.0818 4124 IPMIDRV - ok
09:13:29.0114 4124 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
09:13:29.0130 4124 IPNAT - ok
09:13:29.0473 4124 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
09:13:29.0473 4124 IRENUM - ok
09:13:29.0800 4124 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
09:13:29.0800 4124 isapnp - ok
09:13:30.0097 4124 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
09:13:30.0112 4124 iScsiPrt - ok
09:13:30.0502 4124 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
09:13:30.0518 4124 kbdclass - ok
09:13:30.0830 4124 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
09:13:30.0830 4124 kbdhid - ok
09:13:31.0126 4124 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\windows\system32\Drivers\ksecdd.sys
09:13:31.0126 4124 KSecDD - ok
09:13:31.0251 4124 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\windows\system32\Drivers\ksecpkg.sys
09:13:31.0251 4124 KSecPkg - ok
09:13:31.0485 4124 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
09:13:31.0516 4124 lltdio - ok
09:13:31.0672 4124 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
09:13:31.0704 4124 LSI_FC - ok
09:13:31.0922 4124 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
09:13:31.0938 4124 LSI_SAS - ok
09:13:32.0062 4124 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
09:13:32.0078 4124 LSI_SAS2 - ok
09:13:32.0156 4124 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
09:13:32.0250 4124 LSI_SCSI - ok
09:13:32.0406 4124 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
09:13:32.0406 4124 luafv - ok
09:13:32.0499 4124 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
09:13:32.0530 4124 megasas - ok
09:13:32.0842 4124 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
09:13:32.0889 4124 MegaSR - ok
09:13:33.0201 4124 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
09:13:33.0217 4124 Modem - ok
09:13:33.0732 4124 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
09:13:33.0732 4124 monitor - ok
09:13:33.0872 4124 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
09:13:33.0872 4124 mouclass - ok
09:13:34.0137 4124 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
09:13:34.0153 4124 mouhid - ok
09:13:34.0402 4124 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
09:13:35.0042 4124 mountmgr - ok
09:13:35.0323 4124 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\windows\system32\DRIVERS\MpFilter.sys
09:13:35.0323 4124 MpFilter - ok
09:13:35.0635 4124 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
09:13:35.0635 4124 mpio - ok
09:13:35.0947 4124 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\windows\system32\DRIVERS\MpNWMon.sys
09:13:35.0962 4124 MpNWMon - ok
09:13:36.0212 4124 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
09:13:36.0212 4124 mpsdrv - ok
09:13:36.0493 4124 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
09:13:36.0508 4124 MRxDAV - ok
09:13:36.0774 4124 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys
09:13:36.0789 4124 mrxsmb - ok
09:13:37.0101 4124 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys
09:13:37.0101 4124 mrxsmb10 - ok
09:13:37.0273 4124 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys
09:13:37.0288 4124 mrxsmb20 - ok
09:13:37.0491 4124 msahci (5d9e758baefb5a4f3639e755c66625aa) C:\windows\system32\DRIVERS\msahci.sys
09:13:37.0491 4124 msahci - ok
09:13:37.0647 4124 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
09:13:37.0663 4124 msdsm - ok
09:13:37.0881 4124 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
09:13:37.0897 4124 Msfs - ok
09:13:38.0115 4124 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
09:13:38.0131 4124 mshidkmdf - ok
09:13:38.0380 4124 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
09:13:38.0380 4124 msisadrv - ok
09:13:38.0568 4124 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
09:13:38.0583 4124 MSKSSRV - ok
09:13:38.0973 4124 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
09:13:38.0973 4124 MSPCLOCK - ok
09:13:39.0316 4124 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
09:13:39.0332 4124 MSPQM - ok
09:13:39.0535 4124 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
09:13:39.0535 4124 MsRPC - ok
09:13:39.0940 4124 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
09:13:39.0940 4124 mssmbios - ok
09:13:40.0221 4124 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
09:13:40.0237 4124 MSTEE - ok
09:13:40.0596 4124 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys


09:13:40.0611 4124 MTConfig - ok
09:13:40.0845 4124 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
09:13:40.0861 4124 Mup - ok
09:13:41.0142 4124 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
09:13:41.0142 4124 NativeWifiP - ok
09:13:41.0360 4124 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
09:13:41.0391 4124 NDIS - ok
09:13:41.0656 4124 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
09:13:41.0672 4124 NdisCap - ok
09:13:41.0766 4124 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
09:13:41.0766 4124 NdisTapi - ok
09:13:41.0812 4124 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
09:13:41.0812 4124 Ndisuio - ok
09:13:41.0875 4124 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
09:13:41.0875 4124 NdisWan - ok
09:13:42.0468 4124 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
09:13:42.0483 4124 NDProxy - ok
09:13:42.0748 4124 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
09:13:42.0764 4124 NetBIOS - ok
09:13:43.0076 4124 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
09:13:43.0092 4124 NetBT - ok
09:13:43.0638 4124 netr28 (091d731c04e7a1543b391a5b883b4598) C:\windows\system32\DRIVERS\netr28.sys
09:13:43.0669 4124 netr28 - ok
09:13:43.0965 4124 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
09:13:43.0965 4124 nfrd960 - ok
09:13:44.0371 4124 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\windows\system32\DRIVERS\NisDrvWFP.sys
09:13:44.0371 4124 NisDrv - ok
09:13:44.0667 4124 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
09:13:44.0683 4124 Npfs - ok
09:13:44.0730 4124 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
09:13:44.0730 4124 nsiproxy - ok
09:13:44.0917 4124 Ntfs (b0ff28fef1c6b51bc1ac91b9ffd5d00e) C:\windows\system32\drivers\Ntfs.sys
09:13:44.0979 4124 Ntfs - ok
09:13:45.0182 4124 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
09:13:45.0182 4124 Null - ok
09:13:45.0307 4124 nvraid (d71feb6fcb0912eb238f0cfe5cb085b8) C:\windows\system32\DRIVERS\nvraid.sys
09:13:45.0307 4124 nvraid - ok
09:13:45.0494 4124 nvstor (1d8b6a440dff2bdeaa4eb209fcba21bf) C:\windows\system32\DRIVERS\nvstor.sys
09:13:45.0510 4124 nvstor - ok
09:13:45.0822 4124 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
09:13:45.0822 4124 nv_agp - ok
09:13:46.0134 4124 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
09:13:46.0134 4124 ohci1394 - ok
09:13:46.0336 4124 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
09:13:46.0352 4124 Parport - ok
09:13:46.0446 4124 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
09:13:46.0446 4124 partmgr - ok
09:13:46.0570 4124 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
09:13:46.0586 4124 Parvdm - ok
09:13:46.0695 4124 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
09:13:46.0695 4124 pci - ok
09:13:46.0836 4124 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
09:13:46.0836 4124 pciide - ok
09:13:47.0023 4124 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
09:13:47.0023 4124 pcmcia - ok
09:13:47.0179 4124 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
09:13:47.0194 4124 pcw - ok
09:13:47.0366 4124 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
09:13:47.0366 4124 PEAUTH - ok
09:13:47.0569 4124 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
09:13:47.0569 4124 PptpMiniport - ok
09:13:47.0647 4124 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
09:13:47.0662 4124 Processor - ok
09:13:47.0912 4124 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
09:13:47.0912 4124 Psched - ok
09:13:48.0021 4124 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\windows\system32\Drivers\PxHelp20.sys
09:13:48.0037 4124 PxHelp20 - ok
09:13:48.0286 4124 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
09:13:48.0364 4124 ql2300 - ok
09:13:48.0676 4124 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
09:13:48.0676 4124 ql40xx - ok
09:13:48.0895 4124 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
09:13:48.0895 4124 QWAVEdrv - ok
09:13:48.0973 4124 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
09:13:48.0988 4124 RasAcd - ok
09:13:49.0285 4124 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
09:13:49.0285 4124 RasAgileVpn - ok
09:13:49.0503 4124 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
09:13:49.0503 4124 Rasl2tp - ok
09:13:49.0722 4124 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
09:13:49.0722 4124 RasPppoe - ok
09:13:49.0862 4124 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
09:13:49.0878 4124 RasSstp - ok
09:13:50.0096 4124 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
09:13:50.0096 4124 rdbss - ok
09:13:50.0361 4124 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
09:13:50.0377 4124 rdpbus - ok
09:13:50.0626 4124 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
09:13:50.0626 4124 RDPCDD - ok
09:13:50.0907 4124 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
09:13:50.0907 4124 RDPENCDD - ok
09:13:51.0032 4124 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
09:13:51.0032 4124 RDPREFMP - ok
09:13:51.0172 4124 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
09:13:51.0188 4124 RDPWD - ok
09:13:51.0469 4124 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
09:13:51.0469 4124 rdyboost - ok
09:13:51.0640 4124 regi (001b4278407f4303efc902a2b16f2453) C:\windows\system32\drivers\regi.sys
09:13:51.0640 4124 regi - ok
09:13:51.0843 4124 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys
09:13:51.0843 4124 RFCOMM - ok
09:13:52.0077 4124 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
09:13:52.0093 4124 rspndr - ok
09:13:52.0779 4124 RTL8167 (83f5445dc0ba1994c1f5ff02ba79cc3a) C:\windows\system32\DRIVERS\Rt86win7.sys
09:13:52.0779 4124 RTL8167 - ok
09:13:53.0934 4124 rtsuvc (8ff3ddaf28b92db8ccf249d36de4d551) C:\windows\system32\DRIVERS\rtsuvc.sys
09:13:54.0121 4124 rtsuvc - ok
09:13:54.0620 4124 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
09:13:54.0620 4124 sbp2port - ok
09:13:54.0870 4124 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
09:13:54.0870 4124 scfilter - ok
09:13:55.0182 4124 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
09:13:55.0182 4124 secdrv - ok
09:13:55.0447 4124 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
09:13:55.0447 4124 Serenum - ok
09:13:55.0634 4124 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
09:13:55.0634 4124 Serial - ok
09:13:55.0821 4124 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
09:13:55.0837 4124 sermouse - ok
09:13:56.0118 4124 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
09:13:56.0118 4124 sffdisk - ok
09:13:56.0352 4124 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
09:13:56.0367 4124 sffp_mmc - ok
09:13:56.0554 4124 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\windows\system32\DRIVERS\sffp_sd.sys
09:13:56.0554 4124 sffp_sd - ok
09:13:56.0726 4124 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
09:13:56.0742 4124 sfloppy - ok
09:13:57.0069 4124 Sftfs (8f00cc8cacf83dce5b35079f615b0f12) C:\windows\system32\DRIVERS\Sftfslh.sys
09:13:57.0085 4124 Sftfs - ok
09:13:57.0319 4124 Sftplay (afdb934586c4c8b2be39ae7eea6f52be) C:\windows\system32\DRIVERS\Sftplaylh.sys
09:13:57.0319 4124 Sftplay - ok
09:13:57.0584 4124 Sftredir (6b1865d82e0290729ed7496c24275592) C:\windows\system32\DRIVERS\Sftredirlh.sys
09:13:57.0584 4124 Sftredir - ok
09:13:57.0693 4124 Sftvol (621eccb1265a01ce2bdf6f2c5e727e2b) C:\windows\system32\DRIVERS\Sftvollh.sys
09:13:57.0693 4124 Sftvol - ok
09:13:57.0818 4124 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
09:13:57.0818 4124 sisagp - ok
09:13:57.0927 4124 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
09:13:57.0927 4124 SiSRaid2 - ok
09:13:58.0068 4124 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
09:13:58.0068 4124 SiSRaid4 - ok
09:13:58.0380 4124 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
09:13:58.0395 4124 Smb - ok
09:13:58.0738 4124 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
09:13:58.0754 4124 spldr - ok
09:13:58.0863 4124 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys
09:13:58.0863 4124 srv - ok
09:13:58.0941 4124 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys
09:13:58.0957 4124 srv2 - ok
09:13:59.0035 4124 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys
09:13:59.0035 4124 srvnet - ok
09:13:59.0128 4124 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
09:13:59.0144 4124 stexstor - ok
09:13:59.0581 4124 STHDA (c502802475b7a2cb843f9f815d7ddc36) C:\windows\system32\DRIVERS\stwrt.sys
09:13:59.0581 4124 STHDA - ok
09:13:59.0706 4124 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
09:13:59.0706 4124 swenum - ok
09:14:00.0220 4124 SynTP (916a6435b54bd87c65950425aed642b7) C:\windows\system32\DRIVERS\SynTP.sys
09:14:00.0220 4124 SynTP - ok
09:14:01.0141 4124 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\windows\system32\drivers\tcpip.sys
09:14:01.0188 4124 Tcpip - ok
09:14:02.0701 4124 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\windows\system32\DRIVERS\tcpip.sys
09:14:02.0716 4124 TCPIP6 - ok
09:14:03.0262 4124 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
09:14:03.0278 4124 tcpipreg - ok
09:14:03.0590 4124 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
09:14:03.0606 4124 TDPIPE - ok
09:14:04.0027 4124 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
09:14:04.0042 4124 TDTCP - ok
09:14:04.0448 4124 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys
09:14:04.0464 4124 tdx - ok
09:14:04.0822 4124 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
09:14:04.0822 4124 TermDD - ok
09:14:05.0228 4124 TPM (5ad05191dc8b444a7ba4d79b76c42a30) C:\windows\system32\drivers\tpm.sys
09:14:05.0244 4124 TPM - ok
09:14:05.0587 4124 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
09:14:05.0587 4124 tssecsrv - ok
09:14:05.0914 4124 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
09:14:05.0914 4124 tunnel - ok
09:14:06.0304 4124 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
09:14:06.0304 4124 uagp35 - ok
09:14:06.0601 4124 udfs (2efee45a340e1590e37c2f2bac16d051) C:\windows\system32\DRIVERS\udfs.sys
09:14:06.0601 4124 udfs - ok
09:14:06.0866 4124 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
09:14:06.0866 4124 uliagpkx - ok
09:14:07.0147 4124 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
09:14:07.0147 4124 umbus - ok
09:14:07.0459 4124 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
09:14:07.0474 4124 UmPass - ok
09:14:07.0740 4124 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\windows\system32\DRIVERS\usbccgp.sys
09:14:07.0740 4124 usbccgp - ok
09:14:07.0974 4124 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
09:14:07.0974 4124 usbcir - ok
09:14:08.0208 4124 usbehci (0eeedd78c2bedac75e8ed1ba8d77878b) C:\windows\system32\DRIVERS\usbehci.sys
09:14:08.0208 4124 usbehci - ok
09:14:08.0722 4124 usbhub (ba50148445e5b2b3abdba208fc9b6fb5) C:\windows\system32\DRIVERS\usbhub.sys
09:14:08.0738 4124 usbhub - ok
09:14:09.0112 4124 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\windows\system32\DRIVERS\usbohci.sys
09:14:09.0112 4124 usbohci - ok
09:14:09.0456 4124 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
09:14:09.0471 4124 usbprint - ok
09:14:09.0861 4124 USBSTOR (694c991cd0b8138888f086da6009adbc) C:\windows\system32\DRIVERS\USBSTOR.SYS
09:14:09.0861 4124 USBSTOR - ok
09:14:10.0314 4124 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\windows\system32\DRIVERS\usbuhci.sys
09:14:10.0314 4124 usbuhci - ok
09:14:10.0672 4124 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\windows\system32\Drivers\usbvideo.sys
09:14:10.0688 4124 usbvideo - ok
09:14:10.0938 4124 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
09:14:10.0938 4124 vdrvroot - ok
09:14:11.0234 4124 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
09:14:11.0250 4124 vga - ok
09:14:11.0640 4124 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
09:14:11.0640 4124 VgaSave - ok
09:14:11.0764 4124 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
09:14:11.0764 4124 vhdmp - ok
09:14:11.0952 4124 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
09:14:11.0967 4124 viaagp - ok
09:14:12.0186 4124 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
09:14:12.0186 4124 ViaC7 - ok
09:14:12.0420 4124 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
09:14:12.0435 4124 viaide - ok
09:14:12.0794 4124 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
09:14:12.0794 4124 volmgr - ok
09:14:13.0075 4124 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
09:14:13.0075 4124 volmgrx - ok
09:14:13.0231 4124 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
09:14:13.0231 4124 volsnap - ok
09:14:13.0449 4124 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
09:14:13.0496 4124 vsmraid - ok
09:14:13.0668 4124 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
09:14:13.0683 4124 vwifibus - ok
09:14:13.0886 4124 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
09:14:13.0902 4124 vwififlt - ok
09:14:14.0073 4124 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
09:14:14.0073 4124 WacomPen - ok
09:14:14.0276 4124 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
09:14:14.0292 4124 WANARP - ok
09:14:14.0292 4124 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
09:14:14.0292 4124 Wanarpv6 - ok
09:14:14.0526 4124 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
09:14:14.0557 4124 Wd - ok
09:14:14.0962 4124 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
09:14:14.0994 4124 Wdf01000 - ok
09:14:15.0508 4124 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
09:14:15.0508 4124 WfpLwf - ok
09:14:15.0992 4124 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
09:14:15.0992 4124 WIMMount - ok
09:14:16.0382 4124 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
09:14:16.0382 4124 WmiAcpi - ok
09:14:16.0491 4124 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
09:14:16.0507 4124 ws2ifsl - ok
09:14:16.0694 4124 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
09:14:16.0710 4124 WudfPf - ok
09:14:17.0100 4124 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
09:14:17.0100 4124 WUDFRd - ok
09:14:17.0521 4124 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:14:17.0786 4124 \Device\Harddisk0\DR0 - ok
09:14:17.0802 4124 Boot (0x1200) (87ef17a4cb23303a3192101380bf33eb) \Device\Harddisk0\DR0\Partition0
09:14:17.0802 4124 \Device\Harddisk0\DR0\Partition0 - ok
09:14:17.0833 4124 Boot (0x1200) (772dcdb6f7b8ff3dcd8922cc844a673a) \Device\Harddisk0\DR0\Partition1
09:14:17.0833 4124 \Device\Harddisk0\DR0\Partition1 - ok
09:14:17.0864 4124 Boot (0x1200) (e47471f86456c9434784b18ff4d30e43) \Device\Harddisk0\DR0\Partition2
09:14:17.0864 4124 \Device\Harddisk0\DR0\Partition2 - ok
09:14:17.0926 4124 Boot (0x1200) (660fa9eba5b10695e0d7b74a84f7b032) \Device\Harddisk0\DR0\Partition3
09:14:17.0942 4124 \Device\Harddisk0\DR0\Partition3 - ok
09:14:17.0942 4124 ============================================================
09:14:17.0942 4124 Scan finished
09:14:17.0942 4124 ============================================================
09:14:17.0958 1300 Detected object count: 0
09:14:17.0958 1300 Actual detected object count: 0

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:59 AM

Posted 14 February 2012 - 12:27 AM

Disable your antivirus while GMER runs,we need to update ASWMBR before running it.So internet connection is required temporarily.

good luck

#5 Camiilla

Camiilla
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 14 February 2012 - 05:00 AM

Hi,

Here is GMER log:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-02-14 13:59:49
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST932032 rev.0005
Running: download[1].exe; Driver: C:\Users\Camille\AppData\Local\Temp\pwdirkod.sys


---- System - GMER 1.0.15 ----

INT 0x60 ? 9345B7D8
INT 0x61 ? 9345BA58
INT 0x71 ? 9345BCD8

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82A7A5D9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82A9F092 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[368] USER32.dll!CreateWindowExW 75840E51 5 Bytes JMP 64FA810F C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[368] USER32.dll!DialogBoxIndirectParamW 75864AA7 5 Bytes JMP 650D00C8 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[368] USER32.dll!DialogBoxParamW 7586564A 5 Bytes JMP 64EC4B87 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[368] USER32.dll!DialogBoxParamA 7587CF6A 5 Bytes JMP 650D0065 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[368] USER32.dll!DialogBoxIndirectParamA 7587D29C 5 Bytes JMP 650D012B C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[368] USER32.dll!MessageBoxIndirectA 7588E8C9 5 Bytes JMP 650CFFFA C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[368] USER32.dll!MessageBoxIndirectW 7588E9C3 5 Bytes JMP 650CFF8F C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[368] USER32.dll!MessageBoxExA 7588EA29 1 Byte [E9]
.text C:\Program Files\Internet Explorer\iexplore.exe[368] USER32.dll!MessageBoxExA 7588EA29 5 Bytes JMP 650CFF2D C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[368] USER32.dll!MessageBoxExW 7588EA4D 5 Bytes JMP 650CFECB C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!CreateDialogParamW 75839BFF 5 Bytes JMP 64EFC590 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!EnableWindow 7583A72E 5 Bytes JMP 64EFC50B C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!GetAsyncKeyState 7583C09A 5 Bytes JMP 64EBD6D1 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!UnhookWindowsHookEx 7583CC7B 5 Bytes JMP 64FB8345 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!CallNextHookEx 7583CC8F 5 Bytes JMP 64F99D1C C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!CreateWindowExW 75840E51 5 Bytes JMP 64FA810F C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!SetWindowsHookExW 7584210A 5 Bytes JMP 64F5460B C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!GetKeyState 75844FDA 5 Bytes JMP 64EFD782 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!IsDialogMessageW 75846F06 5 Bytes JMP 64EC4264 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!CreateDialogParamA 75853E79 5 Bytes JMP 650D0CBE C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!IsDialogMessage 7585407A 5 Bytes JMP 650D055F C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!CreateDialogIndirectParamA 75859110 5 Bytes JMP 650D0CF5 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!CreateDialogIndirectParamW 758608AD 5 Bytes JMP 650D0D2C C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!DialogBoxIndirectParamW 75864AA7 5 Bytes JMP 650D00C8 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!EndDialog 7586555C 5 Bytes JMP 64EC5AC9 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!DialogBoxParamW 7586564A 5 Bytes JMP 64EC4B87 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!SetKeyboardState 75866B52 5 Bytes JMP 650D08C4 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!SendInput 75867055 5 Bytes JMP 650D1488 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!SetCursorPos 7587C1D8 5 Bytes JMP 650D14E0 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!DialogBoxParamA 7587CF6A 5 Bytes JMP 650D0065 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!DialogBoxIndirectParamA 7587D29C 5 Bytes JMP 650D012B C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!MessageBoxIndirectA 7588E8C9 5 Bytes JMP 650CFFFA C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!MessageBoxIndirectW 7588E9C3 5 Bytes JMP 650CFF8F C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!MessageBoxExA 7588EA29 1 Byte [E9]
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!MessageBoxExA 7588EA29 5 Bytes JMP 650CFF2D C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!MessageBoxExW 7588EA4D 5 Bytes JMP 650CFECB C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] USER32.dll!keybd_event 7588EC9B 5 Bytes JMP 650D1813 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] SHELL32.dll!SHChangeNotification_Lock + 45BA 7643B440 4 Bytes [11, 36, 35, 6F]
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] SHELL32.dll!SHChangeNotification_Lock + 45C2 7643B448 8 Bytes [5F, 35, 35, 6F, D0, 73, 34, ...] {POP EDI; XOR EAX, 0x73d06f35; XOR AL, 0x6f}
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] ole32.dll!OleLoadFromStream 754F5B88 5 Bytes JMP 650D041B C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3060] ole32.dll!CoCreateInstance 755457FC 5 Bytes JMP 64FA8BFD C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5296] USER32.dll!CreateWindowExW 75840E51 5 Bytes JMP 64FA810F C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5296] USER32.dll!DialogBoxIndirectParamW 75864AA7 5 Bytes JMP 650D00C8 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5296] USER32.dll!DialogBoxParamW 7586564A 5 Bytes JMP 64EC4B87 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5296] USER32.dll!DialogBoxParamA 7587CF6A 5 Bytes JMP 650D0065 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5296] USER32.dll!DialogBoxIndirectParamA 7587D29C 5 Bytes JMP 650D012B C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5296] USER32.dll!MessageBoxIndirectA 7588E8C9 5 Bytes JMP 650CFFFA C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5296] USER32.dll!MessageBoxIndirectW 7588E9C3 5 Bytes JMP 650CFF8F C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5296] USER32.dll!MessageBoxExA 7588EA29 1 Byte [E9]
.text C:\Program Files\Internet Explorer\iexplore.exe[5296] USER32.dll!MessageBoxExA 7588EA29 5 Bytes JMP 650CFF2D C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5296] USER32.dll!MessageBoxExW 7588EA4D 5 Bytes JMP 650CFECB C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!CreateDialogParamW 75839BFF 5 Bytes JMP 64EFC590 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!EnableWindow 7583A72E 5 Bytes JMP 64EFC50B C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!GetAsyncKeyState 7583C09A 5 Bytes JMP 64EBD6D1 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!UnhookWindowsHookEx 7583CC7B 5 Bytes JMP 64FB8345 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!CallNextHookEx 7583CC8F 5 Bytes JMP 64F99D1C C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!CreateWindowExW 75840E51 5 Bytes JMP 64FA810F C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!SetWindowsHookExW 7584210A 5 Bytes JMP 64F5460B C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!GetKeyState 75844FDA 5 Bytes JMP 64EFD782 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!IsDialogMessageW 75846F06 5 Bytes JMP 64EC4264 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!CreateDialogParamA 75853E79 5 Bytes JMP 650D0CBE C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!IsDialogMessage 7585407A 5 Bytes JMP 650D055F C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!CreateDialogIndirectParamA 75859110 5 Bytes JMP 650D0CF5 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!CreateDialogIndirectParamW 758608AD 5 Bytes JMP 650D0D2C C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!DialogBoxIndirectParamW 75864AA7 5 Bytes JMP 650D00C8 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!EndDialog 7586555C 5 Bytes JMP 64EC5AC9 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!DialogBoxParamW 7586564A 5 Bytes JMP 64EC4B87 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!SetKeyboardState 75866B52 5 Bytes JMP 650D08C4 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!SendInput 75867055 5 Bytes JMP 650D1488 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!SetCursorPos 7587C1D8 5 Bytes JMP 650D14E0 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!DialogBoxParamA 7587CF6A 5 Bytes JMP 650D0065 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!DialogBoxIndirectParamA 7587D29C 5 Bytes JMP 650D012B C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!MessageBoxIndirectA 7588E8C9 5 Bytes JMP 650CFFFA C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!MessageBoxIndirectW 7588E9C3 5 Bytes JMP 650CFF8F C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!MessageBoxExA 7588EA29 1 Byte [E9]
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!MessageBoxExA 7588EA29 5 Bytes JMP 650CFF2D C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!MessageBoxExW 7588EA4D 5 Bytes JMP 650CFECB C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] USER32.dll!keybd_event 7588EC9B 5 Bytes JMP 650D1813 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] SHELL32.dll!SHChangeNotification_Lock + 45BA 7643B440 4 Bytes [11, 36, 35, 6F]
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] SHELL32.dll!SHChangeNotification_Lock + 45C2 7643B448 8 Bytes [5F, 35, 35, 6F, D0, 73, 34, ...] {POP EDI; XOR EAX, 0x73d06f35; XOR AL, 0x6f}
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] ole32.dll!OleLoadFromStream 754F5B88 5 Bytes JMP 650D041B C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] ole32.dll!CoCreateInstance 755457FC 5 Bytes JMP 64FA8BFD C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] ws2_32.DLL!closesocket 75703BED 5 Bytes JMP 6F2C41DF C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] ws2_32.DLL!socket 75703F00 5 Bytes JMP 6F2C354C C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] ws2_32.DLL!recv 757047DF 5 Bytes JMP 6F2C4549 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] ws2_32.DLL!connect 757048BE 5 Bytes JMP 6F2C35DC C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] ws2_32.DLL!getaddrinfo 75706737 5 Bytes JMP 6F2C3704 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5672] ws2_32.DLL!send 7570C4C8 5 Bytes JMP 6F2C3B92 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\System32\rundll32.exe[2956] @ C:\windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75115E25] C:\windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2956] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75115E25] C:\windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2956] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75115E25] C:\windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2956] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75115E25] C:\windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6F339F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [6F343932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6F341ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [6F33C028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6F343B9B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\USER32.dll [KERNEL32.dll!FindClose] [6F34595C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [6F3447A8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [6F344EB8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [6F341D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6F33F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6F339F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6F341BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6F3406BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6F33FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6F341ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6F341A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6F340043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6F340CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [6F343932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6F341BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6F339F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6F3406BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6F341BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6F340CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [6F342ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [6F33F1BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [6F33F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [6F33FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6F341A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6F341ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [6F344EB8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [6F3447A8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6F33DF55] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6F3406BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [6F343932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [6F33DCFA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6F33DE25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6F340571] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6F339F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6F341D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [6F33DBCF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [6F3441F1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [6F34595C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [6F344735] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [6F344B56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [6F34823A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [6F3489C0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [6F348584] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [6F347E55] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [6F348CD4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [6F3490D9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [6F347C72] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [6F348D26] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [6F347F8E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [6F34794A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [6F347D19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [6F348898] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [6F3486C0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [6F348760] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsContentTypeW] [6F347EF3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegQueryUSValueW] [6F349B99] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegEnumUSKeyW] [6F34958E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyA] [6F3499D2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [6F348026] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [6F347F42] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [6F347AE4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [6F3497FC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathCanonicalizeW] [6F347BD1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [6F349C52] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [6F3498B5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [6F3477ED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [6F3496FD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [6F3481EE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [6F3480BE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [6F348286] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [6F348D75] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [6F347DBA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [6F348F70] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [6F34892C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyW] [6F349A2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [6F3492E3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [6F349E71] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [6F348E16] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [6F347B33] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [6F349029] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [6F34789A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [6F3483BC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [6F34861C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [6F348A5E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [6F348454] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [6F3484EC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [6F349974] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [6F348EBD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [6F33D9AD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [6F340F2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [6F341904] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [6F34141F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6F341A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [6F3409C2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6F33FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [6F33F834] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6F33F084] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6F3427FF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6F341BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6F33F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [6F33EB7A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [6F33E563] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [6F342ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6F3427DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [6F33E901] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6F340043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [6F33EE02] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6F341BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6F341A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [6F349974] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [6F349916] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [6F348A0C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [6F348D26] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [6F348E16] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [6F347D19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [6F348FCE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [6F349E16] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [6F349029] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [6F349E71] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!PathCombineW] [6F347C72] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [6F339F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [6F339F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3060] @ C:\Windows\System32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6F339F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6F339F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [6F343932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6F341ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [6F33C028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6F343B9B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\USER32.dll [KERNEL32.dll!FindClose] [6F34595C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [6F3447A8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [6F344EB8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [6F341D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6F33F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6F339F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6F341BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6F3406BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6F33FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6F341ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6F341A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6F340043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6F340CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [6F343932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6F341BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6F339F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6F3406BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6F341BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6F340CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [6F342ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [6F33F1BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [6F33F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [6F33FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6F341A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6F341ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [6F344EB8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [6F3447A8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6F33DF55] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6F3406BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [6F343932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [6F33DCFA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6F33DE25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6F340571] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6F339F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6F341D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [6F33DBCF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [6F3441F1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [6F34595C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [6F344735] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [6F344B56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [6F34823A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [6F3489C0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [6F348584] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [6F347E55] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [6F348CD4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [6F3490D9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [6F347C72] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [6F348D26] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [6F347F8E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [6F34794A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [6F347D19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [6F348898] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [6F3486C0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [6F348760] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsContentTypeW] [6F347EF3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegQueryUSValueW] [6F349B99] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegEnumUSKeyW] [6F34958E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyA] [6F3499D2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [6F348026] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [6F347F42] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [6F347AE4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [6F3497FC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathCanonicalizeW] [6F347BD1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [6F349C52] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [6F3498B5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [6F3477ED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [6F3496FD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [6F3481EE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [6F3480BE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [6F348286] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [6F348D75] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [6F347DBA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [6F348F70] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [6F34892C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyW] [6F349A2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [6F3492E3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [6F349E71] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [6F348E16] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [6F347B33] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [6F349029] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [6F34789A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [6F3483BC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [6F34861C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [6F348A5E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [6F348454] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [6F3484EC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [6F349974] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [6F348EBD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [6F33D9AD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [6F340F2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [6F341904] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [6F34141F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6F341A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [6F3409C2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6F33FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [6F33F834] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6F33F084] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6F3427FF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6F341BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6F33F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [6F33EB7A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [6F33E563] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [6F342ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6F3427DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [6F33E901] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6F340043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [6F33EE02] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6F341BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6F341A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [6F349974] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [6F349916] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [6F348A0C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [6F348D26] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [6F348E16] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [6F347D19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [6F348FCE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [6F349E16] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [6F349029] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [6F349E71] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\WININET.dll [SHLWAPI.dll!PathCombineW] [6F347C72] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [6F339F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [6F339F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5672] @ C:\Windows\System32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6F339F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)

Device \Driver\ACPI_HAL \Device\00000046 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Threads - GMER 1.0.15 ----

Thread System [4:4520] B9A3B9EA
Thread System [4:3520] B9A22762
Thread System [4:3516] B9A32BF3
Thread System [4:4556] B9A4FE0E
Thread System [4:4492] B9A677F6
Thread System [4:3128] B9A354CF
Thread System [4:4584] B9A602D1
Thread System [4:3548] B9A49E57
Thread System [4:4360] B9A49F02
Thread System [4:4588] B9A497B6
Thread System [4:4624] B9A49982

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\cc52afde9cf4
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\cc52afde9cf4 (not active ControlSet)

---- EOF - GMER 1.0.15 ----

#6 Camiilla

Camiilla
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 14 February 2012 - 05:13 AM

Hi,

Avast scan log:

aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-14 14:02:10
-----------------------------
14:02:10.260 OS Version: Windows 6.1.7600
14:02:10.260 Number of processors: 2 586 0x170A
14:02:10.276 ComputerName: CAMILLE-HP UserName: Camille
14:02:12.959 Initialize success
14:03:19.331 AVAST engine defs: 12021302
14:03:31.250 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:03:31.250 Disk 0 Vendor: ST932032 0005 Size: 305245MB BusType: 3
14:03:31.764 Disk 0 MBR read successfully
14:03:31.764 Disk 0 MBR scan
14:03:31.780 Disk 0 Windows 7 default MBR code
14:03:31.905 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
14:03:31.983 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 287534 MB offset 616448
14:03:32.092 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15360 MB offset 589486080
14:03:32.186 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 2049 MB offset 620943360
14:03:32.498 Disk 0 scanning sectors +625139712
14:03:33.122 Disk 0 scanning C:\windows\system32\drivers
14:05:46.018 Service scanning
14:05:46.471 Service MpNWMon C:\windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
14:05:47.110 Modules scanning
14:09:02.485 Disk 0 trace - called modules:
14:09:02.579 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys dxgkrnl.sys igdkmd32.sys dxgmms1.sys
14:09:02.579 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87239030]
14:09:02.594 3 CLASSPNP.SYS[88d8259e] -> nt!IofCallDriver -> [0x85773908]
14:09:02.594 5 ACPI.sys[8863e3b2] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8573d028]
14:09:04.404 AVAST engine scan C:\windows
14:11:39.899 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
14:11:39.914 The log file has been saved successfully to "C:\aswMBR.txt"

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:59 AM

Posted 14 February 2012 - 08:46 AM

Please run FULL SCAN of MALWAREBYTES and post the LOG here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#8 Camiilla

Camiilla
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 14 February 2012 - 09:52 AM

Malware Bytes:

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.14.01

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Camille :: CAMILLE-HP [administrator]

Protection: Enabled

2/14/2012 5:53:17 PM
mbam-log-2012-02-14 (17-53-17).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 262958
Time elapsed: 40 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#9 Camiilla

Camiilla
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 14 February 2012 - 10:28 AM

ESET online scanner says no threats were found.

:(

#10 Camiilla

Camiilla
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 14 February 2012 - 10:31 AM

Mini-toolbox results:


MiniToolBox by Farbar Version: 18-01-2012
Ran by Camille (administrator) on 14-02-2012 at 19:30:13
Microsoft Windows 7 Home Basic (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Ralink RT3090 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Camille-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Ralink RT3090 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : E0-2A-82-E2-F9-6E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::59e:e83:1cef:4cdf%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.104(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, February 14, 2012 4:27:07 PM
Lease Expires . . . . . . . . . . : Wednesday, February 15, 2012 4:27:07 PM
Default Gateway . . . . . . . . . : 192.168.1.100
DHCP Server . . . . . . . . . . . : 192.168.1.100
DHCPv6 IAID . . . . . . . . . . . : 232794754
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-C8-97-39-78-E3-B5-4D-F9-0F
DNS Servers . . . . . . . . . . . : 192.168.1.100
192.168.1.100
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 78-E3-B5-4D-F9-0F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{24EDCB4B-802F-40E1-8B6B-F1E89DC21536}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{CEE00ABC-D84B-4A47-84CB-508153F4893E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:80c:9f9:3f57:fe97(Preferred)
Link-local IPv6 Address . . . . . : fe80::80c:9f9:3f57:fe97%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.100

Name: google.com
Addresses: 173.194.34.130
173.194.34.131
173.194.34.132
173.194.34.133
173.194.34.134
173.194.34.135
173.194.34.136
173.194.34.137
173.194.34.138
173.194.34.139
173.194.34.140
173.194.34.141
173.194.34.142
173.194.34.143
173.194.34.128
173.194.34.129


Pinging google.com [173.194.34.130] with 32 bytes of data:
Reply from 173.194.34.130: bytes=32 time=143ms TTL=55
Reply from 173.194.34.130: bytes=32 time=143ms TTL=55

Ping statistics for 173.194.34.130:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 143ms, Maximum = 143ms, Average = 143ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.100

Name: yahoo.com
Addresses: 98.139.127.62
98.139.183.24
209.191.122.70


Pinging yahoo.com [98.139.127.62] with 32 bytes of data:
Reply from 98.139.127.62: bytes=32 time=638ms TTL=44
Reply from 98.139.127.62: bytes=32 time=535ms TTL=44

Ping statistics for 98.139.127.62:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 535ms, Maximum = 638ms, Average = 586ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.100

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=6ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 6ms, Average = 3ms
===========================================================================
Interface List
12...e0 2a 82 e2 f9 6e ......Ralink RT3090 802.11b/g/n WiFi Adapter
11...78 e3 b5 4d f9 0f ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.100 192.168.1.104 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.104 281
192.168.1.104 255.255.255.255 On-link 192.168.1.104 281
192.168.1.255 255.255.255.255 On-link 192.168.1.104 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.104 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.104 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:4137:9e76:80c:9f9:3f57:fe97/128
On-link
12 281 fe80::/64 On-link
15 306 fe80::/64 On-link
12 281 fe80::59e:e83:1cef:4cdf/128
On-link
15 306 fe80::80c:9f9:3f57:fe97/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 09 C:\Windows\system32\wshbth.dll [35840] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/14/2012 03:45:16 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (02/14/2012 02:47:43 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (02/14/2012 10:52:32 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (02/14/2012 09:05:21 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x81000101).

Error: (02/13/2012 10:53:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (02/13/2012 10:25:53 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (02/13/2012 10:13:34 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -501.

Error: (02/13/2012 10:13:33 AM) (Source: ESENT) (User: )
Description: Catalog Database (1388) Catalog Database: Unable to read the header of logfile C:\windows\system32\CatRoot2\edb.log. Error -501.

Error: (02/13/2012 10:13:33 AM) (Source: ESENT) (User: )
Description: Catalog Database (1388) Catalog Database: Unable to read the header of logfile C:\windows\system32\CatRoot2\edb.log. Error -501.

Error: (02/12/2012 08:04:27 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.


System errors:
=============
Error: (02/14/2012 03:02:45 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.

Error: (02/14/2012 03:02:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows 7 Service Pack 1 (KB976932).

Error: (02/14/2012 03:00:15 PM) (Source: Microsoft-Windows-Service Pack Installer) (User: Camille)
Description: Service Pack installation failed with error code 0x800b0100.

Error: (02/14/2012 02:47:45 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.119.1802.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (02/14/2012 02:47:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7.

Error: (02/14/2012 09:17:47 AM) (Source: Microsoft-Windows-Kernel-General) (User: SYSTEM)
Description: 0x8000002a171\??\Volume{f59c9324-54f7-11e1-9ba1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{212401DE-1044-424D-A09C-7DF7D818A062}

Error: (02/14/2012 09:09:19 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.119.1802.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (02/14/2012 09:09:19 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.119.1802.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (02/14/2012 09:09:19 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.119.1802.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (02/14/2012 09:05:05 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.119.1802.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================
Error: (02/14/2012 03:45:16 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (02/14/2012 02:47:43 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (02/14/2012 10:52:32 AM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (02/14/2012 09:05:21 AM) (Source: System Restore)(User: )
Description: C:\windows\system32\svchost.exe -k netsvcsWindows Update0x81000101

Error: (02/13/2012 10:53:40 AM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (02/13/2012 10:25:53 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (02/13/2012 10:13:34 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -501

Error: (02/13/2012 10:13:33 AM) (Source: ESENT)(User: )
Description: Catalog Database1388Catalog Database: C:\windows\system32\CatRoot2\edb.log-501

Error: (02/13/2012 10:13:33 AM) (Source: ESENT)(User: )
Description: Catalog Database1388Catalog Database: C:\windows\system32\CatRoot2\edb.log-501

Error: (02/12/2012 08:04:27 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.


=========================== Installed Programs ============================

ActiveCheck component for HP Active Support Library (Version: 3.0.0.3)
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
Bing Bar (Version: 6.0.2237.0)
Bing Bar Platform (Version: 6.0.2237.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Corel Home Office - CS Templates (Version: 5.6)
Corel Home Office - CT Templates (Version: 5.6)
Corel Home Office - IPM (Version: 5.6)
Corel Home Office - JP Templates (Version: 5.6)
Corel Home Office - KR Templates (Version: 5.6)
Corel Home Office - Launcher (Version: 5.6)
Corel Home Office - Templates RU (Version: 5.6)
Corel Home Office - Templates1 (Version: 5.6)
Corel Home Office (Version: 5.0.85.588)
Corel Home Office (Version: 5.6)
Energy Star Digital Logo (Version: 1.0.1)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.5.0.0)
HP ESU for Microsoft Windows 7 (Version: 1.1.6.1)
HP HotKey Support (Version: 3.5.15.1)
HP Setup (Version: 8.5.4371.3505)
HP SoftPaq Download Manager (Version: 3.0.5.0)
HP Software Framework (Version: 4.0.51.1)
HP Software Setup (Version: 7.0.1.6)
HP Support Assistant (Version: 5.0.14.2)
HP Web Camera (Version: 1.0.0)
HP Webcam (Version: 1.0.19.6)
HP Webcam Driver (Version: 6.1.7600.0084)
HP Wireless Assistant (Version: 3.50.10.1)
HPAsset component for HP Active Support Library (Version: 3.0.0.3)
IDT Audio (Version: 1.0.6268.0)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2057)
Intel® Rapid Storage Technology (Version: 9.6.0.1014)
InterVideo WinDVD 8 (Version: 8.5.10.54)
LightScribe System Software (Version: 1.18.11.1)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Search Enhancement Pack (Version: 3.0.126.0)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton Online Backup (Version: 2.1.17242)
PDF Complete Special Edition (Version: 3.5.116)
Ralink Motorola BC4 Bluetooth 3.0+HS Adapter (Version: 3.0.41.262)
Ralink RT3090 802.11b/g/n WiFi Adapter (Version: 1.2.0.27)
Realtek Ethernet Controller All-In-One Windows Driver (Version: 1.12.0011)
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.8.0)
Roxio Creator Business (Version: 10.3.56.21)
Roxio Creator Business v10 (Version: 3.8.0)
Roxio Creator Copy (Version: 3.8.0)
Roxio Creator Data (Version: 3.8.0)
Roxio Creator Tools (Version: 3.8.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Skype Toolbars (Version: 5.0.4137)
Skype™ 5.0 (Version: 5.0.156)
Synaptics Pointing Device Driver (Version: 15.0.4.0)
VLC media player 1.1.0-rc (Version: 1.1.0-rc)
Windows 7 Default Setting (Version: 1.0.1.6)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinZip 14.5 (Version: 14.5.9095)
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 1976.27 MB
Available physical RAM: 1100.28 MB
Total Pagefile: 3952.53 MB
Available Pagefile: 2824.22 MB
Total Virtual: 2047.88 MB
Available Virtual: 1931.6 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:280.79 GB) (Free:202.59 GB) NTFS
2 Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32

========================= Users: ========================================

User accounts for \\CAMILLE-HP

Administrator Camille Guest


**** End of log ****

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:59 AM

Posted 14 February 2012 - 10:42 AM

That looks clean


Please download GooredFix from one of the locations below and save it to your Desktop

http://jpshortstuff.247fixes.com/GooredFix.exe)

Launch it,When prompted to run the scan, click Yes.

GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

Let me know if you still face redirects,what kind of sites are you being redirected to?

Your log looks clean at this point

#12 Camiilla

Camiilla
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 14 February 2012 - 10:46 AM

GooredFix by jpshortstuff (03.07.10.1)
Log created at 19:45 on 14/02/2012 (Camille)
Firefox version [Unable to determine]

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [16:10 11/02/2012]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"msntoolbar@msn.com"="C:\Program Files\MSN Toolbar\Platform\6.0.2237.0\Firefox" [21:42 03/12/2010]
"{27182e60-b5f3-411c-b545-b44205977502}"="C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\" [21:42 03/12/2010]
"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}"="C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\" [21:42 03/12/2010]

-=E.O.F=-

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:59 AM

Posted 14 February 2012 - 10:55 AM

Let me know if you still face redirects,what kind of sites are you being redirected to?

#14 Camiilla

Camiilla
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 14 February 2012 - 11:03 AM

Maybe there are settings I need to change? When I go to www.google.com I get sent to www.google.ae (I am currently living in Dubai, so that is not weird, but what IS weird is that there is no possible way to get to google.com, how can I change that?) And is it possible to get rid of Bing in some very permanent way? I can't seem to uninstall it.

The problem started when I tried to go to www.yourtvseries.net, and was redirected to www.yourtvseries.eu, which seems to be completely unclickable, the grammar is dodgy, and the only button that works is "report bugs." Is yourtvseries.net and other similar sites a bit dodgy, or illegal in terms of copyright?

How can I make my windows update work again, is seems to be unable to install updates?

PS: thank you for your help with all the scans

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:59 AM

Posted 14 February 2012 - 11:30 AM

Maybe there are settings I need to change? When I go to www.google.com I get sent to www.google.ae (I am currently living in Dubai, so that is not weird, but what IS weird is that there is no possible way to get to google.com, how can I change that?

Just change your BROWSER home page to

http://www.google.com/ncr

It should take you to google.com

Press Windows+R key and type

appwiz.cpl and click ok

Uninstall BING BAR from your add or remove programs


Download MICROSOFT FIXIT

http://go.microsoft.com/?linkid=9666880

Run the FIXIT,restart the PC and try to update now

good luck

Edited by narenxp, 14 February 2012 - 11:31 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users