Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I have the Happilli virus and could really use some help


  • Please log in to reply
16 replies to this topic

#1 anglen9

anglen9

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:07 PM

Posted 02 May 2012 - 10:41 PM

Hello,the other day I somehow got the Happili redirect virus on my laptop. I have read many posts as to how to remove this so I tried the basic TDSSkiller and that didnt seem to notice anything. The next step seems to be running Combofix but I do not want to run something like that without expert help. I also have Norton with the Constant Guard Protection Suite but that did not find anything. Can someone please help me to remove this Happilli virus.

Edited by anglen9, 03 May 2012 - 12:10 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:07 PM

Posted 03 May 2012 - 12:31 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here


On which browser does redirect occur?

#3 anglen9

anglen9
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:07 PM

Posted 03 May 2012 - 07:17 PM

nrenxp,
Thanks for responding to my post. To answer your question I first noticed the redirect on Yahoo and then I tried Google and it did it as well. I ran the TDSSkiller and here is the log that you requested.

16:56:49.0886 6104 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
16:56:49.0917 6104 ============================================================
16:56:49.0917 6104 Current date / time: 2012/05/03 16:56:49.0917
16:56:49.0917 6104 SystemInfo:
16:56:49.0917 6104
16:56:49.0917 6104 OS Version: 6.0.6002 ServicePack: 2.0
16:56:49.0917 6104 Product type: Workstation
16:56:49.0917 6104 ComputerName: ANSEL-PC
16:56:49.0918 6104 UserName: Ansel
16:56:49.0918 6104 Windows directory: C:\Windows
16:56:49.0918 6104 System windows directory: C:\Windows
16:56:49.0918 6104 Processor architecture: Intel x86
16:56:49.0918 6104 Number of processors: 2
16:56:49.0918 6104 Page size: 0x1000
16:56:49.0918 6104 Boot type: Normal boot
16:56:49.0918 6104 ============================================================
16:56:51.0261 6104 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:56:51.0264 6104 ============================================================
16:56:51.0264 6104 \Device\Harddisk0\DR0:
16:56:51.0264 6104 MBR partitions:
16:56:51.0264 6104 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1802000, BlocksNum 0x11E16800
16:56:51.0264 6104 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13618800, BlocksNum 0x11E15800
16:56:51.0264 6104 ============================================================
16:56:51.0314 6104 C: <-> \Device\Harddisk0\DR0\Partition0
16:56:51.0367 6104 D: <-> \Device\Harddisk0\DR0\Partition1
16:56:51.0367 6104 ============================================================
16:56:51.0367 6104 Initialize success
16:56:51.0367 6104 ============================================================
16:57:01.0353 5232 ============================================================
16:57:01.0353 5232 Scan started
16:57:01.0353 5232 Mode: Manual; TDLFS;
16:57:01.0353 5232 ============================================================
16:57:02.0022 5232 accoca (ec4a5d4e36a8e49261cd823450e0ba51) C:\Program Files\ActivIdentity\ActivClient\accoca.exe
16:57:02.0025 5232 accoca - ok
16:57:02.0240 5232 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
16:57:02.0243 5232 ACPI - ok
16:57:02.0307 5232 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
16:57:02.0313 5232 adp94xx - ok
16:57:02.0379 5232 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
16:57:02.0383 5232 adpahci - ok
16:57:02.0414 5232 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
16:57:02.0417 5232 adpu160m - ok
16:57:02.0448 5232 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
16:57:02.0451 5232 adpu320 - ok
16:57:02.0494 5232 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
16:57:02.0495 5232 AeLookupSvc - ok
16:57:02.0565 5232 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
16:57:02.0569 5232 AFD - ok
16:57:02.0591 5232 AgereModemAudio (efbc44fbd75e4f80bd927aebf6e7eade) C:\Windows\system32\agrsmsvc.exe
16:57:02.0593 5232 AgereModemAudio - ok
16:57:02.0724 5232 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\Windows\system32\DRIVERS\AGRSM.sys
16:57:02.0734 5232 AgereSoftModem - ok
16:57:02.0906 5232 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
16:57:02.0909 5232 agp440 - ok
16:57:02.0950 5232 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
16:57:02.0952 5232 aic78xx - ok
16:57:02.0981 5232 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
16:57:02.0982 5232 ALG - ok
16:57:03.0002 5232 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
16:57:03.0004 5232 aliide - ok
16:57:03.0031 5232 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
16:57:03.0033 5232 amdagp - ok
16:57:03.0049 5232 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
16:57:03.0051 5232 amdide - ok
16:57:03.0074 5232 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
16:57:03.0076 5232 AmdK7 - ok
16:57:03.0099 5232 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
16:57:03.0102 5232 AmdK8 - ok
16:57:03.0144 5232 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
16:57:03.0145 5232 Appinfo - ok
16:57:03.0278 5232 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:57:03.0281 5232 Apple Mobile Device - ok
16:57:03.0337 5232 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
16:57:03.0339 5232 arc - ok
16:57:03.0386 5232 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
16:57:03.0388 5232 arcsas - ok
16:57:03.0415 5232 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
16:57:03.0417 5232 AsyncMac - ok
16:57:03.0445 5232 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
16:57:03.0446 5232 atapi - ok
16:57:03.0563 5232 athr (99d78248bfd454bfa9b5bec37350fade) C:\Windows\system32\DRIVERS\athr.sys
16:57:03.0571 5232 athr - ok
16:57:03.0659 5232 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
16:57:03.0663 5232 AudioEndpointBuilder - ok
16:57:03.0669 5232 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
16:57:03.0673 5232 Audiosrv - ok
16:57:03.0709 5232 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
16:57:03.0713 5232 Beep - ok
16:57:03.0784 5232 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
16:57:03.0787 5232 BFE - ok
16:57:04.0223 5232 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120413.001\BHDrvx86.sys
16:57:04.0232 5232 BHDrvx86 - ok
16:57:04.0370 5232 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
16:57:04.0381 5232 BITS - ok
16:57:04.0430 5232 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
16:57:04.0432 5232 blbdrive - ok
16:57:04.0585 5232 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files\Bonjour\mDNSResponder.exe
16:57:04.0627 5232 Bonjour Service - ok
16:57:04.0669 5232 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
16:57:04.0671 5232 bowser - ok
16:57:04.0698 5232 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
16:57:04.0700 5232 BrFiltLo - ok
16:57:04.0721 5232 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
16:57:04.0723 5232 BrFiltUp - ok
16:57:04.0850 5232 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
16:57:04.0852 5232 Browser - ok
16:57:04.0894 5232 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
16:57:04.0896 5232 Brserid - ok
16:57:04.0918 5232 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
16:57:04.0920 5232 BrSerWdm - ok
16:57:04.0941 5232 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
16:57:04.0943 5232 BrUsbMdm - ok
16:57:04.0964 5232 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
16:57:04.0966 5232 BrUsbSer - ok
16:57:04.0990 5232 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
16:57:04.0992 5232 BTHMODEM - ok
16:57:05.0033 5232 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
16:57:05.0035 5232 cdfs - ok
16:57:05.0078 5232 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
16:57:05.0080 5232 cdrom - ok
16:57:05.0128 5232 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
16:57:05.0129 5232 CertPropSvc - ok
16:57:05.0145 5232 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
16:57:05.0147 5232 circlass - ok
16:57:05.0194 5232 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
16:57:05.0197 5232 CLFS - ok
16:57:05.0325 5232 CLHNService (8b67044ae0621c005245ef62eef0746f) C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
16:57:05.0348 5232 CLHNService - ok
16:57:05.0414 5232 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:57:05.0418 5232 clr_optimization_v2.0.50727_32 - ok
16:57:05.0460 5232 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
16:57:05.0463 5232 CmBatt - ok
16:57:05.0480 5232 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
16:57:05.0483 5232 cmdide - ok
16:57:05.0491 5232 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
16:57:05.0492 5232 Compbatt - ok
16:57:05.0503 5232 COMSysApp - ok
16:57:05.0527 5232 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
16:57:05.0528 5232 crcdisk - ok
16:57:05.0555 5232 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
16:57:05.0557 5232 Crusoe - ok
16:57:05.0619 5232 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
16:57:05.0621 5232 CryptSvc - ok
16:57:05.0709 5232 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
16:57:05.0716 5232 DcomLaunch - ok
16:57:05.0748 5232 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
16:57:05.0749 5232 DfsC - ok
16:57:05.0948 5232 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
16:57:05.0964 5232 DFSR - ok
16:57:06.0162 5232 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
16:57:06.0165 5232 Dhcp - ok
16:57:06.0231 5232 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
16:57:06.0232 5232 disk - ok
16:57:06.0270 5232 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
16:57:06.0273 5232 DKbFltr - ok
16:57:06.0322 5232 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
16:57:06.0326 5232 Dnscache - ok
16:57:06.0362 5232 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
16:57:06.0365 5232 dot3svc - ok
16:57:06.0422 5232 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
16:57:06.0425 5232 DPS - ok
16:57:06.0539 5232 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
16:57:06.0543 5232 DritekPortIO - ok
16:57:06.0579 5232 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
16:57:06.0581 5232 drmkaud - ok
16:57:06.0669 5232 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
16:57:06.0676 5232 DXGKrnl - ok
16:57:06.0710 5232 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
16:57:06.0713 5232 E1G60 - ok
16:57:06.0761 5232 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
16:57:06.0764 5232 EapHost - ok
16:57:06.0824 5232 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
16:57:06.0826 5232 Ecache - ok
16:57:06.0945 5232 eDataSecurity Service (b1f2503e23425b386df0f3413b2596f3) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
16:57:06.0951 5232 eDataSecurity Service - ok
16:57:07.0068 5232 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
16:57:07.0073 5232 eeCtrl - ok
16:57:07.0144 5232 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
16:57:07.0147 5232 ehRecvr - ok
16:57:07.0176 5232 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
16:57:07.0178 5232 ehSched - ok
16:57:07.0202 5232 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
16:57:07.0203 5232 ehstart - ok
16:57:07.0408 5232 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
16:57:07.0413 5232 elxstor - ok
16:57:07.0498 5232 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
16:57:07.0506 5232 EMDMgmt - ok
16:57:07.0640 5232 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:57:07.0654 5232 EraserUtilRebootDrv - ok
16:57:07.0689 5232 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
16:57:07.0690 5232 ErrDev - ok
16:57:07.0754 5232 ETService (f25247d0e011a643ee60052ce23be05e) C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
16:57:07.0755 5232 ETService - ok
16:57:07.0827 5232 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
16:57:07.0832 5232 EventSystem - ok
16:57:07.0891 5232 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
16:57:07.0903 5232 exfat - ok
16:57:07.0945 5232 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
16:57:07.0956 5232 fastfat - ok
16:57:07.0975 5232 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
16:57:07.0977 5232 fdc - ok
16:57:08.0017 5232 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
16:57:08.0020 5232 fdPHost - ok
16:57:08.0030 5232 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
16:57:08.0033 5232 FDResPub - ok
16:57:08.0060 5232 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
16:57:08.0061 5232 FileInfo - ok
16:57:08.0087 5232 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
16:57:08.0089 5232 Filetrace - ok
16:57:08.0113 5232 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
16:57:08.0115 5232 flpydisk - ok
16:57:08.0158 5232 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
16:57:08.0161 5232 FltMgr - ok
16:57:08.0286 5232 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
16:57:08.0297 5232 FontCache - ok
16:57:08.0379 5232 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:57:08.0382 5232 FontCache3.0.0.0 - ok
16:57:08.0400 5232 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
16:57:08.0403 5232 Fs_Rec - ok
16:57:08.0442 5232 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
16:57:08.0444 5232 gagp30kx - ok
16:57:08.0468 5232 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:57:08.0471 5232 GEARAspiWDM - ok
16:57:08.0514 5232 GIDv2 (20f6c49e2c410fcd32d781f521579bf5) C:\Windows\system32\drivers\GIDv2.sys
16:57:08.0529 5232 GIDv2 - ok
16:57:08.0644 5232 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
16:57:08.0648 5232 GoogleDesktopManager-051210-111108 - ok
16:57:08.0742 5232 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
16:57:08.0750 5232 gpsvc - ok
16:57:08.0806 5232 gupdate1c9bfb8f3aa8c0 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
16:57:08.0808 5232 gupdate1c9bfb8f3aa8c0 - ok
16:57:08.0838 5232 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
16:57:08.0840 5232 gupdatem - ok
16:57:08.0896 5232 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:57:08.0899 5232 gusvc - ok
16:57:08.0974 5232 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
16:57:08.0978 5232 HdAudAddService - ok
16:57:09.0062 5232 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:57:09.0068 5232 HDAudBus - ok
16:57:09.0090 5232 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
16:57:09.0092 5232 HidBth - ok
16:57:09.0106 5232 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
16:57:09.0108 5232 HidIr - ok
16:57:09.0148 5232 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
16:57:09.0151 5232 hidserv - ok
16:57:09.0192 5232 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
16:57:09.0195 5232 HidUsb - ok
16:57:09.0231 5232 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
16:57:09.0235 5232 hkmsvc - ok
16:57:09.0262 5232 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
16:57:09.0264 5232 HpCISSs - ok
16:57:09.0429 5232 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
16:57:09.0432 5232 hpqcxs08 - ok
16:57:09.0473 5232 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
16:57:09.0475 5232 hpqddsvc - ok
16:57:09.0568 5232 HPSLPSVC (a04f4ac48895774a2cf9d1c9eaaacef0) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
16:57:09.0576 5232 HPSLPSVC - ok
16:57:09.0803 5232 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
16:57:09.0809 5232 HTTP - ok
16:57:09.0836 5232 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
16:57:09.0839 5232 i2omp - ok
16:57:09.0892 5232 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
16:57:09.0894 5232 i8042prt - ok
16:57:09.0945 5232 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
16:57:09.0948 5232 iaStorV - ok
16:57:10.0050 5232 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:57:10.0052 5232 IDriverT - ok
16:57:10.0208 5232 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:57:10.0218 5232 idsvc - ok
16:57:10.0504 5232 IDSVix86 (f9069ce7a7b9f9ba75d009b0ce3d7601) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120501.001\IDSvix86.sys
16:57:10.0510 5232 IDSVix86 - ok
16:57:10.0602 5232 IDVaultSvc (9eb85e7ee5d408fbd7968e695d088570) C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
16:57:10.0603 5232 IDVaultSvc - ok
16:57:10.0970 5232 igfx (0627fc0c422cd6e0f23e1b0d1d9f0899) C:\Windows\system32\DRIVERS\igdkmd32.sys
16:57:10.0994 5232 igfx - ok
16:57:11.0119 5232 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
16:57:11.0125 5232 iirsp - ok
16:57:11.0188 5232 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
16:57:11.0194 5232 IKEEXT - ok
16:57:11.0209 5232 int15 (58ff11c95c3681c9250914521cb9f036) C:\Windows\system32\drivers\int15.sys
16:57:11.0213 5232 int15 - ok
16:57:11.0463 5232 IntcAzAudAddService (cf2219a2fed4f8f2e0817a2bf1658799) C:\Windows\system32\drivers\RTKVHDA.sys
16:57:11.0498 5232 IntcAzAudAddService - ok
16:57:11.0685 5232 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
16:57:11.0687 5232 intelide - ok
16:57:11.0718 5232 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
16:57:11.0720 5232 intelppm - ok
16:57:11.0752 5232 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
16:57:11.0755 5232 IPBusEnum - ok
16:57:11.0779 5232 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:57:11.0782 5232 IpFilterDriver - ok
16:57:11.0828 5232 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
16:57:11.0832 5232 iphlpsvc - ok
16:57:11.0838 5232 IpInIp - ok
16:57:11.0868 5232 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
16:57:11.0870 5232 IPMIDRV - ok
16:57:11.0893 5232 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
16:57:11.0896 5232 IPNAT - ok
16:57:12.0030 5232 iPod Service (f62c69376a95795fe7cdb1c778edaca4) C:\Program Files\iPod\bin\iPodService.exe
16:57:12.0072 5232 iPod Service - ok
16:57:12.0089 5232 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
16:57:12.0091 5232 IRENUM - ok
16:57:12.0111 5232 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
16:57:12.0113 5232 isapnp - ok
16:57:12.0176 5232 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
16:57:12.0178 5232 iScsiPrt - ok
16:57:12.0202 5232 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
16:57:12.0204 5232 iteatapi - ok
16:57:12.0235 5232 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
16:57:12.0237 5232 iteraid - ok
16:57:12.0279 5232 JMCR (fa4a5b32cae6074205b26971191efee4) C:\Windows\system32\DRIVERS\jmcr.sys
16:57:12.0282 5232 JMCR - ok
16:57:12.0301 5232 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
16:57:12.0304 5232 kbdclass - ok
16:57:12.0322 5232 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
16:57:12.0324 5232 kbdhid - ok
16:57:12.0357 5232 KeyIso (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
16:57:12.0361 5232 KeyIso - ok
16:57:12.0414 5232 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
16:57:12.0418 5232 KSecDD - ok
16:57:12.0470 5232 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
16:57:12.0475 5232 KtmRm - ok
16:57:12.0530 5232 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
16:57:12.0534 5232 LanmanServer - ok
16:57:12.0582 5232 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
16:57:12.0587 5232 LanmanWorkstation - ok
16:57:12.0628 5232 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
16:57:12.0629 5232 lltdio - ok
16:57:12.0682 5232 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
16:57:12.0690 5232 lltdsvc - ok
16:57:12.0716 5232 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
16:57:12.0719 5232 lmhosts - ok
16:57:12.0751 5232 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
16:57:12.0753 5232 LSI_FC - ok
16:57:12.0781 5232 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
16:57:12.0784 5232 LSI_SAS - ok
16:57:12.0812 5232 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
16:57:12.0815 5232 LSI_SCSI - ok
16:57:12.0837 5232 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
16:57:12.0838 5232 luafv - ok
16:57:12.0857 5232 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
16:57:12.0876 5232 Mcx2Svc - ok
16:57:12.0915 5232 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
16:57:12.0917 5232 megasas - ok
16:57:12.0986 5232 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
16:57:12.0991 5232 MegaSR - ok
16:57:13.0018 5232 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\Windows\system32\drivers\mferkdk.sys
16:57:13.0020 5232 mferkdk - ok
16:57:13.0078 5232 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\Windows\system32\drivers\mfesmfk.sys
16:57:13.0080 5232 mfesmfk - ok
16:57:13.0120 5232 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
16:57:13.0124 5232 MMCSS - ok
16:57:13.0161 5232 MobilityService - ok
16:57:13.0190 5232 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
16:57:13.0191 5232 Modem - ok
16:57:13.0207 5232 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
16:57:13.0209 5232 monitor - ok
16:57:13.0231 5232 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
16:57:13.0234 5232 mouclass - ok
16:57:13.0252 5232 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
16:57:13.0254 5232 mouhid - ok
16:57:13.0270 5232 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
16:57:13.0271 5232 MountMgr - ok
16:57:13.0314 5232 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
16:57:13.0317 5232 mpio - ok
16:57:13.0344 5232 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
16:57:13.0347 5232 mpsdrv - ok
16:57:13.0415 5232 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
16:57:13.0423 5232 MpsSvc - ok
16:57:13.0444 5232 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
16:57:13.0446 5232 Mraid35x - ok
16:57:13.0486 5232 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
16:57:13.0488 5232 MRxDAV - ok
16:57:13.0533 5232 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:57:13.0535 5232 mrxsmb - ok
16:57:13.0587 5232 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:57:13.0590 5232 mrxsmb10 - ok
16:57:13.0608 5232 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:57:13.0610 5232 mrxsmb20 - ok
16:57:13.0647 5232 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
16:57:13.0648 5232 msahci - ok
16:57:13.0679 5232 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
16:57:13.0682 5232 msdsm - ok
16:57:13.0720 5232 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
16:57:13.0725 5232 MSDTC - ok
16:57:13.0739 5232 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
16:57:13.0741 5232 Msfs - ok
16:57:13.0776 5232 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
16:57:13.0777 5232 msisadrv - ok
16:57:13.0833 5232 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
16:57:13.0846 5232 MSiSCSI - ok
16:57:13.0852 5232 msiserver - ok
16:57:13.0892 5232 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
16:57:13.0894 5232 MSKSSRV - ok
16:57:13.0929 5232 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
16:57:13.0931 5232 MSPCLOCK - ok
16:57:13.0956 5232 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
16:57:13.0958 5232 MSPQM - ok
16:57:14.0008 5232 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
16:57:14.0011 5232 MsRPC - ok
16:57:14.0032 5232 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
16:57:14.0033 5232 mssmbios - ok
16:57:14.0050 5232 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
16:57:14.0052 5232 MSTEE - ok
16:57:14.0087 5232 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
16:57:14.0089 5232 Mup - ok
16:57:14.0246 5232 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
16:57:14.0257 5232 N360 - ok
16:57:14.0319 5232 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
16:57:14.0327 5232 napagent - ok
16:57:14.0383 5232 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
16:57:14.0386 5232 NativeWifiP - ok
16:57:14.0610 5232 NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120502.005\NAVENG.SYS
16:57:14.0627 5232 NAVENG - ok
16:57:14.0841 5232 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120502.005\NAVEX15.SYS
16:57:14.0888 5232 NAVEX15 - ok
16:57:15.0159 5232 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
16:57:15.0165 5232 NDIS - ok
16:57:15.0198 5232 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
16:57:15.0201 5232 NdisTapi - ok
16:57:15.0220 5232 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
16:57:15.0224 5232 Ndisuio - ok
16:57:15.0277 5232 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:57:15.0281 5232 NdisWan - ok
16:57:15.0299 5232 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
16:57:15.0302 5232 NDProxy - ok
16:57:15.0347 5232 Net Driver HPZ12 (80b7a96f908da13617e7e6832c5c6a64) C:\Windows\system32\HPZinw12.dll
16:57:15.0351 5232 Net Driver HPZ12 - ok
16:57:15.0365 5232 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
16:57:15.0367 5232 NetBIOS - ok
16:57:15.0418 5232 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
16:57:15.0423 5232 netbt - ok
16:57:15.0436 5232 Netlogon (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
16:57:15.0439 5232 Netlogon - ok
16:57:15.0489 5232 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
16:57:15.0495 5232 Netman - ok
16:57:15.0533 5232 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
16:57:15.0538 5232 netprofm - ok
16:57:15.0611 5232 netr28 (a013222a9a890ddaac967debade59ead) C:\Windows\system32\DRIVERS\netr28.sys
16:57:15.0617 5232 netr28 - ok
16:57:15.0697 5232 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:57:15.0700 5232 NetTcpPortSharing - ok
16:57:15.0733 5232 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
16:57:15.0735 5232 nfrd960 - ok
16:57:15.0767 5232 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
16:57:15.0772 5232 NlaSvc - ok
16:57:15.0811 5232 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
16:57:15.0812 5232 Npfs - ok
16:57:15.0831 5232 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
16:57:15.0835 5232 nsi - ok
16:57:15.0850 5232 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
16:57:15.0853 5232 nsiproxy - ok
16:57:16.0003 5232 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
16:57:16.0017 5232 Ntfs - ok
16:57:16.0074 5232 NTIBackupSvc (973dcb15731339fca176e534055cf115) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
16:57:16.0076 5232 NTIBackupSvc - ok
16:57:16.0092 5232 NTIDrvr (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys
16:57:16.0095 5232 NTIDrvr - ok
16:57:16.0131 5232 NTISchedulerSvc (58751f9248d50bce1053976c9e2f0859) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
16:57:16.0133 5232 NTISchedulerSvc - ok
16:57:16.0156 5232 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
16:57:16.0158 5232 ntrigdigi - ok
16:57:16.0172 5232 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
16:57:16.0174 5232 Null - ok
16:57:16.0204 5232 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
16:57:16.0206 5232 nvraid - ok
16:57:16.0224 5232 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
16:57:16.0226 5232 nvstor - ok
16:57:16.0257 5232 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
16:57:16.0259 5232 nv_agp - ok
16:57:16.0265 5232 NwlnkFlt - ok
16:57:16.0273 5232 NwlnkFwd - ok
16:57:16.0396 5232 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:57:16.0401 5232 odserv - ok
16:57:16.0434 5232 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
16:57:16.0436 5232 ohci1394 - ok
16:57:16.0472 5232 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:57:16.0474 5232 ose - ok
16:57:16.0585 5232 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
16:57:16.0593 5232 p2pimsvc - ok
16:57:16.0603 5232 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
16:57:16.0611 5232 p2psvc - ok
16:57:16.0632 5232 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
16:57:16.0634 5232 Parport - ok
16:57:16.0666 5232 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
16:57:16.0667 5232 partmgr - ok
16:57:16.0689 5232 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
16:57:16.0691 5232 Parvdm - ok
16:57:16.0726 5232 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
16:57:16.0729 5232 PcaSvc - ok
16:57:16.0776 5232 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
16:57:16.0778 5232 pci - ok
16:57:16.0797 5232 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
16:57:16.0799 5232 pciide - ok
16:57:16.0838 5232 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
16:57:16.0841 5232 pcmcia - ok
16:57:16.0962 5232 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
16:57:16.0970 5232 PEAUTH - ok
16:57:17.0136 5232 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
16:57:17.0151 5232 pla - ok
16:57:17.0319 5232 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
16:57:17.0324 5232 PlugPlay - ok
16:57:17.0363 5232 Pml Driver HPZ12 (0c155c5d8942b3cbcf9506a9d376b9ad) C:\Windows\system32\HPZipm12.dll
16:57:17.0365 5232 Pml Driver HPZ12 - ok
16:57:17.0450 5232 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
16:57:17.0458 5232 PNRPAutoReg - ok
16:57:17.0470 5232 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
16:57:17.0478 5232 PNRPsvc - ok
16:57:17.0537 5232 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
16:57:17.0542 5232 PolicyAgent - ok
16:57:17.0610 5232 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
16:57:17.0612 5232 PptpMiniport - ok
16:57:17.0629 5232 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
16:57:17.0631 5232 Processor - ok
16:57:17.0680 5232 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
16:57:17.0684 5232 ProfSvc - ok
16:57:17.0716 5232 ProtectedStorage (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
16:57:17.0718 5232 ProtectedStorage - ok
16:57:17.0757 5232 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
16:57:17.0758 5232 PSched - ok
16:57:17.0770 5232 PSDFilter (628321c8dd76ad369b362b202e655a68) C:\Windows\system32\DRIVERS\psdfilter.sys
16:57:17.0771 5232 PSDFilter - ok
16:57:17.0782 5232 PSDNServ (79d7117e62709c7690cf3dd55acead37) C:\Windows\system32\DRIVERS\PSDNServ.sys
16:57:17.0784 5232 PSDNServ - ok
16:57:17.0801 5232 psdvdisk (cae5e82827990cf4bd4a49576bde3a43) C:\Windows\system32\DRIVERS\PSDVdisk.sys
16:57:17.0803 5232 psdvdisk - ok
16:57:17.0935 5232 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
16:57:17.0944 5232 ql2300 - ok
16:57:17.0972 5232 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
16:57:17.0974 5232 ql40xx - ok
16:57:18.0022 5232 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
16:57:18.0027 5232 QWAVE - ok
16:57:18.0044 5232 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
16:57:18.0046 5232 QWAVEdrv - ok
16:57:18.0065 5232 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
16:57:18.0068 5232 RasAcd - ok
16:57:18.0087 5232 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
16:57:18.0090 5232 RasAuto - ok
16:57:18.0115 5232 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:57:18.0117 5232 Rasl2tp - ok
16:57:18.0163 5232 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
16:57:18.0168 5232 RasMan - ok
16:57:18.0207 5232 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
16:57:18.0209 5232 RasPppoe - ok
16:57:18.0221 5232 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
16:57:18.0223 5232 RasSstp - ok
16:57:18.0256 5232 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
16:57:18.0258 5232 rdbss - ok
16:57:18.0274 5232 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:57:18.0277 5232 RDPCDD - ok
16:57:18.0318 5232 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
16:57:18.0321 5232 rdpdr - ok
16:57:18.0327 5232 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
16:57:18.0330 5232 RDPENCDD - ok
16:57:18.0371 5232 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
16:57:18.0380 5232 RDPWD - ok
16:57:18.0431 5232 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
16:57:18.0434 5232 RemoteAccess - ok
16:57:18.0480 5232 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
16:57:18.0485 5232 RemoteRegistry - ok
16:57:18.0571 5232 RichVideo (17e0bef5ca5c9ce52cc8082ac6ebc449) C:\Program Files\Cyberlink\Shared files\RichVideo.exe
16:57:18.0619 5232 RichVideo - ok
16:57:18.0648 5232 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
16:57:18.0651 5232 RpcLocator - ok
16:57:18.0728 5232 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
16:57:18.0735 5232 RpcSs - ok
16:57:18.0797 5232 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
16:57:18.0799 5232 rspndr - ok
16:57:18.0869 5232 RS_Service (974af42fc1cb6dc35de34109bef80054) C:\Program Files\Acer\Acer VCM\RS_Service.exe
16:57:18.0916 5232 RS_Service - ok
16:57:18.0951 5232 RTL8169 (125c504a34d0a2e152517e342e7e432c) C:\Windows\system32\DRIVERS\Rtlh86.sys
16:57:18.0953 5232 RTL8169 - ok
16:57:18.0971 5232 SamSs (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
16:57:18.0973 5232 SamSs - ok
16:57:18.0994 5232 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
16:57:18.0996 5232 sbp2port - ok
16:57:19.0035 5232 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
16:57:19.0039 5232 SCardSvr - ok
16:57:19.0113 5232 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
16:57:19.0121 5232 Schedule - ok
16:57:19.0158 5232 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
16:57:19.0159 5232 SCPolicySvc - ok
16:57:19.0205 5232 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
16:57:19.0207 5232 sdbus - ok
16:57:19.0245 5232 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
16:57:19.0249 5232 SDRSVC - ok
16:57:19.0262 5232 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
16:57:19.0265 5232 secdrv - ok
16:57:19.0280 5232 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
16:57:19.0284 5232 seclogon - ok
16:57:19.0308 5232 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
16:57:19.0311 5232 SENS - ok
16:57:19.0330 5232 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
16:57:19.0331 5232 Serenum - ok
16:57:19.0355 5232 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
16:57:19.0357 5232 Serial - ok
16:57:19.0379 5232 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
16:57:19.0380 5232 sermouse - ok
16:57:19.0417 5232 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
16:57:19.0421 5232 SessionEnv - ok
16:57:19.0435 5232 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
16:57:19.0436 5232 sffdisk - ok
16:57:19.0456 5232 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
16:57:19.0458 5232 sffp_mmc - ok
16:57:19.0470 5232 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
16:57:19.0471 5232 sffp_sd - ok
16:57:19.0498 5232 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
16:57:19.0500 5232 sfloppy - ok
16:57:19.0550 5232 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
16:57:19.0553 5232 SharedAccess - ok
16:57:19.0614 5232 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
16:57:19.0619 5232 ShellHWDetection - ok
16:57:19.0643 5232 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
16:57:19.0645 5232 sisagp - ok
16:57:19.0671 5232 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
16:57:19.0673 5232 SiSRaid2 - ok
16:57:19.0700 5232 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
16:57:19.0702 5232 SiSRaid4 - ok
16:57:20.0062 5232 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
16:57:20.0100 5232 slsvc - ok
16:57:20.0262 5232 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
16:57:20.0267 5232 SLUINotify - ok
16:57:20.0331 5232 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
16:57:20.0335 5232 Smb - ok
16:57:20.0371 5232 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
16:57:20.0375 5232 SNMPTRAP - ok
16:57:20.0408 5232 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
16:57:20.0409 5232 spldr - ok
16:57:20.0462 5232 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
16:57:20.0468 5232 Spooler - ok
16:57:20.0614 5232 SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\N360\0502000.00D\SRTSP.SYS
16:57:20.0632 5232 SRTSP - ok
16:57:20.0660 5232 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\N360\0502000.00D\SRTSPX.SYS
16:57:20.0664 5232 SRTSPX - ok
16:57:20.0726 5232 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
16:57:20.0731 5232 srv - ok
16:57:20.0769 5232 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
16:57:20.0772 5232 srv2 - ok
16:57:20.0815 5232 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
16:57:20.0817 5232 srvnet - ok
16:57:20.0858 5232 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
16:57:20.0863 5232 SSDPSRV - ok
16:57:20.0913 5232 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
16:57:20.0918 5232 SstpSvc - ok
16:57:20.0968 5232 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
16:57:20.0970 5232 StillCam - ok
16:57:21.0041 5232 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
16:57:21.0050 5232 stisvc - ok
16:57:21.0073 5232 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
16:57:21.0077 5232 swenum - ok
16:57:21.0144 5232 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
16:57:21.0151 5232 swprv - ok
16:57:21.0168 5232 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
16:57:21.0170 5232 Symc8xx - ok
16:57:21.0271 5232 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\N360\0502000.00D\SYMDS.SYS
16:57:21.0291 5232 SymDS - ok
16:57:21.0404 5232 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\N360\0502000.00D\SYMEFA.SYS
16:57:21.0429 5232 SymEFA - ok
16:57:21.0478 5232 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS
16:57:21.0481 5232 SymEvent - ok
16:57:21.0524 5232 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\N360\0502000.00D\Ironx86.SYS
16:57:21.0536 5232 SymIRON - ok
16:57:21.0602 5232 SYMTDIv (d42a7229e333af725f1445f785e4658d) C:\Windows\System32\Drivers\N360\0502000.00D\SYMTDIV.SYS
16:57:21.0623 5232 SYMTDIv - ok
16:57:21.0653 5232 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
16:57:21.0655 5232 Sym_hi - ok
16:57:21.0679 5232 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
16:57:21.0681 5232 Sym_u3 - ok
16:57:21.0730 5232 SynTP (32e8b307f0e9f72b66b518fd62eab91e) C:\Windows\system32\DRIVERS\SynTP.sys
16:57:21.0734 5232 SynTP - ok
16:57:21.0814 5232 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
16:57:21.0824 5232 SysMain - ok
16:57:21.0851 5232 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
16:57:21.0856 5232 TabletInputService - ok
16:57:21.0911 5232 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
16:57:21.0919 5232 TapiSrv - ok
16:57:21.0938 5232 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
16:57:21.0943 5232 TBS - ok
16:57:22.0063 5232 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
16:57:22.0074 5232 Tcpip - ok
16:57:22.0091 5232 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
16:57:22.0100 5232 Tcpip6 - ok
16:57:22.0141 5232 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
16:57:22.0144 5232 tcpipreg - ok
16:57:22.0179 5232 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
16:57:22.0182 5232 TDPIPE - ok
16:57:22.0208 5232 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
16:57:22.0210 5232 TDTCP - ok
16:57:22.0253 5232 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
16:57:22.0256 5232 tdx - ok
16:57:22.0289 5232 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
16:57:22.0291 5232 TermDD - ok
16:57:22.0379 5232 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
16:57:22.0387 5232 TermService - ok
16:57:22.0449 5232 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
16:57:22.0456 5232 Themes - ok
16:57:22.0477 5232 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
16:57:22.0480 5232 THREADORDER - ok
16:57:22.0513 5232 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
16:57:22.0517 5232 TrkWks - ok
16:57:22.0577 5232 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
16:57:22.0578 5232 TrustedInstaller - ok
16:57:22.0609 5232 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:57:22.0611 5232 tssecsrv - ok
16:57:22.0636 5232 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
16:57:22.0639 5232 tunmp - ok
16:57:22.0655 5232 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
16:57:22.0658 5232 tunnel - ok
16:57:22.0686 5232 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
16:57:22.0688 5232 uagp35 - ok
16:57:22.0704 5232 UBHelper (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys
16:57:22.0705 5232 UBHelper - ok
16:57:22.0761 5232 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
16:57:22.0764 5232 udfs - ok
16:57:22.0790 5232 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
16:57:22.0794 5232 UI0Detect - ok
16:57:22.0819 5232 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
16:57:22.0821 5232 uliagpkx - ok
16:57:22.0866 5232 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
16:57:22.0869 5232 uliahci - ok
16:57:22.0898 5232 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
16:57:22.0900 5232 UlSata - ok
16:57:22.0931 5232 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
16:57:22.0933 5232 ulsata2 - ok
16:57:22.0950 5232 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
16:57:22.0953 5232 umbus - ok
16:57:22.0992 5232 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
16:57:22.0997 5232 upnphost - ok
16:57:23.0042 5232 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
16:57:23.0044 5232 USBAAPL - ok
16:57:23.0092 5232 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
16:57:23.0094 5232 usbaudio - ok
16:57:23.0125 5232 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
16:57:23.0127 5232 usbccgp - ok
16:57:23.0157 5232 USBCCID (32c068eaf37c92d7194eee1faa1e7853) C:\Windows\system32\DRIVERS\usbccid.sys
16:57:23.0159 5232 USBCCID - ok
16:57:23.0183 5232 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
16:57:23.0185 5232 usbcir - ok
16:57:23.0211 5232 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
16:57:23.0213 5232 usbehci - ok
16:57:23.0258 5232 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
16:57:23.0261 5232 usbhub - ok
16:57:23.0282 5232 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
16:57:23.0284 5232 usbohci - ok
16:57:23.0302 5232 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
16:57:23.0303 5232 usbprint - ok
16:57:23.0326 5232 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:57:23.0328 5232 USBSTOR - ok
16:57:23.0346 5232 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
16:57:23.0348 5232 usbuhci - ok
16:57:23.0389 5232 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
16:57:23.0392 5232 usbvideo - ok
16:57:23.0422 5232 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
16:57:23.0429 5232 UxSms - ok
16:57:23.0499 5232 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
16:57:23.0509 5232 vds - ok
16:57:23.0533 5232 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
16:57:23.0535 5232 vga - ok
16:57:23.0544 5232 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
16:57:23.0549 5232 VgaSave - ok
16:57:23.0570 5232 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
16:57:23.0573 5232 viaagp - ok
16:57:23.0597 5232 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
16:57:23.0600 5232 ViaC7 - ok
16:57:23.0621 5232 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
16:57:23.0623 5232 viaide - ok
16:57:23.0646 5232 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
16:57:23.0648 5232 volmgr - ok
16:57:23.0708 5232 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
16:57:23.0711 5232 volmgrx - ok
16:57:23.0758 5232 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
16:57:23.0760 5232 volsnap - ok
16:57:23.0790 5232 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
16:57:23.0793 5232 vsmraid - ok
16:57:23.0925 5232 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
16:57:23.0941 5232 VSS - ok
16:57:24.0008 5232 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
16:57:24.0015 5232 W32Time - ok
16:57:24.0095 5232 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
16:57:24.0097 5232 WacomPen - ok
16:57:24.0124 5232 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
16:57:24.0126 5232 Wanarp - ok
16:57:24.0132 5232 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
16:57:24.0134 5232 Wanarpv6 - ok
16:57:24.0189 5232 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
16:57:24.0197 5232 wcncsvc - ok
16:57:24.0226 5232 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
16:57:24.0230 5232 WcsPlugInService - ok
16:57:24.0255 5232 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
16:57:24.0257 5232 Wd - ok
16:57:24.0325 5232 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
16:57:24.0329 5232 Wdf01000 - ok
16:57:24.0356 5232 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
16:57:24.0360 5232 WdiServiceHost - ok
16:57:24.0365 5232 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
16:57:24.0372 5232 WdiSystemHost - ok
16:57:24.0427 5232 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
16:57:24.0432 5232 WebClient - ok
16:57:24.0475 5232 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
16:57:24.0480 5232 Wecsvc - ok
16:57:24.0495 5232 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
16:57:24.0499 5232 wercplsupport - ok
16:57:24.0545 5232 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
16:57:24.0549 5232 WerSvc - ok
16:57:24.0631 5232 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
16:57:24.0634 5232 WinDefend - ok
16:57:24.0644 5232 WinHttpAutoProxySvc - ok
16:57:24.0731 5232 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
16:57:24.0733 5232 Winmgmt - ok
16:57:24.0881 5232 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
16:57:24.0895 5232 WinRM - ok
16:57:24.0980 5232 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
16:57:24.0991 5232 Wlansvc - ok
16:57:25.0289 5232 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:57:25.0307 5232 wlidsvc - ok
16:57:25.0508 5232 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:57:25.0510 5232 WmiAcpi - ok
16:57:25.0594 5232 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
16:57:25.0596 5232 wmiApSrv - ok
16:57:25.0730 5232 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
16:57:25.0739 5232 WMPNetworkSvc - ok
16:57:25.0772 5232 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
16:57:25.0778 5232 WPCSvc - ok
16:57:25.0825 5232 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
16:57:25.0831 5232 WPDBusEnum - ok
16:57:25.0901 5232 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
16:57:25.0903 5232 WpdUsb - ok
16:57:25.0938 5232 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
16:57:25.0940 5232 ws2ifsl - ok
16:57:25.0982 5232 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
16:57:25.0987 5232 wscsvc - ok
16:57:25.0993 5232 WSearch - ok
16:57:26.0229 5232 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
16:57:26.0252 5232 wuauserv - ok
16:57:26.0439 5232 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:57:26.0442 5232 WUDFRd - ok
16:57:26.0478 5232 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
16:57:26.0483 5232 wudfsvc - ok
16:57:26.0644 5232 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
16:57:26.0651 5232 YahooAUService - ok
16:57:26.0684 5232 MBR (0x1B8) (ef9cdc51b437d322d54016b68f003416) \Device\Harddisk0\DR0
16:57:29.0360 5232 \Device\Harddisk0\DR0 - ok
16:57:29.0391 5232 Boot (0x1200) (ed7101971908ac6d0b68885e3602185b) \Device\Harddisk0\DR0\Partition0
16:57:29.0393 5232 \Device\Harddisk0\DR0\Partition0 - ok
16:57:29.0425 5232 Boot (0x1200) (3714fbd3303369149593c9b48ed00f3e) \Device\Harddisk0\DR0\Partition1
16:57:29.0427 5232 \Device\Harddisk0\DR0\Partition1 - ok
16:57:29.0428 5232 ============================================================
16:57:29.0428 5232 Scan finished
16:57:29.0428 5232 ============================================================
16:57:29.0444 2440 Detected object count: 0
16:57:29.0444 2440 Actual detected object count: 0

I will now download and run the GMER and repost. I am also finding that when I am typing his to you many of the letters are not showing up so I am having to go back and retype. Not sure why but maybe it is related. Thanks again and I will post new log soon.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:07 PM

Posted 03 May 2012 - 07:24 PM

Can you say me on which browser(firefox or internet explorer) does redirect occur?

I will wait for the logs :thumbsup:

#5 anglen9

anglen9
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:07 PM

Posted 03 May 2012 - 07:39 PM

I run IE. I tried to run the MGER and a little bit into it I got "fljf5975.exe has stopped working" "windows will close program" I saw that it had stopped at this file \device\harddisk volumeshadowcopy1 then everything shutoff and went to blue reboot screen but it took forever to reboot. should i try the MGER again?

#6 anglen9

anglen9
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:07 PM

Posted 03 May 2012 - 07:43 PM

Also when I clicked the MGER link a window popped up and asked if Itrust site and wanted to continue. I thought I shut all of Norton off for 5 hours but maybe I missed something.

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:07 PM

Posted 03 May 2012 - 08:25 PM

Disable norton before running GMER ,if that doesnt work ignore GMER and run aswmbr

good luck

#8 anglen9

anglen9
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:07 PM

Posted 03 May 2012 - 09:31 PM

OK, the windows firewall was still running so i shut it off and here is the GMER log.

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-05-03 19:27:27
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD3200BEVT-22ZCT0 rev.11.01A11
Running: 2bh7k5ue.exe; Driver: C:\Users\Ansel\AppData\Local\Temp\uwdorpow.sys


---- System - GMER 1.0.15 ----

SSDT 882F1EF0 ZwAlertResumeThread
SSDT 882F1FD0 ZwAlertThread
SSDT 87C29940 ZwAllocateVirtualMemory
SSDT 88EFDA68 ZwAlpcConnectPort
SSDT 87EF14C0 ZwAssignProcessToJobObject
SSDT 882F1C40 ZwCreateMutant
SSDT 87A0CDD0 ZwCreateSymbolicLinkObject
SSDT 87C29E28 ZwCreateThread
SSDT 879FEA80 ZwDebugActiveProcess
SSDT 87C29B10 ZwDuplicateObject
SSDT 87C29760 ZwFreeVirtualMemory
SSDT 882F1D30 ZwImpersonateAnonymousToken
SSDT 882F1E10 ZwImpersonateThread
SSDT 882F16B0 ZwLoadDriver
SSDT 87C29660 ZwMapViewOfSection
SSDT 882F1B40 ZwOpenEvent
SSDT 87C29CF0 ZwOpenProcess
SSDT 87C29A30 ZwOpenProcessToken
SSDT 882F1790 ZwOpenSection
SSDT 87C29C00 ZwOpenThread
SSDT 87A0CF80 ZwProtectVirtualMemory
SSDT 87C290D0 ZwResumeThread
SSDT 87C293B0 ZwSetContextThreadSSDT 87C29490 ZwSetInformationProcess
SSDT 882F15D0 ZwSetSystemInformation
SSDT 882F1A60 ZwSuspendProcess
SSDT 87C291F0 ZwSuspendThread
SSDT 87C29F08 ZwTerminateProcess
SSDT 87C292D0 ZwTerminateThread
SSDT 87C29580 ZwUnmapViewOfSection
SSDT 87C29850 ZwWriteVirtualMemory
SSDT 87A0CEA0 ZwCreateThreadEx

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 11D 824EA8A0 8 Bytes [F0, 1E, 2F, 88, D0, 1F, 2F, ...]
.text ntkrnlpa.exe!KeSetEvent + 131 824EA8B4 4 Bytes [40, 99, C2, 87]
.text ntkrnlpa.exe!KeSetEvent + 13D 824EA8C0 4 Bytes [68, DA, EF, 88]
.text ntkrnlpa.exe!KeSetEvent + 191 824EA914 4 Bytes [C0, 14, EF, 87] {RCL BYTE [EDI+EBP*8], 0x87}
.text ntkrnlpa.exe!KeSetEvent + 1F5 824EA978 4 Bytes [40, 1C, 2F, 88]
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Windows\Explorer.EXE[1216] SHELL32.dll!SHGetFolderPathAndSubDirW + 81C5 75EEB37C 4 Bytes [00, 26, 00, 10] {ADD [ESI], AH; ADD [EAX], DL}
.text C:\Program Files\Internet Explorer\iexplore.exe[4936] USER32.dll!EnableWindow 7710CD8B 5 Bytes JMP 69B09934 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4936] USER32.dll!DialogBoxParamW 771310B0 5 Bytes JMP 69A6160B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4936] USER32.dll!DialogBoxIndirectParamW 77132EF5 5 Bytes JMP 69C5605E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4936] USER32.dll!DialogBoxParamA 77148152 5 Bytes JMP 69C55FF9 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4936] USER32.dll!DialogBoxIndirectParamA 7714847D 5 Bytes JMP 69C560C3 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4936] USER32.dll!MessageBoxIndirectA 7715D4D9 5 Bytes JMP 69C55F80 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4936] USER32.dll!MessageBoxIndirectW 7715D5D3 5 Bytes JMP 69C55F07 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4936] USER32.dll!MessageBoxExA 7715D639 5 Bytes JMP 69C55EA3 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4936] USER32.dll!MessageBoxExW 7715D65D 5 Bytes JMP 69C55E3F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] ntdll.dll!NtMapViewOfSection 77204974 5 Bytes JMP 0383003A
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] ntdll.dll!NtSetInformationProcess 77205174 5 Bytes JMP 038300F7
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] kernel32.dll!ReadProcessMemory + 3E 769D1CB3 7 Bytes JMP 038301B0
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] kernel32.dll!WriteProcessMemory + 106 769D1DBE 7 Bytes JMP 038303D2
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] kernel32.dll!CreateIoCompletionPort + 52 769F9DA6 7 Bytes JMP 03830488
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] kernel32.dll!VirtualAllocEx + 54 76A1AF70 7 Bytes JMP 0383031C
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] kernel32.dll!CreateThread 76A1CB2E 5 Bytes JMP 69AC723B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] kernel32.dll!GetProcessHandleCount + 35 76A65D4F 7 Bytes JMP 03830266
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!CreateDialogParamW 771072A2 5 Bytes JMP 69C563C8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!GetAsyncKeyState 7710863C 5 Bytes JMP 69AADCCD C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!SetWindowsHookExW 771087AD 5 Bytes JMP 69B020C4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!CallNextHookEx 77108E3B 5 Bytes JMP 69B27ACF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!UnhookWindowsHookEx 771098DB 5 Bytes JMP 69B4EA88 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!EnableWindow 7710CD8B 5 Bytes JMP 69B09934 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!DefWindowProcA 7710DB88 7 Bytes JMP 69AC9465 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!CreateWindowExA 7710DC2A 5 Bytes JMP 69AD3293 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!CreateWindowExW 77111305 5 Bytes JMP 69B2FEAF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!GetKeyState 77118CB1 5 Bytes JMP 69AADBA7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!DefWindowProcW 771203B4 7 Bytes JMP 69B27B32 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!IsDialogMessageW 77120745 5 Bytes JMP 69C56B23 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!CreateDialogParamA 771217AA 5 Bytes JMP 69C56390 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!IsDialogMessage 77121847 5 Bytes JMP 69C56AFB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!CreateDialogIndirectParamA 771226F1 5 Bytes JMP 69C56400 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!CreateDialogIndirectParamW 77129A62 5 Bytes JMP 69C56438 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!SetKeyboardState 77130987 5 Bytes JMP 69C573E9 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!DialogBoxParamW 771310B0 5 Bytes JMP 69A6160B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!DialogBoxIndirectParamW 77132EF5 5 Bytes JMP 69C5605E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!SendInput 77132F75 5 Bytes JMP 69C57391 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!EndDialog 7713326E 5 Bytes JMP 69C56DCF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!SetCursorPos 77146FB2 5 Bytes JMP 69C5746A C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!DialogBoxParamA 77148152 5 Bytes JMP 69C55FF9 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!DialogBoxIndirectParamA 7714847D 5 Bytes JMP 69C560C3 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!MessageBoxIndirectA 7715D4D9 5 Bytes JMP 69C55F80 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!MessageBoxIndirectW 7715D5D3 5 Bytes JMP 69C55F07 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!MessageBoxExA 7715D639 5 Bytes JMP 69C55EA3 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!MessageBoxExW 7715D65D 5 Bytes JMP 69C55E3F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] USER32.dll!keybd_event 7715D972 5 Bytes JMP 69C5734E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] SHELL32.dll!SHRestricted + D95 75F389A8 4 Bytes [CF, 01, FA, 65]
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] SHELL32.dll!SHRestricted + D9D 75F389B0 8 Bytes [E0, 61, F9, 65, 79, F7, F9, ...]
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] ole32.dll!OleLoadFromStream 75B51E80 5 Bytes JMP 69C5682D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] ole32.dll!CoGetTreatAsClass + D2F 75B6FAE3 7 Bytes JMP 0383053E
.text C:\Program Files\Internet Explorer\iexplore.exe[5016] ole32.dll!CoCreateInstance + 3E 75B89F7C 7 Bytes JMP 038305F8

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73CC7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73D1A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73CCBB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73CBF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73CC75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73CBE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73CF8395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [73CCDA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73CBFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73CBFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73CB71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [73D4CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [73CEC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73CBD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73CB6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73CB687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73CC2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [100027E0] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [10001D90] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [10002B30] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.)
IAT C:\Windows\Explorer.EXE[1216] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [100011D0] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [65F947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [65F947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [65FA029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [65F95EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [65FABC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [65FAE089] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [65FAC811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [65FA7F4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [65FAF500] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [65FAF94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [65FB07CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [65FAFCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [65F96D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [65F963E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [65FAB56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [65F94E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [65F947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [65FAABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [65FA1555] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegEnumValueW] [65FA0E28] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [65F960B5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] [65F97278] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] [65FB33C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [65FA19CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCloseKey] [65F96692] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [65F95EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [65F96D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [65FABC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [65F947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [65F94E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [65F963E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [65FA029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [65FAC811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindClose] [65FAF94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileA] [65FAF9A0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileA] [65FB072B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileW] [65FAFCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileW] [65FB07CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesA] [65FA0ADF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryA] [65FAEFD7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesA] [65FA9229] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryA] [65FAE73F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryA] [65FAECFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileA] [65FAC6B1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesW] [65F95F62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryW] [65FAF500] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesW] [65FA939B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryW] [65F96291] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileW] [65FAC811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileW] [65FAE089] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryW] [65FAEE67] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileA] [65FADFBD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [65F947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [65F96D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [65FA7BE8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [65FA7F4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileA] [65F9F1F1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileW] [65F963E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] [65F94E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [65F94E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [65FAE457] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [65FAB56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [65FAABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [65FAAA37] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [65FAC811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [65F95EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [65FA939B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [65F963E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [65FAFCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [65FB07CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [65FA029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [65F95F62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [65FA9229] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [65F9F1F1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [65FAF9A0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [65FB072B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [65FAF94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [65FAF2BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [65FA0ADF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [65F96D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [65F947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpW] [65FAD6BF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpA] [65FAD557] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCloseKey] [65F96692] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [65FB2FB4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyA] [65FB327D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyA] [65FB3B2F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [65F9EEBD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [65FA19CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [65F960B5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExW] [65FA0859] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] [65FB3983] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] [65FB33C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyW] [65FA1555] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] [65F97278] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueW] [65FA0E28] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyW] [65FB3E89] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExA] [65F9F30B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueA] [65FB3FED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyA] [65FB3D27] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] [65F9FCC5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [65FAA56D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW] [65FB07CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [65FAE457] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [65FAA89F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [65FAB245] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [65FAB56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [65FAC49D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetCurrentDirectoryW] [65FAF500] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [65FABC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [65FA9F4B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [65F95EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [65FA7F4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [65FAE089] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW] [65FAFCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindClose] [65FAF94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [65FA9AF3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesA] [65FA0ADF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SearchPathW] [65FA029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [65FAA249] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [65FAABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!RemoveDirectoryW] [65FAEE67] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateDirectoryW] [65F96291] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [65FAC811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [65FA939B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesW] [65F95F62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [65FAE0C1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameW] [65FA9C69] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [65F94E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [65F963E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesExW] [65FA968F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [65F96D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetLongPathNameW] [65FA997F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [65FACB0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [65FAD6BF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [65FAD11F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [65FB0DFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [65F9F725] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [65F9F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [65FB0D47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [65FB1F32] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [65FB1095] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [65F9FB25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [65FB12D2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [65F9FA79] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [65FB1542] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [65FB1590] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [65FB1C5E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [65FB1191] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [65FB1BC6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [65FB19EE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [65F9E265] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [65FB1B2E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [65FB136E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsSystemFolderW] [65FB162F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [65FB1284] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [65FB194A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [65FB0F4E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [65FB2769] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [65FB2937] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [65F97430] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [65FA0178] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [65F9FC0B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [65F94984] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [65FB140A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [65FB17B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [65FB171C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [65FB1CAC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [65FB18A2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [65F9FA2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [65F95D08] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [65F94927] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [65FB0F9F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [65FB2028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [65FB2B62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [65FB20D3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [65FB218A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [65FA0123] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [65FB1F83] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [65FA8C1A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindClose] [65FAF94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindFirstFileW] [65FAFCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [65F95EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SearchPathW] [65FA029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [65FA7F4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [65FAC811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetShortPathNameW] [65FA9C69] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [65FA968F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [65F963E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [65F94E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [65F95F62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [65F96D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [65F9F6D1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [65FB1F32] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [65FB2028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [65FB2B05] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [65FB2B62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [65FA0178] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetUSValueA] [65F964C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [65F94CAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [65F94927] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [65F94984] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [65F96528] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [65F947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [65F947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] [65F947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [65F947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [65F947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [65F947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [65F947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5016] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [65F947BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Udp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\RawIp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)

---- EOF - GMER 1.0.15 ----

Now I will do the aswMBR as requested.

#9 anglen9

anglen9
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:07 PM

Posted 03 May 2012 - 10:18 PM

narenxp,
here is the aswMBR log. please let me know what to do next, thanks.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-03 19:32:09
-----------------------------
19:32:09.187 OS Version: Windows 6.0.6002 Service Pack 2
19:32:09.188 Number of processors: 2 586 0x170A
19:32:09.188 ComputerName: ANSEL-PC UserName: Ansel
19:32:11.346 Initialize success
19:32:42.568 AVAST engine defs: 12050301
19:32:50.377 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:32:50.380 Disk 0 Vendor: WDC_WD3200BEVT-22ZCT0 11.01A11 Size: 305245MB BusType: 3
19:32:50.591 Disk 0 MBR read successfully
19:32:50.596 Disk 0 MBR scan
19:32:50.604 Disk 0 unknown MBR code
19:32:50.608 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12291 MB offset 63
19:32:50.658 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 146477 MB offset 25174016
19:32:50.759 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 146475 MB offset 325158912
19:32:50.832 Disk 0 scanning sectors +625139712
19:32:51.539 Disk 0 scanning C:\Windows\system32\drivers
19:34:28.576 Service scanning
19:34:54.047 Modules scanning
19:37:00.204 Disk 0 trace - called modules:
19:37:00.664 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys
19:37:00.671 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85edfac8]
19:37:00.678 3 CLASSPNP.SYS[8a7a08b3] -> nt!IofCallDriver -> [0x84f11c10]
19:37:00.685 5 acpi.sys[806936bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84f11030]
19:37:02.028 AVAST engine scan C:\Windows
19:38:04.493 AVAST engine scan C:\Windows\system32
19:42:34.214 AVAST engine scan C:\Windows\system32\drivers
19:43:14.181 AVAST engine scan C:\Users\Ansel
19:43:17.051 File: C:\Users\Ansel\AppData\Local\Adobe\Acer Arcade Deluxe\dyddza.dll **INFECTED** Win32:Malware-gen
19:43:17.192 File: C:\Users\Ansel\AppData\Local\Adobe\Acer Arcade Deluxe\xdlqzl.dll **INFECTED** Win32:Malware-gen
20:03:19.790 AVAST engine scan C:\ProgramData
20:14:41.064 Scan finished successfully
20:15:13.738 Disk 0 MBR has been saved successfully to "C:\Users\Ansel\Desktop\MBR.dat"
20:15:13.747 The log file has been saved successfully to "C:\Users\Ansel\Desktop\aswMBR.txt"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:07 PM

Posted 03 May 2012 - 11:29 PM

C:\Users\Ansel\AppData\Local\Adobe\Acer Arcade Deluxe\dyddza.dll **INFECTED** Win32:Malware-gen
19:43:17.192 File: C:\Users\Ansel\AppData\Local\Adobe\Acer Arcade Deluxe\xdlqzl.dll **INFECTED** Win32:Malware-gen


These two files were responsible for happili redirect

Press Windows+R key and type

notepad and click ok

Now copy this script
@echo off
del /f /s /q "C:\Users\Ansel\AppData\Local\Adobe\Acer Arcade Deluxe\dyddza.dll"
del /f /s /q "C:\Users\Ansel\AppData\Local\Adobe\Acer Arcade Deluxe\xdlqzl.dll"
del %0

Save it as Remove.bat

Run the bat file

Post the new aswmbr log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.


Let me know if you still face redirects

good luck

#11 anglen9

anglen9
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:07 PM

Posted 04 May 2012 - 08:43 PM

Here is my next log.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-04 16:22:31
-----------------------------
16:22:31.893 OS Version: Windows 6.0.6002 Service Pack 2
16:22:31.893 Number of processors: 2 586 0x170A
16:22:31.896 ComputerName: ANSEL-PC UserName: Ansel
16:22:34.072 Initialize success
16:22:40.348 AVAST engine defs: 12050301
16:23:22.485 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:23:22.489 Disk 0 Vendor: WDC_WD3200BEVT-22ZCT0 11.01A11 Size: 305245MB BusType: 3
16:23:22.773 Disk 0 MBR read successfully
16:23:22.776 Disk 0 MBR scan
16:23:22.783 Disk 0 unknown MBR code
16:23:22.857 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12291 MB offset 63
16:23:22.890 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 146477 MB offset 25174016
16:23:22.924 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 146475 MB offset 325158912
16:23:22.945 Disk 0 scanning sectors +625139712
16:23:23.349 Disk 0 scanning C:\Windows\system32\drivers
16:24:40.005 Service scanning
16:25:05.494 Modules scanning
16:27:06.803 Disk 0 trace - called modules:
16:27:07.293 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys
16:27:07.302 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85edfac8]
16:27:07.311 3 CLASSPNP.SYS[8a7a08b3] -> nt!IofCallDriver -> [0x84f11c10]
16:27:07.321 5 acpi.sys[806936bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84f11030]
16:27:14.583 AVAST engine scan C:\Windows
16:29:52.932 AVAST engine scan C:\Windows\system32
16:58:46.441 AVAST engine scan C:\Windows\system32\drivers
17:03:38.847 AVAST engine scan C:\Users\Ansel
17:04:02.278 File: C:\Users\Ansel\AppData\Local\Adobe\Acer Arcade Deluxe\xdlqzl.dll **INFECTED** Win32:Malware-gen
18:15:30.978 AVAST engine scan C:\ProgramData
18:34:17.414 Scan finished successfully
18:41:58.128 Disk 0 MBR has been saved successfully to "C:\Users\Ansel\Desktop\MBR.dat"
18:41:58.136 The log file has been saved successfully to "C:\Users\Ansel\Desktop\aswMBR.2.txt"


Now I will do the next step.

#12 anglen9

anglen9
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:07 PM

Posted 05 May 2012 - 09:20 AM

narenxp,
Well I have completed all of the scans and everything is coming back clean now and I no longer have the redirect issues. I really appreciate all of your help with this issue. MBAM has 3 items in quarantine now, so should I leave them there or delete them, as it gives me the option? I am quite impressed with how you know all this stuff and are willing to help someone you dont even know fix their problems. I cant thank you enough for taking time from your day to help me. Have a great day.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:07 PM

Posted 05 May 2012 - 10:13 AM

Appreciate your feedback.Please post the logs so that i can verify that your PC is clean :thumbup2:

Edited by narenxp, 05 May 2012 - 12:40 PM.


#14 anglen9

anglen9
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:07 PM

Posted 05 May 2012 - 12:32 PM

there were no logs for ESET it found nothing. the minitoolbox logs:

Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/04/2012 08:17:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/04/2012 08:14:25 PM) (Source: IDVault) (User: )
Description: IsIDVaultAlreadyRunning failed Only part of a ReadProcessMemory or WriteProcessMemory request was completed at System.Diagnostics.NtProcessManager.GetModuleInfos(Int32 processId, Boolean firstModuleOnly)
at System.Diagnostics.NtProcessManager.GetFirstModuleInfo(Int32 processId)
at System.Diagnostics.Process.get_MainModule()
at (Object )
at ?.?.()

Error: (05/04/2012 08:11:36 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16421, time stamp 0x4d76255d, faulting module IEFRAME.dll, version 9.0.8112.16437, time stamp 0x4e5eeecc, exception code 0xc0000005, fault offset 0x000fc7af,
process id 0xce4, application start time 0xiexplore.exe0.

Error: (05/04/2012 06:51:06 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16421, time stamp 0x4d76255d, faulting module IEFRAME.dll, version 9.0.8112.16437, time stamp 0x4e5eeecc, exception code 0xc0000005, fault offset 0x000fc7af,
process id 0x1398, application start time 0xiexplore.exe0.

Error: (05/04/2012 06:47:35 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16421, time stamp 0x4d76255d, faulting module IEFRAME.dll, version 9.0.8112.16437, time stamp 0x4e5eeecc, exception code 0xc0000005, fault offset 0x000fc7af,
process id 0x1398, application start time 0xiexplore.exe0.

Error: (05/04/2012 06:46:44 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16421, time stamp 0x4d76255d, faulting module OLEAUT32.dll, version 6.0.6002.18508, time stamp 0x4e5674e4, exception code 0xc0000005, fault offset 0x0001fd17,
process id 0x1348, application start time 0xiexplore.exe0.

Error: (05/03/2012 06:45:24 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (05/03/2012 06:35:37 PM) (Source: Application Error) (User: )
Description: Faulting application 5r2i26rl.exe, version 1.0.15.15641, time stamp 0x4e21f2b1, faulting module 5r2i26rl.exe, version 1.0.15.15641, time stamp 0x4e21f2b1, exception code 0xc0000005, fault offset 0x0000c676,
process id 0x3c4, application start time 0x5r2i26rl.exe0.

Error: (05/03/2012 06:30:03 PM) (Source: Application Hang) (User: )
Description: The program ccSvcHst.exe version 10.1.1.16 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: d80
Start Time: 01cd298d62a75b93
Termination Time: 41

Error: (05/03/2012 05:34:10 PM) (Source: Application Error) (User: )
Description: Faulting application AdobeARM.exe, version 1.5.7.0, time stamp 0x4f02b014, faulting module GIDBIN1.dll, version 3.0.0.168, time stamp 0x4e131a5e, exception code 0xc0000417, fault offset 0x00018b2a,
process id 0xa8c, application start time 0xAdobeARM.exe0.


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (01/10/2012 01:02:40 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.

Error: (08/13/2011 09:42:53 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 7.1.4)
Acer Arcade Deluxe (Version: 2.0.5817)
Acer Assist
Acer Crystal Eye Webcam 2.0.7 (Version: 2.0.7)
Acer eDataSecurity Management (Version: 3.0.3065)
Acer Empowering Technology (Version: 3.0.3013)
Acer ePower Management (Version: 3.0.3016)
Acer eRecovery Management (Version: 3.0.3014)
Acer eSettings Management (Version: 3.0.3011)
Acer GridVista (Version: 2.72.317)
Acer Mobility Center Plug-In (Version: 3.0.3000)
Acer Registration
Acer ScreenSaver (Version: 1.11.0506)
Acer VCM (Version: 3.2.3002)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
ActivClient CAC 6.1 x86 (Version: 6.01.00033)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.0.1.152)
Adobe Reader 9.5.0 (Version: 9.5.0)
Agere Systems HDA Modem
Apple Application Support (Version: 2.0.1)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.2)
BufferChm (Version: 140.0.212.000)
C:\Program Files\Acer GameZone\GameConsole (Version: 2.0.1.4)
Carbonite Online Backup Setup (Version: 3.7.0)
Constant Guard Protection Suite (Version: 1.1.329.0)
Coupon Printer for Windows (Version: 5.0.0.0)
CyberLink PowerDirector (Version: 6.5.3524)
D110 (Version: 140.0.283.000)
D3DX10 (Version: 15.4.2368.0902)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
ESET Online Scanner v3
eSobi v2 (Version: 2.0.3.000223)
Full Tilt Poker.Net (Version: 4.26.5.WIN.FullTilt.NET)
GIMP 2.6.7
Google Chrome (Version: 18.0.1025.168)
Google Desktop (Version: 5.9.1005.12335)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
GPBaseService2 (Version: 140.0.211.000)
GuardedID (Version: 0.03.1038)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.002.002.002)
HPAppStudio (Version: 140.0.95.000)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
Intel® Graphics Media Accelerator Driver
iTunes (Version: 10.4.1.10)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
JMicron JMB38X Flash Media Controller (Version: 1.00.14.03)
Junk Mail filter update (Version: 15.4.3502.0922)
jZip
Launch Manager
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MarketResearch (Version: 140.0.212.000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Standard 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 08.05.0818)
MobileMe Control Panel (Version: 3.1.6.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MySpaceIM (Version: 1.0.823.0)
Network (Version: 140.0.215.000)
Norton Security Suite (Version: 5.2.1.3)
NTI Backup Now 5 (Version: 5.1.2.616)
NTI Backup Now Standard (Version: 5.1.2.616)
NTI Media Maker 8 (Version: 8.0.2.6509)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PhotoNow! (Version: 1.1.5203)
PokerStars
PokerStars.net
PS_AIO_07_D110_SW_Min (Version: 140.0.142.000)
QuickTime (Version: 7.70.80.34)
QuickTransfer (Version: 140.0.98.000)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5648)
Safari (Version: 5.34.50.0)
Scan (Version: 140.0.80.000)
Segoe UI (Version: 15.4.2271.0615)
Shop for HP Supplies (Version: 14.0)
ShopAtHome.com Toolbar
Skype 4.0 (Version: 4.0.224)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.214.000)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Status (Version: 140.0.256.000)
Synaptics Pointing Device Driver (Version: 11.0.2.0)
Tango (Version: 1.6.14117)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
WebReg (Version: 140.0.212.017)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinZip 15.0 (Version: 15.0.9334)
XFINITY Toolbar (Version: 3.5.1.13)
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 3001.27 MB
Available physical RAM: 1466.21 MB
Total Pagefile: 6222.8 MB
Available Pagefile: 4313.73 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.57 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:143.04 GB) (Free:84.41 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:143.04 GB) (Free:142.95 GB) NTFS

========================= Users: ========================================

User accounts for \\ANSEL-PC

Administrator Ansel Guest


**** End of log ****

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:07 PM

Posted 05 May 2012 - 12:57 PM

Browse to this location and see if you can delete this file manually

C:\Users\Ansel\AppData\Local\Adobe\Acer Arcade Deluxe\xdlqzl.dll

good luck

Edited by narenxp, 05 May 2012 - 12:57 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users