Night_Raven Публикувано Юли 28, 2011 Report Share Публикувано Юли 28, 2011 http://i.imgur.com/RMNY1.png Цитирай Link to comment Сподели другаде More sharing options...
axl_rose Публикувано Юли 29, 2011 Report Share Публикувано Юли 29, 2011 Да разбрах те правилно,но при мен не излиза така...снимах го но не мога да разбера как да ти я пратя... Цитирай Link to comment Сподели другаде More sharing options...
Night_Raven Публикувано Юли 29, 2011 Report Share Публикувано Юли 29, 2011 А съгласи ли се aswMBR да изтегли дефинициите на avast! при стартирането си? Цитирай Link to comment Сподели другаде More sharing options...
axl_rose Публикувано Юли 29, 2011 Report Share Публикувано Юли 29, 2011 ДА Цитирай Link to comment Сподели другаде More sharing options...
Night_Raven Публикувано Юли 29, 2011 Report Share Публикувано Юли 29, 2011 Изтегли GMER. Разархивирай, ако е в архив. Стартирай я. Тя ще направи начално сканиране за секунди. След като то приключи кликни бутон Scan, изчакай да сканира, кликни бутон Copy и после постави съдържанието тук (Ctrl+V). Цитирай Link to comment Сподели другаде More sharing options...
axl_rose Публикувано Юли 29, 2011 Report Share Публикувано Юли 29, 2011 Това е: GMER 1.0.15.15641 - http://www.gmer.netRootkit scan 2011-07-29 16:32:50Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 ST9250827AS rev.3.AAARunning: gmer.exe; Driver: C:\Users\BG\AppData\Local\Temp\pxldqpoc.sys ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwSaveKey + 13C1 82C4D339 1 Byte [06].text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82C86D52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}.text sptd.sys 886B5000 8 Bytes [34, E2, 02, 83, A0, 47, 02, ...] {XOR AL, 0xe2; ADD AL, [EBX-0x7cfdb860]}.text sptd.sys 886B5009 23 Bytes [47, 02, 83, 48, 6B, 02, 83, ...].text sptd.sys 886B5024 4 Bytes [44, 45, 7E, 88] {INC ESP; INC EBP; JLE 0xffffffffffffff8c}.text sptd.sys 886B502C 100 Bytes [99, 45, E7, 82, D2, 08, DF, ...].text sptd.sys 886B5091 87 Bytes [b5, C4, 82, 1A, 65, C4, 82, ...].text ... .sptd2 C:\Windows\System32\Drivers\sptd.sys entry point in ".sptd2" section [0x887ACD38]? C:\Windows\System32\Drivers\sptd.sys The process cannot access the file because it is being used by another process..text USBPORT.SYS!DllUnload 8E851DB9 5 Bytes JMP 860261D8 ? C:\Users\BG\AppData\Local\Temp\aswMBR.sys The system cannot find the file specified. ! ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!EnableWindow 75A78D02 5 Bytes JMP 67BEA83D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!GetAsyncKeyState 75A7A256 5 Bytes JMP 67BEB1EE C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!CallNextHookEx 75A7ABE1 5 Bytes JMP 67C33CA7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!UnhookWindowsHookEx 75A7ADF9 5 Bytes JMP 67CED99B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!SetWindowsHookExW 75A7E30C 5 Bytes JMP 67C87DD1 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!CreateWindowExW 75A7EC7C 5 Bytes JMP 67CC3894 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!GetKeyState 75A82B4D 1 Byte [E9].text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!GetKeyState 75A82B4D 5 Bytes JMP 67BF0F51 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!IsDialogMessageW 75A84104 5 Bytes JMP 67BEAD96 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!CreateDialogParamA 75A91F42 5 Bytes JMP 67DFEA1F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!IsDialogMessage 75A92019 5 Bytes JMP 67DFE259 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!TrackPopupMenu 75A92228 5 Bytes JMP 038B4870 C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!DialogBoxParamW 75A93B9B 5 Bytes JMP 038B5270 C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!CreateDialogIndirectParamA 75A9721D 5 Bytes JMP 67DFEA8D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!CreateDialogIndirectParamW 75A9EA10 5 Bytes JMP 67DFEAC4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!DialogBoxIndirectParamW 75AA3B7F 5 Bytes JMP 67DFDDA0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!EndDialog 75AA3BA3 5 Bytes JMP 67BEAFEC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!TrackPopupMenuEx 75AA4832 5 Bytes JMP 038B49D0 C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!CreateDialogParamW 75AA5630 5 Bytes JMP 038B50F0 C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!SetKeyboardState 75AA695A 5 Bytes JMP 67DFE5BE C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!SendInput 75AA7019 5 Bytes JMP 67DFF1E4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!SetCursorPos 75ABC1B0 5 Bytes JMP 67DFF23C C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!DialogBoxParamA 75ABCF42 5 Bytes JMP 67DFDD3D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!DialogBoxIndirectParamA 75ABD274 5 Bytes JMP 67DFDE03 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!MessageBoxIndirectA 75ACE869 5 Bytes JMP 67DFDCD2 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!MessageBoxIndirectW 75ACE963 1 Byte [E9].text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!MessageBoxIndirectW 75ACE963 5 Bytes JMP 67DFDC67 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!MessageBoxExA 75ACE9C9 5 Bytes JMP 67DFDC05 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!MessageBoxExW 75ACE9ED 5 Bytes JMP 67DFDBA3 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] USER32.dll!keybd_event 75ACEC3B 5 Bytes JMP 67DFF56F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] SHELL32.dll!DllRegisterServer + 577 75FD9FB4 4 Bytes [A5, 35, A3, 6F].text C:\Program Files\Internet Explorer\iexplore.exe[1312] SHELL32.dll!DllRegisterServer + 57F 75FD9FBC 4 Bytes [F3, 34, A3, 6F].text C:\Program Files\Internet Explorer\iexplore.exe[1312] SHELL32.dll!DllRegisterServer + 59B 75FD9FD8 4 Bytes [A5, 35, A3, 6F].text C:\Program Files\Internet Explorer\iexplore.exe[1312] SHELL32.dll!DllRegisterServer + 5A3 75FD9FE0 4 Bytes [F3, 34, A3, 6F].text C:\Program Files\Internet Explorer\iexplore.exe[1312] SHELL32.dll!DllRegisterServer + 803 75FDA240 4 Bytes [A5, 35, A3, 6F].text ... .text C:\Program Files\Internet Explorer\iexplore.exe[1312] SHELL32.dll!RealDriveType + 1601 75FDFCD4 4 Bytes [A5, 35, A3, 6F].text C:\Program Files\Internet Explorer\iexplore.exe[1312] SHELL32.dll!RealDriveType + 1609 75FDFCDC 4 Bytes [F3, 34, A3, 6F].text C:\Program Files\Internet Explorer\iexplore.exe[1312] SHELL32.dll!RealDriveType + 173D 75FDFE10 4 Bytes [A5, 35, A3, 6F].text C:\Program Files\Internet Explorer\iexplore.exe[1312] SHELL32.dll!RealDriveType + 1745 75FDFE18 8 Bytes [F3, 34, A3, 6F, 17, 73, A2, ...].text C:\Program Files\Internet Explorer\iexplore.exe[1312] SHELL32.dll!RealDriveType + 1EAD 75FE0580 4 Bytes [A5, 35, A3, 6F].text ... .text C:\Program Files\Internet Explorer\iexplore.exe[1312] SHELL32.dll!ILClone + 135 75FE1818 4 Bytes [A5, 35, A3, 6F].text C:\Program Files\Internet Explorer\iexplore.exe[1312] SHELL32.dll!ILClone + 13D 75FE1820 4 Bytes [F3, 34, A3, 6F].text C:\Program Files\Internet Explorer\iexplore.exe[1312] ole32.dll!OleLoadFromStream 75756143 5 Bytes JMP 67DFE0FE C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[1312] ole32.dll!CoCreateInstance 75799D0B 5 Bytes JMP 67CC3422 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[3500] USER32.dll!CreateWindowExW 75A7EC7C 5 Bytes JMP 67CC3894 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[3500] USER32.dll!DialogBoxParamW 75A93B9B 5 Bytes JMP 67BF7F51 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[3500] USER32.dll!DialogBoxIndirectParamW 75AA3B7F 5 Bytes JMP 67DFDDA0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[3500] USER32.dll!DialogBoxParamA 75ABCF42 5 Bytes JMP 67DFDD3D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[3500] USER32.dll!DialogBoxIndirectParamA 75ABD274 5 Bytes JMP 67DFDE03 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[3500] USER32.dll!MessageBoxIndirectA 75ACE869 5 Bytes JMP 67DFDCD2 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[3500] USER32.dll!MessageBoxIndirectW 75ACE963 1 Byte [E9].text C:\Program Files\Internet Explorer\iexplore.exe[3500] USER32.dll!MessageBoxIndirectW 75ACE963 5 Bytes JMP 67DFDC67 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[3500] USER32.dll!MessageBoxExA 75ACE9C9 5 Bytes JMP 67DFDC05 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[3500] USER32.dll!MessageBoxExW 75ACE9ED 5 Bytes JMP 67DFDBA3 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!EnableWindow 75A78D02 5 Bytes JMP 67BEA83D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!GetAsyncKeyState 75A7A256 5 Bytes JMP 67BEB1EE C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!CallNextHookEx 75A7ABE1 5 Bytes JMP 67C33CA7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!UnhookWindowsHookEx 75A7ADF9 5 Bytes JMP 67CED99B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!SetWindowsHookExW 75A7E30C 5 Bytes JMP 67C87DD1 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!CreateWindowExW 75A7EC7C 5 Bytes JMP 67CC3894 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!GetKeyState 75A82B4D 1 Byte [E9].text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!GetKeyState 75A82B4D 5 Bytes JMP 67BF0F51 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!IsDialogMessageW 75A84104 5 Bytes JMP 67BEAD96 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!CreateDialogParamA 75A91F42 5 Bytes JMP 67DFEA1F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!IsDialogMessage 75A92019 5 Bytes JMP 67DFE259 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!TrackPopupMenu 75A92228 5 Bytes JMP 04A24870 C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!DialogBoxParamW 75A93B9B 5 Bytes JMP 04A25270 C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!CreateDialogIndirectParamA 75A9721D 5 Bytes JMP 67DFEA8D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!CreateDialogIndirectParamW 75A9EA10 5 Bytes JMP 67DFEAC4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!DialogBoxIndirectParamW 75AA3B7F 5 Bytes JMP 67DFDDA0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!EndDialog 75AA3BA3 5 Bytes JMP 67BEAFEC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!TrackPopupMenuEx 75AA4832 5 Bytes JMP 04A249D0 C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!CreateDialogParamW 75AA5630 5 Bytes JMP 04A250F0 C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!SetKeyboardState 75AA695A 5 Bytes JMP 67DFE5BE C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!SendInput 75AA7019 5 Bytes JMP 67DFF1E4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!SetCursorPos 75ABC1B0 5 Bytes JMP 67DFF23C C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!DialogBoxParamA 75ABCF42 5 Bytes JMP 67DFDD3D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!DialogBoxIndirectParamA 75ABD274 5 Bytes JMP 67DFDE03 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!MessageBoxIndirectA 75ACE869 5 Bytes JMP 67DFDCD2 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!MessageBoxIndirectW 75ACE963 1 Byte [E9].text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!MessageBoxIndirectW 75ACE963 5 Bytes JMP 67DFDC67 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!MessageBoxExA 75ACE9C9 5 Bytes JMP 67DFDC05 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!MessageBoxExW 75ACE9ED 5 Bytes JMP 67DFDBA3 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] USER32.dll!keybd_event 75ACEC3B 5 Bytes JMP 67DFF56F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] SHELL32.dll!RealDriveType + 3E9 75FDEABC 4 Bytes [A5, 35, A3, 6F].text C:\Program Files\Internet Explorer\iexplore.exe[4840] SHELL32.dll!RealDriveType + 3F1 75FDEAC4 4 Bytes [F3, 34, A3, 6F].text C:\Program Files\Internet Explorer\iexplore.exe[4840] SHELL32.dll!RealDriveType + 173D 75FDFE10 4 Bytes [A5, 35, A3, 6F].text C:\Program Files\Internet Explorer\iexplore.exe[4840] SHELL32.dll!RealDriveType + 1745 75FDFE18 8 Bytes [F3, 34, A3, 6F, 17, 73, A2, ...].text C:\Program Files\Internet Explorer\iexplore.exe[4840] SHELL32.dll!RealDriveType + 1B39 75FE020C 4 Bytes [A5, 35, A3, 6F].text ... .text C:\Program Files\Internet Explorer\iexplore.exe[4840] ole32.dll!OleLoadFromStream 75756143 5 Bytes JMP 67DFE0FE C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[4840] ole32.dll!CoCreateInstance 75799D0B 5 Bytes JMP 67CC3422 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!EnableWindow 75A78D02 5 Bytes JMP 67BEA83D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!GetAsyncKeyState 75A7A256 5 Bytes JMP 67BEB1EE C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!CallNextHookEx 75A7ABE1 5 Bytes JMP 67C33CA7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!UnhookWindowsHookEx 75A7ADF9 5 Bytes JMP 67CED99B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!SetWindowsHookExW 75A7E30C 5 Bytes JMP 67C87DD1 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!CreateWindowExW 75A7EC7C 5 Bytes JMP 67CC3894 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!GetKeyState 75A82B4D 1 Byte [E9].text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!GetKeyState 75A82B4D 5 Bytes JMP 67BF0F51 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!IsDialogMessageW 75A84104 5 Bytes JMP 67BEAD96 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!CreateDialogParamA 75A91F42 5 Bytes JMP 67DFEA1F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!IsDialogMessage 75A92019 5 Bytes JMP 67DFE259 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!TrackPopupMenu 75A92228 5 Bytes JMP 04944870 C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!DialogBoxParamW 75A93B9B 5 Bytes JMP 04945270 C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!CreateDialogIndirectParamA 75A9721D 5 Bytes JMP 67DFEA8D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!CreateDialogIndirectParamW 75A9EA10 5 Bytes JMP 67DFEAC4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!DialogBoxIndirectParamW 75AA3B7F 5 Bytes JMP 67DFDDA0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!EndDialog 75AA3BA3 5 Bytes JMP 67BEAFEC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!TrackPopupMenuEx 75AA4832 5 Bytes JMP 049449D0 C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!CreateDialogParamW 75AA5630 5 Bytes JMP 049450F0 C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!SetKeyboardState 75AA695A 5 Bytes JMP 67DFE5BE C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!SendInput 75AA7019 5 Bytes JMP 67DFF1E4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!SetCursorPos 75ABC1B0 5 Bytes JMP 67DFF23C C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!DialogBoxParamA 75ABCF42 5 Bytes JMP 67DFDD3D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!DialogBoxIndirectParamA 75ABD274 5 Bytes JMP 67DFDE03 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!MessageBoxIndirectA 75ACE869 5 Bytes JMP 67DFDCD2 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!MessageBoxIndirectW 75ACE963 1 Byte [E9].text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!MessageBoxIndirectW 75ACE963 5 Bytes JMP 67DFDC67 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!MessageBoxExA 75ACE9C9 5 Bytes JMP 67DFDC05 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!MessageBoxExW 75ACE9ED 5 Bytes JMP 67DFDBA3 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] USER32.dll!keybd_event 75ACEC3B 5 Bytes JMP 67DFF56F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] SHELL32.dll!RealDriveType + 3E9 75FDEABC 4 Bytes [A5, 35, A3, 6F].text C:\Program Files\Internet Explorer\iexplore.exe[5024] SHELL32.dll!RealDriveType + 3F1 75FDEAC4 4 Bytes [F3, 34, A3, 6F].text C:\Program Files\Internet Explorer\iexplore.exe[5024] SHELL32.dll!RealDriveType + 173D 75FDFE10 4 Bytes [A5, 35, A3, 6F].text C:\Program Files\Internet Explorer\iexplore.exe[5024] SHELL32.dll!RealDriveType + 1745 75FDFE18 8 Bytes [F3, 34, A3, 6F, 17, 73, A2, ...].text C:\Program Files\Internet Explorer\iexplore.exe[5024] SHELL32.dll!RealDriveType + 1B39 75FE020C 4 Bytes [A5, 35, A3, 6F].text ... .text C:\Program Files\Internet Explorer\iexplore.exe[5024] ole32.dll!OleLoadFromStream 75756143 5 Bytes JMP 67DFE0FE C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5024] ole32.dll!CoCreateInstance 75799D0B 5 Bytes JMP 67CC3422 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!EnableWindow 75A78D02 5 Bytes JMP 67BEA83D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!GetAsyncKeyState 75A7A256 5 Bytes JMP 67BEB1EE C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!CallNextHookEx 75A7ABE1 5 Bytes JMP 67C33CA7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!UnhookWindowsHookEx 75A7ADF9 5 Bytes JMP 67CED99B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!SetWindowsHookExW 75A7E30C 5 Bytes JMP 67C87DD1 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!CreateWindowExW 75A7EC7C 5 Bytes JMP 67CC3894 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!GetKeyState 75A82B4D 1 Byte [E9].text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!GetKeyState 75A82B4D 5 Bytes JMP 67BF0F51 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!IsDialogMessageW 75A84104 5 Bytes JMP 67BEAD96 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!CreateDialogParamA 75A91F42 5 Bytes JMP 67DFEA1F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!IsDialogMessage 75A92019 5 Bytes JMP 67DFE259 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!TrackPopupMenu 75A92228 5 Bytes JMP 048E4870 C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!DialogBoxParamW 75A93B9B 5 Bytes JMP 048E5270 C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!CreateDialogIndirectParamA 75A9721D 5 Bytes JMP 67DFEA8D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!CreateDialogIndirectParamW 75A9EA10 5 Bytes JMP 67DFEAC4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!DialogBoxIndirectParamW 75AA3B7F 5 Bytes JMP 67DFDDA0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!EndDialog 75AA3BA3 5 Bytes JMP 67BEAFEC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!TrackPopupMenuEx 75AA4832 5 Bytes JMP 048E49D0 C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!CreateDialogParamW 75AA5630 5 Bytes JMP 048E50F0 C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!SetKeyboardState 75AA695A 5 Bytes JMP 67DFE5BE C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!SendInput 75AA7019 5 Bytes JMP 67DFF1E4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!SetCursorPos 75ABC1B0 5 Bytes JMP 67DFF23C C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!DialogBoxParamA 75ABCF42 5 Bytes JMP 67DFDD3D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!DialogBoxIndirectParamA 75ABD274 5 Bytes JMP 67DFDE03 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!MessageBoxIndirectA 75ACE869 5 Bytes JMP 67DFDCD2 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!MessageBoxIndirectW 75ACE963 1 Byte [E9].text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!MessageBoxIndirectW 75ACE963 5 Bytes JMP 67DFDC67 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!MessageBoxExA 75ACE9C9 5 Bytes JMP 67DFDC05 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!MessageBoxExW 75ACE9ED 5 Bytes JMP 67DFDBA3 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] USER32.dll!keybd_event 75ACEC3B 5 Bytes JMP 67DFF56F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] SHELL32.dll!RealDriveType + 173D 75FDFE10 4 Bytes [A5, 35, A3, 6F].text C:\Program Files\Internet Explorer\iexplore.exe[5568] SHELL32.dll!RealDriveType + 1745 75FDFE18 8 Bytes [F3, 34, A3, 6F, 17, 73, A2, ...].text C:\Program Files\Internet Explorer\iexplore.exe[5568] ole32.dll!OleLoadFromStream 75756143 5 Bytes JMP 67DFE0FE C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[5568] ole32.dll!CoCreateInstance 75799D0B 5 Bytes JMP 67CC3422 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation) ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [886B60C0] \SystemRoot\System32\Drivers\sptd.sysIAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [886B6FE0] \SystemRoot\System32\Drivers\sptd.sysIAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUlong] [886B6574] \SystemRoot\System32\Drivers\sptd.sysIAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [886B71BC] \SystemRoot\System32\Drivers\sptd.sysIAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [886B6362] \SystemRoot\System32\Drivers\sptd.sys ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [6FA23932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6FA21ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [6FA1C028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6FA23B9B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [6FA25870] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [6FA24731] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [6FA24DCC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [6FA21D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6FA1F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6FA206BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6FA1FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6FA21A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6FA20043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6FA20CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [6FA23932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6FA21ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6FA206BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6FA20CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [6FA22ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [6FA1F1BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [6FA1F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [6FA1FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6FA21A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6FA21ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [6FA24DCC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [6FA24731] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6FA1DF55] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6FA206BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [6FA23932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [6FA1DCFA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6FA1DE25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6FA20571] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6FA21D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [6FA1DBCF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [6FA2417A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [6FA25870] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [6FA246BE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [6FA24A6A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsRootA] [6FA2814E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathStripToRootW] [6FA288D4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsURLW] [6FA28498] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathFindOnPathW] [6FA27D69] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHCreateStreamOnFileW] [6FA28BE8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHOpenRegStream2W] [6FA28FED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathCombineW] [6FA27B86] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHDeleteKeyA] [6FA28C3A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsDirectoryW] [6FA27EA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!AssocQueryStringByKeyW] [6FA2785E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathCreateFromUrlW] [6FA27C2D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathSkipRootW] [6FA287AC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathRelativePathToW] [6FA285D4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsContentTypeW] [6FA27E07] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegQueryUSValueW] [6FA29AAD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegEnumUSKeyW] [6FA294A2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegOpenUSKeyA] [6FA298E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsDirectoryEmptyW] [6FA27F3A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsDirectoryA] [6FA27E56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathBuildRootA] [6FA279F8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetPathW] [6FA29710] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathCanonicalizeW] [6FA27AE5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegSetPathW] [6FA29B66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetUSValueW] [6FA297C9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!AssocQueryKeyW] [6FA27701] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetBoolUSValueW] [6FA29611] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsRelativeW] [6FA28102] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsNetworkPathW] [6FA27FD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsRootW] [6FA2819A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHDeleteKeyW] [6FA28C89] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathFileExistsW] [6FA27CCE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHEnumValueW] [6FA28E84] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathStripPathW] [6FA28840] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegOpenUSKeyW] [6FA2993E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathRemoveArgsW] [6FA28674] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHQueryValueExW] [6FA291F7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHEnumKeyExW] [6FA28DD1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHSetValueW] [6FA29D85] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHDeleteValueW] [6FA28D2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathBuildRootW] [6FA27A47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHGetValueW] [6FA28F3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!AssocQueryStringW] [6FA277AE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsUNCW] [6FA282D0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathMakeSystemFolderW] [6FA28530] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathUnExpandEnvStringsW] [6FA28972] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsUNCServerW] [6FA28368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsUNCServerShareW] [6FA28400] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetValueW] [6FA29888] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [6FA1D9AD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!LoadImageW] [6FA20F2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!WinHelpW] [6FA21904] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!PrivateExtractIconsW] [6FA2141F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6FA21A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [6FA209C2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6FA1FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [6FA1F834] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6FA1F084] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6FA227FF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6FA1F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [6FA1EB7A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [6FA1E563] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [6FA22ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6FA227DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [6FA1E901] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6FA20043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [6FA1EE02] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6FA21A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHRegGetValueW] [6FA29888] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHRegGetValueA] [6FA2982A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathUnExpandEnvStringsA] [6FA28920] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHDeleteKeyA] [6FA28C3A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHDeleteValueW] [6FA28D2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathCreateFromUrlW] [6FA27C2D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHGetValueA] [6FA28EE2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHSetValueA] [6FA29D2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHGetValueW] [6FA28F3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHSetValueW] [6FA29D85] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathCombineW] [6FA27B86] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[1312] @ C:\Windows\System32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [6FA23932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6FA21ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [6FA1C028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6FA23B9B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [6FA25870] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [6FA24731] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [6FA24DCC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [6FA21D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6FA1F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6FA206BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6FA1FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6FA21A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6FA20043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6FA20CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [6FA23932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6FA21ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6FA206BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6FA20CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [6FA22ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [6FA1F1BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [6FA1F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [6FA1FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6FA21A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6FA21ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [6FA24DCC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [6FA24731] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6FA1DF55] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6FA206BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [6FA23932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [6FA1DCFA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6FA1DE25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6FA20571] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6FA21D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [6FA1DBCF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [6FA2417A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [6FA25870] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [6FA246BE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [6FA24A6A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsRootA] [6FA2814E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathStripToRootW] [6FA288D4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsURLW] [6FA28498] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathFindOnPathW] [6FA27D69] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHCreateStreamOnFileW] [6FA28BE8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHOpenRegStream2W] [6FA28FED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathCombineW] [6FA27B86] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHDeleteKeyA] [6FA28C3A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsDirectoryW] [6FA27EA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!AssocQueryStringByKeyW] [6FA2785E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathCreateFromUrlW] [6FA27C2D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathSkipRootW] [6FA287AC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathRelativePathToW] [6FA285D4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsContentTypeW] [6FA27E07] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegQueryUSValueW] [6FA29AAD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegEnumUSKeyW] [6FA294A2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegOpenUSKeyA] [6FA298E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsDirectoryEmptyW] [6FA27F3A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsDirectoryA] [6FA27E56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathBuildRootA] [6FA279F8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetPathW] [6FA29710] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathCanonicalizeW] [6FA27AE5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegSetPathW] [6FA29B66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetUSValueW] [6FA297C9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!AssocQueryKeyW] [6FA27701] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetBoolUSValueW] [6FA29611] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsRelativeW] [6FA28102] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsNetworkPathW] [6FA27FD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsRootW] [6FA2819A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHDeleteKeyW] [6FA28C89] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathFileExistsW] [6FA27CCE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHEnumValueW] [6FA28E84] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathStripPathW] [6FA28840] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegOpenUSKeyW] [6FA2993E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathRemoveArgsW] [6FA28674] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHQueryValueExW] [6FA291F7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHEnumKeyExW] [6FA28DD1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHSetValueW] [6FA29D85] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHDeleteValueW] [6FA28D2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathBuildRootW] [6FA27A47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHGetValueW] [6FA28F3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!AssocQueryStringW] [6FA277AE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsUNCW] [6FA282D0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathMakeSystemFolderW] [6FA28530] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathUnExpandEnvStringsW] [6FA28972] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsUNCServerW] [6FA28368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsUNCServerShareW] [6FA28400] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetValueW] [6FA29888] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [6FA1D9AD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!LoadImageW] [6FA20F2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!WinHelpW] [6FA21904] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!PrivateExtractIconsW] [6FA2141F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6FA21A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [6FA209C2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6FA1FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [6FA1F834] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6FA1F084] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6FA227FF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6FA1F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [6FA1EB7A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [6FA1E563] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [6FA22ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6FA227DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [6FA1E901] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6FA20043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [6FA1EE02] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6FA21A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHRegGetValueW] [6FA29888] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHRegGetValueA] [6FA2982A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathUnExpandEnvStringsA] [6FA28920] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHDeleteKeyA] [6FA28C3A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHDeleteValueW] [6FA28D2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathCreateFromUrlW] [6FA27C2D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHGetValueA] [6FA28EE2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHSetValueA] [6FA29D2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHGetValueW] [6FA28F3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHSetValueW] [6FA29D85] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathCombineW] [6FA27B86] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[4840] @ C:\Windows\System32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [6FA23932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6FA21ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [6FA1C028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6FA23B9B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [6FA25870] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [6FA24731] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [6FA24DCC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [6FA21D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6FA1F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6FA206BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6FA1FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6FA21A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6FA20043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6FA20CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [6FA23932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6FA21ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6FA206BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6FA20CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [6FA22ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [6FA1F1BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [6FA1F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [6FA1FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6FA21A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6FA21ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [6FA24DCC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [6FA24731] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6FA1DF55] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6FA206BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [6FA23932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [6FA1DCFA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6FA1DE25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6FA20571] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6FA21D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [6FA1DBCF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [6FA2417A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [6FA25870] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [6FA246BE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [6FA24A6A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsRootA] [6FA2814E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathStripToRootW] [6FA288D4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsURLW] [6FA28498] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathFindOnPathW] [6FA27D69] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHCreateStreamOnFileW] [6FA28BE8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHOpenRegStream2W] [6FA28FED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathCombineW] [6FA27B86] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHDeleteKeyA] [6FA28C3A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsDirectoryW] [6FA27EA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!AssocQueryStringByKeyW] [6FA2785E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathCreateFromUrlW] [6FA27C2D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathSkipRootW] [6FA287AC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathRelativePathToW] [6FA285D4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsContentTypeW] [6FA27E07] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegQueryUSValueW] [6FA29AAD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegEnumUSKeyW] [6FA294A2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegOpenUSKeyA] [6FA298E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsDirectoryEmptyW] [6FA27F3A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsDirectoryA] [6FA27E56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathBuildRootA] [6FA279F8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetPathW] [6FA29710] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathCanonicalizeW] [6FA27AE5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegSetPathW] [6FA29B66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetUSValueW] [6FA297C9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!AssocQueryKeyW] [6FA27701] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetBoolUSValueW] [6FA29611] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsRelativeW] [6FA28102] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsNetworkPathW] [6FA27FD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsRootW] [6FA2819A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHDeleteKeyW] [6FA28C89] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathFileExistsW] [6FA27CCE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHEnumValueW] [6FA28E84] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathStripPathW] [6FA28840] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegOpenUSKeyW] [6FA2993E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathRemoveArgsW] [6FA28674] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHQueryValueExW] [6FA291F7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHEnumKeyExW] [6FA28DD1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHSetValueW] [6FA29D85] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHDeleteValueW] [6FA28D2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathBuildRootW] [6FA27A47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHGetValueW] [6FA28F3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!AssocQueryStringW] [6FA277AE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsUNCW] [6FA282D0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathMakeSystemFolderW] [6FA28530] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathUnExpandEnvStringsW] [6FA28972] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsUNCServerW] [6FA28368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsUNCServerShareW] [6FA28400] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetValueW] [6FA29888] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [6FA1D9AD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!LoadImageW] [6FA20F2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!WinHelpW] [6FA21904] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!PrivateExtractIconsW] [6FA2141F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6FA21A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [6FA209C2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6FA1FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [6FA1F834] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6FA1F084] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6FA227FF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6FA1F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [6FA1EB7A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [6FA1E563] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [6FA22ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6FA227DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [6FA1E901] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6FA20043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [6FA1EE02] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6FA21A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHRegGetValueW] [6FA29888] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHRegGetValueA] [6FA2982A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathUnExpandEnvStringsA] [6FA28920] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHDeleteKeyA] [6FA28C3A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHDeleteValueW] [6FA28D2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathCreateFromUrlW] [6FA27C2D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHGetValueA] [6FA28EE2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHSetValueA] [6FA29D2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHGetValueW] [6FA28F3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHSetValueW] [6FA29D85] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathCombineW] [6FA27B86] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5024] @ C:\Windows\System32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [6FA23932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6FA21ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [6FA1C028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6FA23B9B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [6FA25870] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [6FA24731] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [6FA24DCC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [6FA21D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6FA1F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6FA206BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6FA1FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6FA21A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6FA20043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6FA20CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [6FA23932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6FA21ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6FA206BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6FA20CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [6FA22ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [6FA1F1BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [6FA1F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [6FA1FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6FA21A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6FA21ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [6FA24DCC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [6FA24731] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6FA1DF55] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6FA206BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [6FA23932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [6FA1DCFA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6FA1DE25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6FA20571] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6FA21D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [6FA1DBCF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [6FA2417A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [6FA25870] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [6FA246BE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [6FA24A6A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsRootA] [6FA2814E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathStripToRootW] [6FA288D4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsURLW] [6FA28498] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathFindOnPathW] [6FA27D69] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHCreateStreamOnFileW] [6FA28BE8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHOpenRegStream2W] [6FA28FED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathCombineW] [6FA27B86] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHDeleteKeyA] [6FA28C3A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsDirectoryW] [6FA27EA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!AssocQueryStringByKeyW] [6FA2785E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathCreateFromUrlW] [6FA27C2D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathSkipRootW] [6FA287AC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathRelativePathToW] [6FA285D4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsContentTypeW] [6FA27E07] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegQueryUSValueW] [6FA29AAD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegEnumUSKeyW] [6FA294A2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegOpenUSKeyA] [6FA298E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsDirectoryEmptyW] [6FA27F3A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsDirectoryA] [6FA27E56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathBuildRootA] [6FA279F8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetPathW] [6FA29710] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathCanonicalizeW] [6FA27AE5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegSetPathW] [6FA29B66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetUSValueW] [6FA297C9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!AssocQueryKeyW] [6FA27701] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetBoolUSValueW] [6FA29611] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsRelativeW] [6FA28102] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsNetworkPathW] [6FA27FD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsRootW] [6FA2819A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHDeleteKeyW] [6FA28C89] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathFileExistsW] [6FA27CCE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHEnumValueW] [6FA28E84] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathStripPathW] [6FA28840] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegOpenUSKeyW] [6FA2993E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathRemoveArgsW] [6FA28674] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHQueryValueExW] [6FA291F7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHEnumKeyExW] [6FA28DD1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHSetValueW] [6FA29D85] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHDeleteValueW] [6FA28D2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathBuildRootW] [6FA27A47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHGetValueW] [6FA28F3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!AssocQueryStringW] [6FA277AE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsUNCW] [6FA282D0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathMakeSystemFolderW] [6FA28530] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathUnExpandEnvStringsW] [6FA28972] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsUNCServerW] [6FA28368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsUNCServerShareW] [6FA28400] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetValueW] [6FA29888] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [6FA1D9AD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!LoadImageW] [6FA20F2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!WinHelpW] [6FA21904] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!PrivateExtractIconsW] [6FA2141F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6FA21A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [6FA209C2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6FA1FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [6FA1F834] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6FA1F084] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6FA227FF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6FA1F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [6FA1EB7A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [6FA1E563] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [6FA22ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6FA227DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [6FA1E901] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6FA20043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [6FA1EE02] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6FA21BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6FA21A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHRegGetValueW] [6FA29888] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHRegGetValueA] [6FA2982A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathUnExpandEnvStringsA] [6FA28920] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHDeleteKeyA] [6FA28C3A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHDeleteValueW] [6FA28D2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathCreateFromUrlW] [6FA27C2D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHGetValueA] [6FA28EE2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHSetValueA] [6FA29D2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHGetValueW] [6FA28F3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHSetValueW] [6FA29D85] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathCombineW] [6FA27B86] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)IAT C:\Program Files\Internet Explorer\iexplore.exe[5568] @ C:\Windows\System32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6FA19F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 84D871F8 AttachedDevice \FileSystem\Ntfs \Ntfs FDCENT.SYSAttachedDevice \FileSystem\Ntfs \Ntfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\NetBT \Device\NetBT_Tcpip_{7F69BD68-E850-4D6D-A0CA-2C1B9EED6CE9} 85EBA1F8Device \Driver\NetBT \Device\NetBT_Tcpip_{7E3171B9-8ABC-4569-95E9-C2015F4EB181} 85EBA1F8Device \Driver\NetBT \Device\NetBT_Tcpip_{2E81F21C-FD43-412D-9BC4-E3BB795F51B7} 85EBA1F8Device \Driver\usbohci \Device\USBPDO-0 85FA21F8Device \Driver\usbohci \Device\USBPDO-1 85FA21F8Device \Driver\usbehci \Device\USBPDO-2 860271F8Device \Driver\ACPI_HAL \Device\00000053 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Tcp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) Device \Driver\atapi \Device\Ide\IdePort0 84D851F8Device \Driver\atapi \Device\Ide\IdePort1 84D851F8Device \Driver\atapi \Device\Ide\IdePort2 84D851F8Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 84D851F8Device \Driver\NetBT \Device\NetBT_Tcpip_{C6FE5FA8-8201-4A56-9A71-8C4EE6182BF7} 85EBA1F8Device \Driver\NetBT \Device\NetBt_Wins_Export 85EBA1F8Device \Driver\USBSTOR \Device\00000079 85E6A1F8 AttachedDevice \Driver\tdx \Device\Udp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.) Device \Driver\PCI_PNP9735 \Device\0000005d sptd.sysDevice \Driver\PCI_PNP9735 \Device\0000005d sptd.sysDevice \Driver\usbohci \Device\USBFDO-0 85FA21F8Device \Driver\usbohci \Device\USBFDO-1 85FA21F8Device \Driver\USBSTOR \Device\0000007b 85E6A1F8Device \Driver\usbehci \Device\USBFDO-2 860271F8Device \Driver\ak053mbb \Device\Scsi\ak053mbb1 860511F8 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch 3626Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x3E 0xB4 0x80 0x2E ...Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ...Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x2A 0xF0 0x6E 0xF0 ...Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x41 0xC1 0xCD 0xEC ...Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41@ujdew 0x41 0xC1 0xCD 0xEC ...Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x3E 0xB4 0x80 0x2E ...Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ...Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x2A 0xF0 0x6E 0xF0 ...Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x41 0xC1 0xCD 0xEC ...Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41@ujdew 0x41 0xC1 0xCD 0xEC ... ---- Files - GMER 1.0.15 ---- File C:\Windows\$NtUninstallKB3034$\1456850943 0 bytesFile C:\Windows\$NtUninstallKB3034$\2154853461 0 bytesFile C:\Windows\$NtUninstallKB3034$\2154853461\L 0 bytesFile C:\Windows\$NtUninstallKB3034$\2154853461\U 0 bytes ---- EOF - GMER 1.0.15 ---- Цитирай Link to comment Сподели другаде More sharing options...
Night_Raven Публикувано Юли 29, 2011 Report Share Публикувано Юли 29, 2011 Дотук - добре. Малко остана. Ще е добре да направим бърза проверка за останки. Сканирай с Malwarebytes' Anti-Malware. Ако вече имаш програмата, провери дали имаш последната версия и ако я нямаш, премахни твоята и инсталирай най-новата. Ако тепърва инсталираш програмата, след инсталацията тя ще предложи да се обнови автоматично, съгласи се. В противен случай обнови дефинициите й ръчно.- стартирай програмата;- избери Perform quick scan (Бързо сканиране) и кликни бутон Scan (Сканиране);- след като приключи сканирането, ако не са открити заплахи, ще се отвори автоматично текстов файл (който можеш да затвориш) и програмата ще те уведоми, че не е открила нищо, след което можеш да кликнеш бутон OK и да я затвориш;- ако са открити заплахи, кликни бутон OK и после Show results (Покажи резултатите);- кликни бутон Remove Selected (Премахни избраните);- ще се появи текстов файл (дневник/лог), копирай съдържанието му тук. Ако е нужен рестарт, се съгласи и рестартирай веднага. Цитирай Link to comment Сподели другаде More sharing options...
axl_rose Публикувано Юли 29, 2011 Report Share Публикувано Юли 29, 2011 Malwarebytes' Anti-Malware 1.51.1.1800www.malwarebytes.org Версия на базата от данни: 7319 Windows 6.1.7601 Service Pack 1Internet Explorer 8.0.7601.17514 29.07.2011 20:29:28mbam-log-2011-07-29 (20-29-28).txt Тип сканиране: Бързо сканиранеСканирани обекти: 151427Изминало време: 17 минута(и), 36 секунда(и) Заразени процеси в паметта: 0Заразени модули в паметта: 0Заразени ключове в регистратурата: 0Заразени стойности в регистратурата: 0Заразени информационни обекти в регистратурата: 0Заразени папки: 0Заразени файлове: 0 Заразени процеси в паметта:(Не бяха открити зловредни обекти) Заразени модули в паметта:(Не бяха открити зловредни обекти) Заразени ключове в регистратурата:(Не бяха открити зловредни обекти) Заразени стойности в регистратурата:(Не бяха открити зловредни обекти) Заразени информационни обекти в регистратурата:(Не бяха открити зловредни обекти) Заразени папки:(Не бяха открити зловредни обекти) Заразени файлове:(Не бяха открити зловредни обекти) Цитирай Link to comment Сподели другаде More sharing options...
Night_Raven Публикувано Юли 29, 2011 Report Share Публикувано Юли 29, 2011 Дневниците изглеждат чисти. Стартирай отново OTL и кликни бутон CleanUp (третия бутон на втория ред). Това ще премахне инструмента и принадлежащите му фалове и папки. След това можеш да изтриеш всички програми/инструменти, които те инструктирах да сваляш. Някои препоръки:- разкарай FlexType 2K и повече не се занимавай с нея; Windows 7 разполага с напълно читава фонетична подредба. Просто си я активирай, ако ти е необходима;- премахни всички toolbar-и, които имаш; просто отвори прозореца за деинсталиране на програми и разкарай всичко, което има думата "toolbar" в името, ОСВЕН ако СЛУЧАЙНО не ползваш дадената лента;- Trend Micro не е особено надеждна антивирусна програма; моят съвет е да преминеш на някой по-реномиран и качествен продукт; лично аз препоръчвам ESET NOD32 Antivirus (платена), Microsoft Security Essentials, Avira AntiVir Personal или avast! Free Antivirus; всяка една от тях е достатъчно добра и не би била погрешен избор. Ами, това е. Цитирай Link to comment Сподели другаде More sharing options...
axl_rose Публикувано Юли 29, 2011 Report Share Публикувано Юли 29, 2011 Много ти благодаря...без теб нямаше да мога да се справя...Ще последвам до край твоите инструкции и ще направя всичко което ми пишеш.Благодаря ти отново...Желая ти хубава и спокойна вечер...и все така да помагаш на хората които имат нужда от помощ... Цитирай Link to comment Сподели другаде More sharing options...
mantex Публикувано Август 22, 2011 Report Share Публикувано Август 22, 2011 Malwarebytes' Anti-Malware 1.51.1.1800www.malwarebytes.org Database version: 7534 Windows 5.1.2600 Service Pack 3Internet Explorer 8.0.6001.18702 22.8.2011 ?. 10:00:40mbam-log-2011-08-22 (10-00-40).txt Scan type: Full scan (C:\|D:\|)Objects scanned: 206152Time elapsed: 45 minute(s), 57 second(s) Memory Processes Infected: 6Memory Modules Infected: 0Registry Keys Infected: 6Registry Values Infected: 17Registry Data Items Infected: 3Folders Infected: 1Files Infected: 128 Memory Processes Infected:c:\WINDOWS\update.tray-13-0\svchost.exe (Trojan.Agent) -> 2468 -> Unloaded process successfully.c:\WINDOWS\update.tray-7-0\svchost.exe (Trojan.Agent) -> 2528 -> Unloaded process successfully.c:\WINDOWS\update.tray-3-0\svchost.exe (Trojan.Agent) -> 2564 -> Unloaded process successfully.c:\WINDOWS\update.tray-12-0\svchost.exe (Trojan.Agent) -> 2576 -> Unloaded process successfully.c:\WINDOWS\update.tray-8-0\svchost.exe (Trojan.Agent) -> 2760 -> Unloaded process successfully.c:\WINDOWS\update.1\svchost.exe (Trojan.Agent) -> 3160 -> Unloaded process successfully. Memory Modules Infected:(No malicious items detected) Registry Keys Infected:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpdrivers (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\sysdriver32.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\systeminfog (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\SERVICES32.EXE (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> Quarantined and deleted successfully. Registry Values Infected:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico0 (Trojan.Agent) -> Value: tray_ico0 -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico1 (Trojan.Agent) -> Value: tray_ico1 -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico2 (Trojan.Agent) -> Value: tray_ico2 -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico3 (Trojan.Agent) -> Value: tray_ico3 -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico4 (Trojan.Agent) -> Value: tray_ico4 -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wxpdrv (Trojan.Agent) -> Value: wxpdrv -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\950606.exe (Trojan.Agent) -> Value: 950606.exe -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\412759.exe (Trojan.Agent) -> Value: 412759.exe -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\1904202.exe (Trojan.Agent) -> Value: 1904202.exe -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\55200218-loader2.exe (Trojan.Agent) -> Value: 55200218-loader2.exe -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\3455949.exe (Trojan.Agent) -> Value: 3455949.exe -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\60587097-loader2.exe (Trojan.Agent) -> Value: 60587097-loader2.exe -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\734708.exe (Trojan.Downloader.Gen) -> Value: 734708.exe -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32.exe (Trojan.Agent) -> Value: sysdriver32.exe -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32_.exe (Trojan.Agent) -> Value: sysdriver32_.exe -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Services32.exe\close (Trojan.Agent) -> Value: close -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpDrivers\ImagePath (Trojan.Agent) -> Value: ImagePath -> Quarantined and deleted successfully. Registry Data Items Infected:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected:c:\WINDOWS\rpcminer (Trojan.BCMiner) -> Quarantined and deleted successfully. Files Infected:c:\WINDOWS\update.tray-13-0\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\update.tray-7-0\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\update.tray-3-0\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\update.tray-12-0\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\update.tray-8-0\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\update.1\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\services32.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\950606.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\412759.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\1904202.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\55200218-loader2.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\3455949.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\60587097-loader2.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\application data\Opera\Opera\temporary_downloads\flash-player.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\flash32.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\client_8.exe (Trojan.Agent.H) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\9849259.exe (Trojan.Downloader.H) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\iecheck12.exe (Trojan.Downloader.H) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\myrar.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\37253992.exe (Trojan.Downloader) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\217561.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\4811872.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\loader2.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\loader_rezerv.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\myunrar2.exe (Trojan.Dropper) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP22\A0008845.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP22\A0008846.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP22\A0008847.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP22\A0008848.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP22\A0009071.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP22\A0009072.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP22\A0009073.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP22\A0009074.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP22\A0009075.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP22\A0009076.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP22\A0009128.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP22\A0009129.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP22\A0009130.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP22\A0009131.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP22\A0009132.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP22\A0009133.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0010737.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0010738.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0010739.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0010740.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0010741.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0010742.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0010921.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0011924.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0011925.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0011926.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0011927.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0011928.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0012924.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0012925.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0012929.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0012930.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0012931.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0013232.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0013230.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0013231.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0013233.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0013234.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0013236.exe (Trojan.Agent.H) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP26\A0013237.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP27\A0013426.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP27\A0013430.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP27\A0013431.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP27\A0013432.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP27\A0013433.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP27\A0013434.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP29\A0014671.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP29\A0014672.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP29\A0014673.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP29\A0014674.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP29\A0014675.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP32\A0014759.exe (Trojan.Downloader.H) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP36\A0017896.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP37\A0018757.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP37\A0018758.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP37\A0018763.exe (PUP.Hacktool.Patcher) -> Not selected for removal.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP38\A0019138.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP38\A0019139.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP38\A0019140.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{ccc6e43e-0d23-40ed-8a33-e5aa63f59e32}\RP38\A0019297.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\219323.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\2545789.exe (Trojan.Downloader.H) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\4437315.exe (Trojan.Agent.H) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\4821781.exe (Trojan.Downloader) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\79165_myunrar2.exe (Trojan.Dropper) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\iecheck12.exe (Trojan.Downloader.H) -> Quarantined and deleted successfully.c:\WINDOWS\update.1\svchost.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\update.tray-12-0\svchost.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\update.tray-12-0-lnk\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\update.tray-13-0\svchost.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\update.tray-13-0-lnk\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\update.tray-3-0\svchost.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\update.tray-3-0-lnk\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\update.tray-7-0\svchost.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\update.tray-8-0\svchost.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\update.tray-8-0-lnk\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\1355535.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\1377961.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\1782776.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\2103054.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\3612646.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\3845845.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\5315477.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\5420898.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\6103949.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\7975665.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\5357269.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\7531184.exe (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\rpcminer\bitcoinmineropencl.cl (Trojan.BCMiner) -> Quarantined and deleted successfully.c:\WINDOWS\rpcminer\bitcoinminercuda_10.cubin (Trojan.BCMiner) -> Quarantined and deleted successfully.c:\WINDOWS\rpcminer\bitcoinminercuda_11.cubin (Trojan.BCMiner) -> Quarantined and deleted successfully.c:\WINDOWS\rpcminer\bitcoinminercuda_20.cubin (Trojan.BCMiner) -> Quarantined and deleted successfully.c:\WINDOWS\rpcminer\cudart32_32_16.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.c:\WINDOWS\rpcminer\curllib.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.c:\WINDOWS\rpcminer\libeay32.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.c:\WINDOWS\rpcminer\libsasl.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.c:\WINDOWS\rpcminer\openldap.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.c:\WINDOWS\rpcminer\rpcminer-4way.exe (Trojan.BCMiner) -> Quarantined and deleted successfully.c:\WINDOWS\rpcminer\rpcminer-cpu.exe (Trojan.BCMiner) -> Quarantined and deleted successfully.c:\WINDOWS\rpcminer\rpcminer-cuda.exe (Trojan.BCMiner) -> Quarantined and deleted successfully.c:\WINDOWS\rpcminer\rpcminer-opencl.exe (Trojan.BCMiner) -> Quarantined and deleted successfully.c:\WINDOWS\rpcminer\ssleay32.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.c:\documents and settings\alia\local settings\Temp\734708.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully. Цитирай Link to comment Сподели другаде More sharing options...
Гост newnickname Публикувано Август 22, 2011 Report Share Публикувано Август 22, 2011 Да се похвалиш или да се оплачиш, минаваш? 1. Като гледам трябва да повториш Full Scan с Malwarebytes' докато останеш чист 2. Изтегли SUPERAntispyware - Portable 3. Стартирай .COM файла и избери език Английски/Български 4. Сложи отметка на Enable Rescue Scan (High Infected System Only) и нека да е маркирано Complate Scan 5. Натискаш големия бутон - Scan Your Computer и маркираш само C:\ 6. Start Complate Scan, като приключи Премахваш заразите, ако трябва рестарт се съгласяваш. 7. Стартираш наново .COM файла и отдолу имаш View Scan Logs, маркираш и отваряш Лог-а, копираш го и тук го поставяш. П.П. Изключи System Restore Цитирай Link to comment Сподели другаде More sharing options...
iee Публикувано Октомври 31, 2011 Report Share Публикувано Октомври 31, 2011 До Night_Raven Здравей колега. Използвам темата, за да не създавам нова. И аз имам проблем с отварянето на фейсбук. Следвах инструкциите ти и пействам двата файла, които създаде OTL. Надявам се да ми помогнеш. С XP съм. OTL logfile created on: 31.10.2011 г. 23:04:36 - Run 1OTL by OldTimer - Version 3.2.31.0 Folder = d:\My Documents\DownloadsWindows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: dd.M.yyyy 'г.' 2,98 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 69,49% Memory free4,83 Gb Paging File | 3,97 Gb Available in Paging File | 82,21% Paging File freePaging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 97,65 Gb Total Space | 83,98 Gb Free Space | 85,99% Space Free | Partition Type: NTFSDrive D: | 368,10 Gb Total Space | 364,79 Gb Free Space | 99,10% Space Free | Partition Type: NTFS Computer Name: LO-SAL-04 | User Name: Administrator | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All usersCompany Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days ========== Processes (SafeList) ========== PRC - [2011.10.31 23:02:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- d:\My Documents\Downloads\OTL.exePRC - [2011.10.18 20:59:09 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exePRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exePRC - [2011.01.28 06:22:27 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exePRC - [2010.10.25 16:45:32 | 003,511,888 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exePRC - [2010.07.16 14:07:54 | 000,508,680 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\obexsrv.exePRC - [2010.07.15 12:22:36 | 001,367,816 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\btplayerctrl.exePRC - [2010.07.15 12:22:24 | 000,901,384 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\audiosrv.exePRC - [2010.03.17 04:48:42 | 000,229,458 | ---- | M] (IDT, Inc.) -- c:\Program Files\IDT\WDM\stacsv.exePRC - [2010.03.01 10:27:22 | 000,264,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exePRC - [2010.03.01 10:26:40 | 000,256,056 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exePRC - [2009.11.04 13:46:56 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exePRC - [2009.11.04 13:46:54 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exePRC - [2009.08.27 13:18:32 | 000,040,960 | ---- | M] () -- C:\Program Files\Common Files\DeviceHelper\DeviceManager.exePRC - [2009.04.21 21:01:56 | 000,737,280 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\AESTFltr.exePRC - [2008.10.15 17:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) -- C:\Program Files\RealVNC\VNC4\winvnc4.exePRC - [2008.04.14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exePRC - [2007.12.21 03:36:58 | 000,086,016 | R--- | M] () -- C:\WINDOWS\system32\SupportAppPT\cdrom_monEx.exePRC - [2006.08.30 09:58:38 | 000,049,152 | ---- | M] (ZSMCSNAP) -- C:\WINDOWS\vmsnap3.exePRC - [2006.06.28 16:54:06 | 000,049,152 | ---- | M] (Vimicro) -- C:\WINDOWS\Domino.exe ========== Modules (No Company Name) ========== MOD - [2011.10.18 20:59:08 | 001,833,944 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dllMOD - [2011.01.28 19:36:49 | 000,130,616 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\hpcasl\3.5.1.1__9c6f83d5b7f3d097\hpcasl.dllMOD - [2011.01.28 19:36:49 | 000,063,032 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CaslShared\3.5.1.1__9c6f83d5b7f3d097\CaslShared.dllMOD - [2011.01.28 17:39:12 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\41f436dae3c8146752d06130f7331527\System.Web.ni.dllMOD - [2011.01.28 17:38:02 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dllMOD - [2011.01.28 17:37:56 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dllMOD - [2011.01.28 17:07:29 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dllMOD - [2011.01.28 17:07:25 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dllMOD - [2011.01.28 17:07:16 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dllMOD - [2011.01.28 17:07:00 | 002,295,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\faeda674832135a080bc73eda51813ff\System.Core.ni.dllMOD - [2011.01.28 17:05:08 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dllMOD - [2011.01.28 17:05:08 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dllMOD - [2011.01.28 17:04:33 | 007,949,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dllMOD - [2011.01.28 17:04:27 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dllMOD - [2010.10.25 16:45:46 | 020,895,312 | ---- | M] () -- C:\Program Files\Motorola\Bluetooth\btmshell.dllMOD - [2010.08.13 02:46:50 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dllMOD - [2010.04.12 16:59:12 | 000,098,304 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dllMOD - [2010.03.16 12:22:12 | 000,014,848 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dllMOD - [2009.08.27 13:18:32 | 000,040,960 | ---- | M] () -- C:\Program Files\Common Files\DeviceHelper\DeviceManager.exeMOD - [2009.02.14 05:04:38 | 000,756,040 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLLMOD - [2008.10.26 05:42:14 | 000,065,376 | ---- | M] () -- C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dllMOD - [2008.04.14 04:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dllMOD - [2008.04.14 04:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dllMOD - [2007.12.21 03:36:58 | 000,086,016 | R--- | M] () -- C:\WINDOWS\system32\SupportAppPT\cdrom_monEx.exeMOD - [2006.10.27 15:35:18 | 000,436,512 | ---- | M] () -- C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (MsMpSvc)SRV - File not found [Disabled | Stopped] -- -- (HidServ)SRV - File not found [Auto | Stopped] -- -- (ekrn)SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)SRV - [2011.01.28 06:22:27 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)SRV - [2010.10.25 16:45:32 | 003,511,888 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)SRV - [2010.07.16 14:07:54 | 000,508,680 | ---- | M] (Motorola, Inc.) [Auto | Running] -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)SRV - [2010.07.15 12:22:24 | 000,901,384 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service)SRV - [2010.03.17 04:48:42 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)SRV - [2010.03.01 10:27:22 | 000,264,248 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)SRV - [2009.11.04 13:46:56 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®SRV - [2009.11.04 13:46:54 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®SRV - [2009.08.27 13:18:32 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe -- (DeviceManager)SRV - [2008.10.15 17:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)SRV - [2007.12.21 03:36:58 | 000,086,016 | R--- | M] () [Auto | Running] -- C:\WINDOWS\system32\SupportAppPT\cdrom_monEx.exe -- (Autorun CDROM Monitor) ========== Driver Services (SafeList) ========== DRV - [2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)DRV - [2011.08.09 14:24:52 | 000,154,136 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)DRV - [2011.08.04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)DRV - [2011.08.04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)DRV - [2011.01.28 20:01:32 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)DRV - [2010.11.02 13:42:30 | 001,718,880 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86)DRV - [2010.10.26 18:59:36 | 000,402,432 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btmusb.sys -- (BTMUSB)DRV - [2010.08.13 03:40:00 | 004,831,744 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)DRV - [2010.07.06 11:13:10 | 000,234,392 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)DRV - [2010.06.30 12:02:08 | 000,041,344 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btmcom.sys -- (BTMCOM)DRV - [2010.05.17 08:04:06 | 000,101,904 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)DRV - [2010.03.17 04:48:42 | 001,659,283 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)DRV - [2010.02.11 17:32:18 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)DRV - [2009.11.11 15:11:00 | 000,181,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)DRV - [2009.09.17 12:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel®DRV - [2009.08.27 13:18:30 | 000,103,552 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qcusbser.sys -- (qcusbser)DRV - [2009.04.21 22:13:34 | 000,113,664 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)DRV - [2008.04.19 05:05:22 | 000,103,936 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)DRV - [2008.04.19 05:05:22 | 000,103,936 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)DRV - [2008.04.19 05:05:22 | 000,103,936 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)DRV - [2008.03.31 16:04:30 | 000,023,040 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer)DRV - [2008.03.31 16:04:30 | 000,017,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)DRV - [2006.12.01 13:23:58 | 000,392,122 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbVM303.sys -- (ZSMC303)DRV - [2006.11.02 16:51:58 | 000,013,560 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4c74-92FE-5B863F82066B})DRV - [2006.04.25 09:57:42 | 000,428,160 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmfilter303.sys -- (vmfilter303) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-onsIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRiskIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1220945662-682003330-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKU\S-1-5-21-1220945662-682003330-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896IE - HKU\S-1-5-21-1220945662-682003330-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blankIE - HKU\S-1-5-21-1220945662-682003330-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/IE - HKU\S-1-5-21-1220945662-682003330-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bgIE - HKU\S-1-5-21-1220945662-682003330-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 58 62 A4 F1 15 C2 CB 01 [binary data]IE - HKU\S-1-5-21-1220945662-682003330-1801674531-500\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)IE - HKU\S-1-5-21-1220945662-682003330-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?babsrc=HP_Prot"FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.27.2FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=4c811a37000000000000e02a8254af00&tlver=1.4.35.10&affID=100474"FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator.LO-SAL-04\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator.LO-SAL-04\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011.01.28 16:59:40 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.02.18 17:03:38 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2011.01.28 19:45:59 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.10.18 20:59:10 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.28 20:11:43 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011.02.27 19:00:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\Mozilla\Extensions[2011.02.27 19:00:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[2011.10.30 16:34:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\Mozilla\Firefox\Profiles\s3b2wn5c.default\extensions[2011.02.27 19:03:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\Mozilla\Firefox\Profiles\s3b2wn5c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}[2011.10.30 16:34:11 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\Mozilla\Firefox\Profiles\s3b2wn5c.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}[2011.05.23 14:24:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\Mozilla\Firefox\Profiles\s3b2wn5c.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash[2011.08.18 07:30:12 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\Mozilla\Firefox\Profiles\s3b2wn5c.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}[2011.09.18 14:31:15 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\Mozilla\Firefox\Profiles\s3b2wn5c.default\extensions\ffxtlbr@babylon.com[2011.08.25 07:25:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions[2011.08.25 07:25:31 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}[2011.10.18 20:59:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}[2011.03.30 20:17:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}[2011.06.28 20:30:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR.LO-SAL-04\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3B2WN5C.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI[2011.01.28 19:45:59 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF[2011.10.18 20:59:09 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll[2011.09.09 06:49:04 | 001,037,112 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll[2011.06.07 11:35:34 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll[2011.10.18 20:59:07 | 000,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml[2011.05.21 13:34:59 | 000,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml[2011.09.18 14:30:53 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml[2011.10.18 20:59:07 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml[2011.05.21 13:34:59 | 000,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml[2011.10.18 20:59:07 | 000,001,131 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml[2011.10.18 20:59:07 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml[2011.10.18 20:59:07 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml[2011.10.18 20:59:07 | 000,001,096 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled)CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator.LO-SAL-04\Local Settings\Application Data\Google\Chrome\Application\15.0.874.106\gcswf32.dllCHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dllCHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dllCHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dllCHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dllCHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dllCHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dllCHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewerCHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Administrator.LO-SAL-04\Local Settings\Application Data\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dllCHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrator.LO-SAL-04\Local Settings\Application Data\Google\Chrome\Application\15.0.874.106\pdf.dllCHR - plugin: BitCometAgent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dllCHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dllCHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dllCHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Administrator.LO-SAL-04\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dllCHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dllCHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dllCHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2011.10.30 22:16:04 | 000,202,984 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hostsO1 - Hosts: 127.0.0.1 localhostO1 - Hosts: 127.0.0.1 facebook.comO1 - Hosts: 127.0.0.1 www.facebook.comO1 - Hosts: 127.0.0.1 af-za.facebook.comO1 - Hosts: 127.0.0.1 az-az.facebook.comO1 - Hosts: 127.0.0.1 id-id.facebook.comO1 - Hosts: 127.0.0.1 ms-my.facebook.comO1 - Hosts: 127.0.0.1 bs-ba.facebook.comO1 - Hosts: 127.0.0.1 ca-es.facebook.comO1 - Hosts: 127.0.0.1 cs-cz.facebook.comO1 - Hosts: 127.0.0.1 cy-gb.facebook.comO1 - Hosts: 127.0.0.1 da-dk.facebook.comO1 - Hosts: 127.0.0.1 de-de.facebook.comO1 - Hosts: 127.0.0.1 et-ee.facebook.comO1 - Hosts: 127.0.0.1 en-gb.facebook.comO1 - Hosts: 127.0.0.1 es-la.facebook.comO1 - Hosts: 127.0.0.1 eo-eo.facebook.comO1 - Hosts: 127.0.0.1 eu-es.facebook.comO1 - Hosts: 127.0.0.1 tl-ph.facebook.comO1 - Hosts: 127.0.0.1 fo-fo.facebook.comO1 - Hosts: 127.0.0.1 fr-fr.facebook.comO1 - Hosts: 127.0.0.1 fy-nl.facebook.comO1 - Hosts: 127.0.0.1 ga-ie.facebook.comO1 - Hosts: 127.0.0.1 gl-es.facebook.comO1 - Hosts: 127.0.0.1 ko-kr.facebook.comO1 - Hosts: 50053 more lines...O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll (Babylon BHO)O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll (Babylon Ltd.)O3 - HKU\S-1-5-21-1220945662-682003330-1801674531-500\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)O4 - HKLM..\Run: [bigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) File not foundO4 - HKLM..\Run: [bTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll ()O4 - HKLM..\Run: [Domino] C:\WINDOWS\Domino.exe (Vimicro)O4 - HKLM..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice File not foundO4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)O4 - HKLM..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey File not foundO4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)O4 - HKLM..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)O4 - HKLM..\Run: [synchronization Manager] C:\WINDOWS\System32\mobsync.exe (Microsoft Corporation)O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)O4 - HKLM..\Run: [tray_ico] File not foundO4 - HKLM..\Run: [tray_ico2] File not foundO4 - HKLM..\Run: [tray_ico3] File not foundO4 - HKLM..\Run: [tray_ico4] File not foundO4 - HKLM..\Run: [VMSnap3] C:\WINDOWS\vmsnap3.exe (ZSMCSNAP)O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)O4 - HKU\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)O4 - HKU\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)O4 - HKU\S-1-5-21-1220945662-682003330-1801674531-500..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)O4 - HKU\S-1-5-21-1220945662-682003330-1801674531-500..\Run: [Google Update] C:\Documents and Settings\Administrator.LO-SAL-04\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)O4 - HKU\S-1-5-21-1220945662-682003330-1801674531-500..\Run: [skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-21-1220945662-682003330-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O8 - Extra context menu item: &С&валяне &с BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)O8 - Extra context menu item: &С&валяне на всички с BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)O9 - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()O9 - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1296224796363 (WUWebControl Class)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C416B4CB-2982-47E8-A352-8E394DCCAF24}: DhcpNameServer = 192.168.2.1O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ipp - No CLSID value foundO18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\msdaipp - No CLSID value foundO18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)O20 - HKLM Winlogon: UIHost - (logonui.exe) -C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)O24 - Desktop Components:0 (My Current Home Page) - About:HomeO24 - Desktop WallPaper: C:\Documents and Settings\Administrator.LO-SAL-04\Local Settings\Application Data\Microsoft\Wallpaper1.bmpO24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator.LO-SAL-04\Local Settings\Application Data\Microsoft\Wallpaper1.bmpO28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O29 - HKLM SecurityProviders - (msapsspc.dll) -C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)O29 - HKLM SecurityProviders - (schannel.dll) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)O29 - HKLM SecurityProviders - (digest.dll) -C:\WINDOWS\System32\digest.dll (Microsoft Corporation)O29 - HKLM SecurityProviders - (msnsspc.dll) -C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)O30 - LSA: Authentication Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)O30 - LSA: Security Packages - (kerberos) -C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)O30 - LSA: Security Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)O30 - LSA: Security Packages - (schannel) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)O30 - LSA: Security Packages - (wdigest) -C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)O31 - SafeBoot: AlternateShell - cmd.exeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2011.01.28 06:10:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: (autocheck autochk *)O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not foundNetSvcs: HidServ - File not foundNetSvcs: Ias - File not foundNetSvcs: Iprip - File not foundNetSvcs: Irmon - File not foundNetSvcs: NWCWorkstation - File not foundNetSvcs: Nwsapagent - File not foundNetSvcs: WmdmPmSp - File not foundNetSvcs: BITS - File not found NetSvcs: 6to4 - File not foundNetSvcs: HidServ - File not foundNetSvcs: Ias - File not foundNetSvcs: Iprip - File not foundNetSvcs: Irmon - File not foundNetSvcs: NWCWorkstation - File not foundNetSvcs: Nwsapagent - File not foundNetSvcs: WmdmPmSp - File not foundNetSvcs: BITS - File not found SafeBootMin: Base - Driver GroupSafeBootMin: Boot Bus Extender - Driver GroupSafeBootMin: Boot file system - Driver GroupSafeBootMin: File system - Driver GroupSafeBootMin: Filter - Driver GroupSafeBootMin: MsMpSvc - File not foundSafeBootMin: PCI Configuration - Driver GroupSafeBootMin: PNP Filter - Driver GroupSafeBootMin: Primary disk - Driver GroupSafeBootMin: SCSI Class - Driver GroupSafeBootMin: sermouse.sys - DriverSafeBootMin: System Bus Extender - Driver GroupSafeBootMin: vga.sys - DriverSafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllersSafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM DriveSafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDriveSafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controllerSafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - HdcSafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - KeyboardSafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - MouseSafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA AdaptersSafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapterSafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - SystemSafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk driveSafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - VolumeSafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver GroupSafeBootNet: Boot Bus Extender - Driver GroupSafeBootNet: Boot file system - Driver GroupSafeBootNet: File system - Driver GroupSafeBootNet: Filter - Driver GroupSafeBootNet: MsMpSvc - File not foundSafeBootNet: NDIS Wrapper - Driver GroupSafeBootNet: NetBIOSGroup - Driver GroupSafeBootNet: NetDDEGroup - Driver GroupSafeBootNet: Network - Driver GroupSafeBootNet: NetworkProvider - Driver GroupSafeBootNet: PCI Configuration - Driver GroupSafeBootNet: PNP Filter - Driver GroupSafeBootNet: PNP_TDI - Driver GroupSafeBootNet: Primary disk - Driver GroupSafeBootNet: SCSI Class - Driver GroupSafeBootNet: sermouse.sys - DriverSafeBootNet: Streams Drivers - Driver GroupSafeBootNet: System Bus Extender - Driver GroupSafeBootNet: TDI - Driver GroupSafeBootNet: vga.sys - DriverSafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllersSafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM DriveSafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDriveSafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controllerSafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - HdcSafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - KeyboardSafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - MouseSafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - NetSafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClientSafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetServiceSafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTransSafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA AdaptersSafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapterSafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - SystemSafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk driveSafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - VolumeSafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ========== Files/Folders - Created Within 90 Days ========== [2011.10.31 21:35:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LO-SAL-04\Start Menu\Programs\Google Chrome[2011.10.31 21:24:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LO-SAL-04\Local Settings\Application Data\Google[2011.10.31 21:23:54 | 000,606,576 | ---- | C] (Google Inc.) -- C:\Documents and Settings\Administrator.LO-SAL-04\Desktop\ChromeSetup.exe[2011.10.31 20:21:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LO-SAL-04\Start Menu\Programs\CyberLink PowerDVD[2011.10.30 22:06:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\Malwarebytes[2011.10.30 22:06:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware[2011.10.30 22:06:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes[2011.10.30 22:06:04 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys[2011.10.30 22:06:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware[2011.10.30 22:01:18 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator.LO-SAL-04\Desktop\mbam-setup-1.51.2.1300.exe[2011.10.30 19:37:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-2-0-lnk[2011.10.30 19:37:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-2-0[2011.10.30 19:35:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ESET[2011.10.30 19:17:04 | 000,000,000 | ---D | C] -- d:\My Documents\Downloads[2011.10.30 18:49:07 | 000,000,000 | ---D | C] -- d:\My Documents\New Folder (2)[2011.10.30 17:30:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump[2011.10.30 17:23:14 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin[2011.10.30 15:39:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}[2011.10.30 15:37:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\FreeFileViewer[2011.10.30 15:31:02 | 000,000,000 | ---D | C] -- C:\Program Files\File Type Assistant[2011.10.30 15:30:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FreeFileViewer[2011.10.30 15:30:56 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFileViewer[2011.10.30 14:49:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LO-SAL-04\Local Settings\Application Data\PackageAware[2011.10.30 14:47:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\BitComet[2011.10.30 14:42:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ufa[2011.10.30 14:42:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\phoenix[2011.10.30 14:35:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.5.0[2011.10.29 22:56:52 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.2[2011.10.29 22:49:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\WinRAR[2011.10.29 22:48:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\av_ico[2011.10.29 22:47:04 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.1[2011.10.29 22:47:03 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-14-0-lnk[2011.10.29 22:47:03 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-14-0[2011.10.29 16:30:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LO-SAL-04\Local Settings\Application Data\WMTools Downloaded Files[2011.10.29 16:27:41 | 000,000,000 | R--D | C] -- d:\My Documents\My Videos[2011.10.22 14:17:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\BabylonToolbar[2011.09.18 14:35:50 | 000,000,000 | ---D | C] -- C:\My Documents[2011.09.18 14:31:14 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar[2011.09.18 14:31:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LO-SAL-04\Start Menu\Programs\FoxTab AVI Converter[2011.09.18 14:30:59 | 000,000,000 | ---D | C] -- C:\Program Files\FoxTabAVIConverter[2011.09.18 14:30:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Babylon[2011.09.18 14:30:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LO-SAL-04\Local Settings\Application Data\Babylon[2011.09.18 14:30:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\Babylon[2011.09.18 14:28:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Witcobber[2011.09.18 14:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\Witcobber[2011.08.28 12:52:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LO-SAL-04\Local Settings\Application Data\Microsoft Help[2011.08.25 14:37:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\Winamp[2011.08.25 07:25:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype[2011.08.09 14:24:52 | 000,154,136 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys[2011.08.04 09:20:38 | 000,103,112 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdir.sys[2011.08.04 09:20:36 | 000,118,104 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ][1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 90 Days ========== [2011.10.31 23:06:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{6F27982F-91CB-4B8F-926F-DE7C215CC46D}.job[2011.10.31 22:29:01 | 000,001,130 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-682003330-1801674531-500UA.job[2011.10.31 21:35:20 | 000,002,418 | ---- | M] () -- C:\Documents and Settings\Administrator.LO-SAL-04\Desktop\Google Chrome.lnk[2011.10.31 21:35:20 | 000,002,396 | ---- | M] () -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk[2011.10.31 21:29:00 | 000,001,078 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-682003330-1801674531-500Core.job[2011.10.31 21:24:07 | 000,606,576 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrator.LO-SAL-04\Desktop\ChromeSetup.exe[2011.10.31 20:26:03 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Administrator.LO-SAL-04\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2011.10.31 20:24:47 | 000,505,282 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat[2011.10.31 20:24:47 | 000,087,306 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat[2011.10.31 20:24:47 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\FreeFileViewerUpdateChecker.job[2011.10.31 20:21:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2011.10.31 20:20:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2011.10.30 22:06:08 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk[2011.10.30 22:02:44 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator.LO-SAL-04\Desktop\mbam-setup-1.51.2.1300.exe[2011.10.30 19:37:49 | 000,000,215 | ---- | M] () -- C:\boot.ini[2011.10.30 15:30:59 | 000,000,772 | ---- | M] () -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\Microsoft\Internet Explorer\Quick Launch\FreeFileViewer.lnk[2011.10.30 14:42:40 | 005,589,370 | ---- | M] () -- C:\WINDOWS\phoenix.rar[2011.10.30 14:42:40 | 000,246,272 | ---- | M] () -- C:\WINDOWS\unrar.exe[2011.10.30 14:42:40 | 000,182,617 | ---- | M] () -- C:\WINDOWS\ufa.rar[2011.10.30 14:42:39 | 001,075,284 | ---- | M] () -- C:\WINDOWS\rpcminer.rar[2011.10.30 14:35:47 | 000,000,112 | ---- | M] () -- C:\WINDOWS\info1[2011.10.29 22:50:32 | 000,000,000 | ---- | M] () -- C:\WINDOWS\loader2.exe_ok[2011.10.29 22:49:47 | 000,904,792 | ---- | M] () -- C:\WINDOWS\geoiplist.rar[2011.10.29 16:36:35 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini[2011.10.29 16:15:03 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job[2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys[2011.08.09 14:24:52 | 000,154,136 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys[2011.08.04 09:20:38 | 000,103,112 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdir.sys[2011.08.04 09:20:36 | 000,118,104 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ][1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.10.31 21:35:20 | 000,002,418 | ---- | C] () -- C:\Documents and Settings\Administrator.LO-SAL-04\Desktop\Google Chrome.lnk[2011.10.31 21:35:20 | 000,002,396 | ---- | C] () -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk[2011.10.31 21:24:13 | 000,001,130 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-682003330-1801674531-500UA.job[2011.10.31 21:24:13 | 000,001,078 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-682003330-1801674531-500Core.job[2011.10.30 22:06:08 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk[2011.10.30 15:31:00 | 000,000,394 | ---- | C] () -- C:\WINDOWS\tasks\FreeFileViewerUpdateChecker.job[2011.10.30 15:30:59 | 000,000,772 | ---- | C] () -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\Microsoft\Internet Explorer\Quick Launch\FreeFileViewer.lnk[2011.10.30 14:42:40 | 005,589,370 | ---- | C] () -- C:\WINDOWS\phoenix.rar[2011.10.30 14:42:40 | 000,182,617 | ---- | C] () -- C:\WINDOWS\ufa.rar[2011.10.30 14:42:39 | 001,075,284 | ---- | C] () -- C:\WINDOWS\rpcminer.rar[2011.10.29 22:52:31 | 000,000,112 | ---- | C] () -- C:\WINDOWS\info1[2011.10.29 22:49:49 | 004,636,907 | ---- | C] () -- C:\WINDOWS\geoiplist[2011.10.29 22:49:48 | 000,246,272 | ---- | C] () -- C:\WINDOWS\unrar.exe[2011.10.29 22:49:47 | 000,904,792 | ---- | C] () -- C:\WINDOWS\geoiplist.rar[2011.10.29 22:49:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\loader2.exe_ok[2011.09.18 14:36:42 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini[2011.04.24 20:32:43 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\setupfilter.exe[2011.03.11 18:13:55 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Administrator.LO-SAL-04\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2011.02.27 18:59:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat[2011.02.18 16:56:29 | 000,163,336 | ---- | C] () -- C:\WINDOWS\hpoins38.dat[2011.02.18 16:56:29 | 000,000,622 | ---- | C] () -- C:\WINDOWS\hpomdl38.dat[2011.02.12 21:08:42 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat[2011.02.12 16:14:37 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat[2011.01.28 21:11:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI[2011.01.28 20:59:49 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll[2011.01.28 19:31:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin[2011.01.28 19:31:18 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat[2011.01.28 19:31:18 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe[2011.01.28 19:31:18 | 000,203,336 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat[2011.01.28 19:31:18 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe[2011.01.28 19:31:18 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat[2011.01.28 18:59:51 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll[2011.01.28 08:03:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI[2011.01.28 08:02:55 | 000,268,600 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2011.01.28 06:23:28 | 000,014,051 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat[2011.01.28 06:20:10 | 000,000,135 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini[2011.01.28 06:18:00 | 000,002,589 | ---- | C] () -- C:\WINDOWS\wincmd.ini[2011.01.28 06:12:10 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat[2011.01.28 06:08:16 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat[2008.05.26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin[2008.05.26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin[2008.04.14 04:55:28 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin[2007.09.27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini[2007.09.27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini[2007.09.27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini[2006.12.31 06:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat[2001.08.23 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin[2001.08.23 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat[2001.08.23 14:00:00 | 000,505,282 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat[2001.08.23 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat[2001.08.23 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat[2001.08.23 14:00:00 | 000,087,306 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat[2001.08.23 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin[2001.08.23 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat[2001.08.23 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat[2001.08.23 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat ========== LOP Check ========== [2011.02.01 15:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\administrator\Application Data\Windows Desktop Search[2011.09.18 14:30:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\Babylon[2011.10.22 14:17:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\BabylonToolbar[2011.10.30 15:32:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\BitComet[2011.10.30 15:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\FreeFileViewer[2011.02.14 17:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\TeamViewer[2011.02.01 15:40:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\Windows Desktop Search[2011.02.14 22:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.LO-SAL-04\Application Data\Windows Search[2011.09.18 14:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon[2011.01.28 06:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ralink Driver[2011.01.28 21:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip[2011.10.30 15:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}[2011.01.31 17:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\o-sal-04\Application Data\Windows Desktop Search[2011.01.28 20:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\office\Application Data\DAEMON Tools[2011.01.28 16:51:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\office\Application Data\Windows Desktop Search[2011.10.31 20:24:47 | 000,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job[2011.10.29 16:15:03 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job[2011.10.31 23:06:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{6F27982F-91CB-4B8F-926F-DE7C215CC46D}.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2011.01.28 06:10:30 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT[2011.10.30 19:37:49 | 000,000,215 | ---- | M] () -- C:\boot.ini[2011.01.28 06:10:30 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS[2011.01.28 06:10:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS[2011.01.28 06:10:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS[2008.04.13 21:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM[2008.04.13 23:01:44 | 000,250,048 | RHS- | M] () -- C:\ntldr[2011.10.31 20:20:20 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys[2011.01.28 19:00:02 | 000,000,208 | ---- | M] () -- C:\RTKNIC_setup.log < %USERPROFILE%\*.* >[2011.10.31 08:30:11 | 004,456,448 | -H-- | M] () -- C:\Documents and Settings\Administrator.LO-SAL-04\NTUSER.DAT[2011.10.31 23:08:08 | 000,001,024 | -H-- | M] () -- C:\Documents and Settings\Administrator.LO-SAL-04\NtUser.dat.LOG[2011.10.31 08:30:11 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator.LO-SAL-04\ntuser.ini < %USERPROFILE%\AppData\Local\*.* > < %USERPROFILE%\AppData\Roaming\*.* > Invalid Environment Variable: ProgramData < %CommonProgramFiles%\*.* > < %PROGRAMFILES%\*.* > < %systemroot%\system32\*.dll /lockedfiles >[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /90 >[2011.08.09 14:24:52 | 000,154,136 | ---- | M] (ESET) -- C:\WINDOWS\system32\drivers\eamon.sys[2011.08.04 09:20:36 | 000,118,104 | ---- | M] (ESET) -- C:\WINDOWS\system32\drivers\ehdrv.sys[2011.08.04 09:20:38 | 000,103,112 | ---- | M] (ESET) -- C:\WINDOWS\system32\drivers\epfwtdir.sys[2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys < %systemroot%\system32\drivers\*.sys /lockedfiles >[2011.01.28 20:01:32 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll[2009.04.20 12:23:48 | 000,315,904 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\hpfpp70w.dll[2006.10.26 19:58:12 | 000,030,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\mdippr.dll[2006.10.26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\msonpppr.dll < MD5 for: EXPLORER.EXE >[2008.04.14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe[2008.04.14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe < MD5 for: USERINIT.EXE >[2008.04.14 04:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe[2008.04.14 04:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe < MD5 for: VOLSNAP.SYS >[2008.04.13 23:11:02 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\system32\dllcache\volsnap.sys[2008.04.13 23:11:02 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\system32\drivers\volsnap.sys < MD5 for: WINLOGON.EXE >[2008.04.14 04:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe[2008.04.14 04:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe < End of report > OTL Extras logfile created on: 31.10.2011 г. 23:04:36 - Run 1OTL by OldTimer - Version 3.2.31.0 Folder = d:\My Documents\DownloadsWindows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: dd.M.yyyy 'г.' 2,98 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 69,49% Memory free4,83 Gb Paging File | 3,97 Gb Available in Paging File | 82,21% Paging File freePaging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 97,65 Gb Total Space | 83,98 Gb Free Space | 85,99% Space Free | Partition Type: NTFSDrive D: | 368,10 Gb Total Space | 364,79 Gb Free Space | 99,10% Space Free | Partition Type: NTFS Computer Name: LO-SAL-04 | User Name: Administrator | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All usersCompany Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_USERS\S-1-5-21-1220945662-682003330-1801674531-500\SOFTWARE\Classes\<extension>].html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*exefile [open] -- "%1" %*piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"FirstRunDisabled" = 1"AntiVirusDisableNotify" = 0"FirewallDisableNotify" = 0"UpdatesDisableNotify" = 0"AntiVirusOverride" = 0"FirewallOverride" = 1"DisableThumbnailCache" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]"DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]"Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]"Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall" = 1"DoNotAllowExceptions" = 0"DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)"7774:TCP" = 7774:TCP:*:Enabled:BitComet 7774 TCP"7774:UDP" = 7774:UDP:*:Enabled:BitComet 7774 UDP"20866:TCP" = 20866:TCP:*:Enabled:BitComet 20866 TCP"20866:UDP" = 20866:UDP:*:Enabled:BitComet 20866 UDP ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)"C:\Program Files\RealVNC\VNC4\winvnc4.exe" = C:\Program Files\RealVNC\VNC4\winvnc4.exe:*:Enabled:winvnc4 -- (RealVNC Ltd.)"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- (www.BitComet.com)"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)"C:\Documents and Settings\Administrator.LO-SAL-04\Desktop\Flash-Player.exe" = C:\Documents and Settings\Administrator.LO-SAL-04\Desktop\Flash-Player.exe:*:Enabled:C:\Documents and Settings\Administrator.LO-SAL-04\Desktop\Flash-Player.exe"C:\WINDOWS\update.1\svchost.exe" = C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe"C:\WINDOWS\services32.exe" = C:\WINDOWS\services32.exe:*:Enabled:C:\WINDOWS\services32.exe"C:\WINDOWS\update.tray-14-0\svchost.exe" = C:\WINDOWS\update.tray-14-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-14-0\svchost.exe"C:\WINDOWS\update.2\svchost.exe" = C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe"C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe" = C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe:*:Enabled:FreeFileViewerUpdateChecker -- (Bitberry Software) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{0399ECE0-2D9D-67A6-B7DB-8DC155E4A7FC}" = Catalyst Control Center Localization All"{045C1352-7B83-6B4D-612C-72D4F6A9341D}" = CCC Help Russian"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller"{09CFC9D2-E679-51E7-0531-CD441262B4FE}" = CCC Help Italian"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch"{1D45E101-A271-352C-A126-43F5970EDFF5}" = CCC Help Polish"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java™ 6 Update 26"{26CC7245-E886-DD6E-2FEB-294CA95A70DC}" = ccc-core-static"{2A0462E5-D2D2-FF72-5852-8FEA836CACE8}" = CCC Help Czech"{2D2AFB23-63E3-44D4-A404-2071CEC281EE}" = HP 3D DriveGuard"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm"{2FBD0298-4F87-DCC0-6D5C-D8FE6B8AA2D7}" = CCC Help Korean"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP"{3A50B66B-5DC7-FA72-C295-C5A3AFAB5312}" = CCC Help Turkish"{3B7FF742-D6B9-6E22-983D-16D45E7C8D73}" = CCC Help Chinese Standard"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile"{3CFC16D1-C831-4CEB-B27D-342E7E2D5603}" = ESET NOD32 Antivirus"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials"{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Premium"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter"{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}" = HP HotKey Support"{614FDEBF-629E-8761-7861-826EC21B05A3}" = Skins"{61CF2C86-8E46-4210-A115-E4D6C65AF369}" = HP Photosmart B109a-m All-In-One Driver Software 13.0 Rel .6"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components"{656FDFA4-C7C6-40D9-99F7-F6F331412AEF}" = WarrantyExtension"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update"{73DE4D0D-1339-B281-D859-25D55401581F}" = CCC Help German"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client"{80FE5490-E9DD-4AE9-8537-3EB5EFB606FC}" = PS_AIO_06_B109a-m_SW_Min"{8172AA8D-C1FB-0A46-6F3A-1322472B632E}" = CCC Help Dutch"{84F121DF-B2B8-137D-9C8F-0FC0857114C0}" = CCC Help English"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight"{8AC44880-E987-7113-5EE9-0B86FAE861EF}" = CCC Help Spanish"{8E000CC8-D7CB-C26B-8F04-FAA7D5EA771E}" = CCC Help Chinese Traditional"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT3090 802.11b/g/n WiFi Adapter"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer"{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = GLOBUL Connection Manager"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader"{983D0839-FA66-A660-A1B7-5124D58C858C}" = CCC Help French"{9BB24065-F6A0-4D16-82B6-4101D4CEA92E}_is1" = Photo Resizer 2.0"{9F557DB4-2471-8B4F-34E3-2AEA8381641E}" = CCC Help Finnish"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2"{A7088981-011F-D45F-4B00-A9A9F24F52BC}" = CCC Help Swedish"{A973FFBC-A488-433D-8AAB-4AD1F279978B}" = Catalyst Control Center - Branding"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.6"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status"{AF20390E-5ADD-4CB0-BF9D-EDF6E7891AD9}" = B109a-m"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype"{BBE530A1-7977-458D-8D2D-6BD5CE8B4B54}" = B109a-m_NCL_Help"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2"{C0D2C682-27BE-C782-0947-EFABF7AC4E9F}" = CCC Help Portuguese"{C3948E6B-50D9-5573-E9A4-427D777CD921}" = CCC Help Thai"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1"{CE3B8E96-B0AF-4871-9178-1519B58E3A93}" = A4 TECH PC Camera H"{D1A07598-1282-ADE3-FE8D-5FE7ADBC3210}" = ATI Catalyst Install Manager"{DB669F4D-5D5D-19A8-A2CE-AB3D9CEAE57B}" = CCC Help Japanese"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp"{E1214476-012C-5684-5A00-0283E0365764}" = ccc-utility"{E2E75B97-61D8-9AFE-B607-D44EDF356DC4}" = CCC Help Greek"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio"{E604BA07-26AC-DD99-AE92-DDA6D8F56F35}" = CCC Help Norwegian"{E9D69FD8-484A-4668-6C16-9B909A631562}" = Catalyst Control Center InstallProxy"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery"{F00FC116-5397-6745-35AB-EC0A96B35D88}" = CCC Help Danish"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver"{FC5C7990-C64E-DA00-DBB1-3E9467CAF5FE}" = CCC Help Hungarian"1DF1F719-D43A-46E8-950F-65A8D96C678A.MBT_is1" = Ralink Motorola BC4 Bluetooth 3.0+HS Adapter"Adobe AIR" = Adobe AIR"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin"BabylonToolbar" = Babylon toolbar on IE"BitComet" = BitComet 1.29"ENTERPRISE" = Microsoft Office Enterprise 2007"ffdshow_is1" = ffdshow [rev 1405] [2007-08-04]"FreeFileViewer_is1" = Free File Viewer 2011"GOM Player" = GOM Player"HP Imaging Device Functions" = HP Imaging Device Functions 13.0"HP Print Projects" = HP Print Projects 1.0"HP Smart Web Printing" = HP Smart Web Printing 4.5"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0"HPExtendedCapabilities" = HP Customer Participation Program 13.0"ie8" = Windows Internet Explorer 8"InstallShield_{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile"Microsoft Security Client" = Microsoft Security Essentials"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP"RealVNC_is1" = VNC Free Edition 4.1.3"SA Dictionary 2005 T2" = SA Dictionary 2005 T2"Shop for HP Supplies" = Shop for HP Supplies"Super Video Splitter_is1" = Super Video Splitter 5.8"SynTPDeinstKey" = Synaptics Pointing Device Driver"Totalcmd" = Total Commander (Remove or Repair)"Trusted Software Assistant_is1" = File Type Assistant"VIVACOM 3G USB MODEM ALCATEL_is1" = VIVACOM 3G USB MODEM"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9"Winamp" = Winamp"Windows Media Format Runtime" = Windows Media Format 11 runtime"Windows Media Player" = Windows Media Player 11"WinLiveSuite_Wave3" = Windows Live Essentials"WinRAR archiver" = WinRAR archiver"WMFDist11" = Windows Media Format 11 runtime"wmp11" = Windows Media Player 11"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1220945662-682003330-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ]Error - 30.10.2011 г. 16:17:02 | Computer Name = LO-SAL-04 | Source = Windows Search Service | ID = 3013Description = The entry <C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR.LO-SAL-04\STARTMENU\PROGRAMS\CYBERLINK POWERDVD\CYBERLINK POWERDVD.LNK> in the hash map cannotbe updated. Context: Application, SystemIndex Catalog Details: A device attachedto the system is not functioning. (0x8007001f) Error - 30.10.2011 г. 16:17:02 | Computer Name = LO-SAL-04 | Source = Windows Search Service | ID = 3013Description = The entry <C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR.LO-SAL-04\STARTMENU\PROGRAMS\CYBERLINK POWERDVD\CYBERLINK POWERDVD.LNK> in the hash map cannotbe updated. Context: Application, SystemIndex Catalog Details: A device attachedto the system is not functioning. (0x8007001f) Error - 30.10.2011 г. 16:17:02 | Computer Name = LO-SAL-04 | Source = Windows Search Service | ID = 3013Description = The entry <C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR.LO-SAL-04\STARTMENU\PROGRAMS\CYBERLINK POWERDVD\POWERDVD HELP FILE.LNK> in the hash map cannotbe updated. Context: Application, SystemIndex Catalog Details: A device attachedto the system is not functioning. (0x8007001f) Error - 30.10.2011 г. 16:17:02 | Computer Name = LO-SAL-04 | Source = Windows Search Service | ID = 3013Description = The entry <C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR.LO-SAL-04\STARTMENU\PROGRAMS\CYBERLINK POWERDVD\POWERDVD HELP FILE.LNK> in the hash map cannotbe updated. Context: Application, SystemIndex Catalog Details: A device attachedto the system is not functioning. (0x8007001f) Error - 30.10.2011 г. 16:17:02 | Computer Name = LO-SAL-04 | Source = Windows Search Service | ID = 3013Description = The entry <C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR.LO-SAL-04\STARTMENU\PROGRAMS\CYBERLINK POWERDVD\ONLINE REGISTRATION.LNK> in the hash map cannotbe updated. Context: Application, SystemIndex Catalog Details: A device attachedto the system is not functioning. (0x8007001f) Error - 30.10.2011 г. 16:17:02 | Computer Name = LO-SAL-04 | Source = Windows Search Service | ID = 3013Description = The entry <C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR.LO-SAL-04\STARTMENU\PROGRAMS\CYBERLINK POWERDVD\ONLINE REGISTRATION.LNK> in the hash map cannotbe updated. Context: Application, SystemIndex Catalog Details: A device attachedto the system is not functioning. (0x8007001f) Error - 30.10.2011 г. 16:17:02 | Computer Name = LO-SAL-04 | Source = Windows Search Service | ID = 3013Description = The entry <C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR.LO-SAL-04\STARTMENU\PROGRAMS\CYBERLINK POWERDVD\SYSTEM DIAGNOSIS.LNK> in the hash map cannot beupdated. Context: Application, SystemIndex Catalog Details: A device attached tothe system is not functioning. (0x8007001f) Error - 30.10.2011 г. 16:17:02 | Computer Name = LO-SAL-04 | Source = Windows Search Service | ID = 3013Description = The entry <C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR.LO-SAL-04\STARTMENU\PROGRAMS\CYBERLINK POWERDVD\SYSTEM DIAGNOSIS.LNK> in the hash map cannot beupdated. Context: Application, SystemIndex Catalog Details: A device attached tothe system is not functioning. (0x8007001f) Error - 30.10.2011 г. 16:17:02 | Computer Name = LO-SAL-04 | Source = Windows Search Service | ID = 3013Description = The entry <C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR.LO-SAL-04\STARTMENU\PROGRAMS\CYBERLINK POWERDVD\UNINSTALL POWERDVD.LNK> in the hash map cannotbe updated. Context: Application, SystemIndex Catalog Details: A device attachedto the system is not functioning. (0x8007001f) Error - 30.10.2011 г. 16:17:02 | Computer Name = LO-SAL-04 | Source = Windows Search Service | ID = 3013Description = The entry <C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR.LO-SAL-04\STARTMENU\PROGRAMS\CYBERLINK POWERDVD\UNINSTALL POWERDVD.LNK> in the hash map cannotbe updated. Context: Application, SystemIndex Catalog Details: A device attachedto the system is not functioning. (0x8007001f) [ System Events ]Error - 31.10.2011 г. 02:25:45 | Computer Name = LO-SAL-04 | Source = Service Control Manager | ID = 7000Description = The Microsoft Antimalware Service service failed to start due to thefollowing error: %%3 Error - 31.10.2011 г. 02:25:45 | Computer Name = LO-SAL-04 | Source = Service Control Manager | ID = 7000Description = The ESET Service service failed to start due to the following error: %%3 Error - 31.10.2011 г. 02:26:22 | Computer Name = LO-SAL-04 | Source = System Error | ID = 1003Description = Error code 00000019, parameter1 00000020, parameter2 e5b5a000, parameter3e5b5a0e0, parameter4 0c1c0800. Error - 31.10.2011 г. 14:20:43 | Computer Name = LO-SAL-04 | Source = Service Control Manager | ID = 7000Description = The Microsoft Antimalware Service service failed to start due to thefollowing error: %%3 Error - 31.10.2011 г. 14:20:43 | Computer Name = LO-SAL-04 | Source = Service Control Manager | ID = 7000Description = The ESET Service service failed to start due to the following error: %%3 Error - 31.10.2011 г. 15:09:21 | Computer Name = LO-SAL-04 | Source = Disk | ID = 262155Description = The driver detected a controller error on \Device\Harddisk1\D. Error - 31.10.2011 г. 15:09:21 | Computer Name = LO-SAL-04 | Source = Disk | ID = 262155Description = The driver detected a controller error on \Device\Harddisk1\D. Error - 31.10.2011 г. 15:09:22 | Computer Name = LO-SAL-04 | Source = Disk | ID = 262155Description = The driver detected a controller error on \Device\Harddisk1\D. Error - 31.10.2011 г. 15:09:22 | Computer Name = LO-SAL-04 | Source = Disk | ID = 262155Description = The driver detected a controller error on \Device\Harddisk1\D. Error - 31.10.2011 г. 15:09:22 | Computer Name = LO-SAL-04 | Source = Disk | ID = 262155Description = The driver detected a controller error on \Device\Harddisk1\D. < End of report > Цитирай Link to comment Сподели другаде More sharing options...
Night_Raven Публикувано Октомври 31, 2011 Report Share Публикувано Октомври 31, 2011 Стартирай отново OTL. В празното поле "Custom Scans/Fixes" (в долната част на програмата) постави следния текст (маркирай го, натисни Ctrl+C и после в полето на OTL натисни Ctrl+V): :OTL O4 - HKLM..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey File not found O4 - HKLM..\Run: [tray_ico] File not found O4 - HKLM..\Run: [tray_ico2] File not found O4 - HKLM..\Run: [tray_ico3] File not found O4 - HKLM..\Run: [tray_ico4] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0 [2011.10.30 19:37:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-2-0-lnk [2011.10.30 19:37:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-2-0 [2011.10.30 14:42:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ufa [2011.10.30 14:42:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\phoenix [2011.10.30 14:35:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.5.0 [2011.10.29 22:56:52 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.2 [2011.10.29 22:48:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\av_ico [2011.10.29 22:47:04 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.1 [2011.10.29 22:47:03 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-14-0-lnk [2011.10.29 22:47:03 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-14-0 [2011.10.30 14:42:40 | 005,589,370 | ---- | M] () -- C:\WINDOWS\phoenix.rar [2011.10.30 14:42:40 | 000,246,272 | ---- | M] () -- C:\WINDOWS\unrar.exe [2011.10.30 14:42:40 | 000,182,617 | ---- | M] () -- C:\WINDOWS\ufa.rar [2011.10.30 14:42:39 | 001,075,284 | ---- | M] () -- C:\WINDOWS\rpcminer.rar [2011.10.30 14:35:47 | 000,000,112 | ---- | M] () -- C:\WINDOWS\info1 [2011.10.29 22:50:32 | 000,000,000 | ---- | M] () -- C:\WINDOWS\loader2.exe_ok [2011.10.29 22:49:47 | 000,904,792 | ---- | M] () -- C:\WINDOWS\geoiplist.rar:Files :Commands [emptytemp] [resethosts] [reboot]Копирай текста точно както е в полето. Внимавай да не изтървеш началното двуеточие и всяка команда да е на отделен ред, както е в полето. Кликни бутон Run Fix. Потвърди с OK на съобщението, че е нужен рестарт на системата. След рестарта ще се появи текстов дневник/лог. Същият файл се намира в C:\_OTL\MovedFiles. Моля, прикачи го към следващия си коментар. След това стартирай отново OTL, създай пресни дневници (както бях описал по-рано) и ги прикачи отново. Можеш да архивираш всичките файлове в един архив, а можеш и да ги прикачиш поотделно. Цитирай Link to comment Сподели другаде More sharing options...
iee Публикувано Ноември 1, 2011 Report Share Публикувано Ноември 1, 2011 Прикачил съм файловете. При повторното сканиране ми излезе само файл OTL.TxtПробвах и фейсбука се отваря вече. Ако е необходимо ще направя и следващи стъпки. Благодаря!11012011_061320.rarOTL.rar Цитирай Link to comment Сподели другаде More sharing options...
Препоръчан пост
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.