trojan problem

**mobileman1953** · 17-01-2010

running vista home premium 32bit, keep getting message from mcafee trojan detected cannot be removed or quarantined mcafee scan shows nothing any advice appreciated

hi jack this log follows

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:07:04, on 17/01/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\wbem\unsecapp.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\PROGRA~1\McAfee\MSC\mcshell.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = The Sun | The Best for News, Sport, Showbiz, Celebrities & TV | The Sun| The Sun
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell Start Page
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, News, Sport, Music, Movies, Money, Cars, Shopping, Windows Live from MSN UK
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LosAlamos] rundll32.exe C:\Windows\system32\sshnas21.dll,AttachConsoleA
O4 - HKCU\..\Run: [BMIMZMHMFM] C:\Users\linda\AppData\Local\Temp\c.exe
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\siteadvisor\mcsacore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9539 bytes

**Jim23** · 19-01-2010

The mcafee trojan detected

If its constantly happening and Mcafee scans nothing detected there two possibilities
First its possibly a false negative.
In which case I would contact Mcafee support and see if they can throw any light on this.

Secondly it could be residing in a restore point. If you turn System restore this will remove all your restore points. Turn off your PC then on restart Turn System Restore back on and create a
new restore point. This will ensure the virus/trojan is not hiding in there.
How to on System restore here: http://www.howtogeek.com/howto/windo...windows-vista/

Finally you could install Malwarbytes found here Malwarebytes.org
Download free version on left and install
How to on Malwarebytes found here: How to remove Anti-virus-1 (Removal Guide)

If problem persist after Malwarebytes scan go to here Spyware, Adware, Viruses and HijackThis Logs - D-A-L Computer Help

Our Security experts there will I'm sure be able to help

Jim

**mobileman1953** · 19-01-2010

thanks for your reply got rid of pop up but system running very slow, startup and shutdown take ages, very slow to load pages on the internet, done all the usual cleaning but to no avail any advice welcome

**Jim23** · 20-01-2010

Glad to hear the annoying pop up as gone.

Owen a D-A-L Team Member as put together a sticky on how to Speed up a PC it can be found here : -

http://www.d-a-l.com/help/spyware-ad...eeding-up.html

If after doing that the problem Still persists could you do the D-A-L Hardware scan
found here: Hardware Scan | D-A-L Computer Help

When the scans complete on the results page copy the link at the top of the page and post it here.
Could you also give us some details of how many processes are running in task manager when the
PC is idle. i.e. not running any programs just stood at desktop.

Jim

**broni** · 20-01-2010

Print these instructions out.

NOTE. If any of the programs listed below refuse to run, try renaming executive file to something else; for instance, rename hijackthis.exe to scanner.exe

***VERY IMPORTANT! Make sure, you update Superantispyware, and Malwarebytes before running the scans.***

STEP 1. Download SUPERAntiSpyware Free for Home Users:
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

* Double-click SUPERAntiSpyware.exe and use the default settings for installation.
* An icon will be created on your desktop. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here: SUPERAntiSpyware.com - Database Definition Information.)
* Close SUPERAntiSpyware.

PHYSICALLY DISCONNECT FROM THE INTERNET

Restart computer in Safe Mode.
To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; select Safe Mode; you'll see "Safe Mode" in all four corners of your screen

* Open SUPERAntiSpyware.
* Click Scan your Computer... button.
* Click Scanning Preferences/Control Center... button.
* Under General and Startup tab, make sure, Start SUPERAntiSpyware when Windows starts option is UN-checked.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked (leave all others unchecked):

Close browsers before scanning.
Terminate memory threats before quarantining.

* Click the Close button to leave the control center screen.
* On the left, make sure you check C:\Fixed Drive.
* On the right, choose Perform Complete Scan.
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click OK.
* Make sure everything has a checkmark next to it and click Next.
* A notification will appear that Quarantine and Removal is Complete. Click OK and then click the Finish button to return to the main menu.
* If asked if you want to reboot, click Yes.
* To retrieve the removal information after reboot, launch SUPERAntispyware again.

Click Preferences, then click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
Please copy and paste the Scan Log results in your next reply.

* Click Close to exit the program.
Post SUPERAntiSpyware log.

RECONNECT TO THE INTERNET

RESTART COMPUTER!

STEP 2. Download Malwarebytes' Anti-Malware: Malwarebytes.org to your desktop.
(Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

RESTART COMPUTER!

STEP 3. Download GMER: GMER - Rootkit Detector and Remover, by clicking on Download EXE button.
Alternative downloads:
- |MG| GMER 1.0.15.15281 Download
- http://www.softpedia.com/get/Interne...ers/GMER.shtml
Double click on downloaded .exe file, select Rootkit tab and click the Scan button.
When scan is completed, click Save button, and save the results as gmer.log
Warning ! Please, do not select the "Show all" checkbox during the scan.
Post the log to your next reply.

RESTART COMPUTER

STEP 4.
Post fresh HijackThis log.
NOTE. If you're using Vista, or 7, right click on HijackThis, and click Run as Administrator
Do NOT attempt to "fix" anything!

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

**mobileman1953** · 20-01-2010

thanks for your advice here are the logs

SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 01/20/2010 at 07:36 PM

Application Version : 4.33.1000

Core Rules Database Version : 4446
Trace Rules Database Version: 1978

Scan type : Complete Scan
Total Scan Time : 01:11:25

Memory items scanned : 338
Memory threats detected : 0
Registry items scanned : 7182
Registry threats detected : 0
File items scanned : 125816
File threats detected : 0

Malwarebytes' Anti-Malware 1.44
Database version: 3598
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865

19/01/2010 19:46:53
mbam-log-2010-01-19 (19-46-53).txt

Scan type: Full Scan (C:\|)
Objects scanned: 231140
Time elapsed: 2 hour(s), 3 minute(s), 43 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\BMIMZMHMFM (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WS9E3IQBKY (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover
Rootkit scan 2010-01-20 20:34:48
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\linda\AppData\Local\Temp\uxldapow.sys

---- System - GMER 1.0.15 ----

Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateFile [0x8FC2079E]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateProcess [0x8FC20738]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateProcessEx [0x8FC2074C]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwMapViewOfSection [0x8FC207DC]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwNotifyChangeKey [0x8FC2081F]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenProcess [0x8FC20710]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenThread [0x8FC20724]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwProtectVirtualMemory [0x8FC207B2]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwReplaceKey [0x8FC20847]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwRestoreKey [0x8FC20833]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetContextThread [0x8FC2078A]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetInformationProcess [0x8FC20776]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwTerminateProcess [0x8FC2080B]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0x8FC207F2]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwYieldExecution [0x8FC207C8]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateUserProcess [0x8FC20762]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtCreateFile
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtMapViewOfSection
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenProcess
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenThread
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtSetInformationProcess

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwYieldExecution 81A7D982 5 Bytes JMP 8FC207CC \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwNotifyChangeKey 81C115B5 5 Bytes JMP 8FC20823 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwCreateUserProcess 81C1BB82 3 Bytes JMP 8FC20766 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwCreateUserProcess + 4 81C1BB86 1 Byte [0E]
PAGE ntkrnlpa.exe!ZwTerminateProcess 81C42D5D 5 Bytes JMP 8FC2080F \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!NtMapViewOfSection 81C62446 7 Bytes JMP 8FC207E0 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwUnmapViewOfSection 81C62709 5 Bytes JMP 8FC207F6 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!NtSetInformationProcess 81C66474 5 Bytes JMP 8FC2077A \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwProtectVirtualMemory 81C6BE7D 7 Bytes JMP 8FC207B6 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!NtOpenThread 81C6E09A 5 Bytes JMP 8FC20728 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!NtOpenProcess 81C72B48 5 Bytes JMP 8FC20714 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!NtCreateFile 81C93D59 5 Bytes JMP 8FC207A2 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwRestoreKey 81CA47B2 5 Bytes JMP 8FC20837 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwReplaceKey 81CA59B6 5 Bytes JMP 8FC2084B \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwCreateProcess 81CE374B 5 Bytes JMP 8FC2073C \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 81CE3796 7 Bytes JMP 8FC20750 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwSetContextThread 81CE4253 5 Bytes JMP 8FC2078E \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\a-squared Free\a2service.exe[380] kernel32.dll!CreateThread + 1A 7561C928 4 Bytes CALL 0045495D C:\Program Files\a-squared Free\a2service.exe (a-squared Service/Emsi Software GmbH)
.text c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe[460] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 0041C1B0 c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee Proxy Service Module/McAfee, Inc.)
.text c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe[460] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 0041C130 c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee Proxy Service Module/McAfee, Inc.)
.text C:\Windows\system32\services.exe[668] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 00190087
.text C:\Windows\system32\services.exe[668] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 00190076
.text C:\Windows\system32\services.exe[668] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 001900CE
.text C:\Windows\system32\services.exe[668] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 001900B3
.text C:\Windows\system32\services.exe[668] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 00190F77
.text C:\Windows\system32\services.exe[668] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 00190FEF
.text C:\Windows\system32\services.exe[668] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 00190FD4
.text C:\Windows\system32\services.exe[668] kernel32.dll!CreatePipe 755F8E6E 5 Bytes JMP 00190F55
.text C:\Windows\system32\services.exe[668] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 00190F9E
.text C:\Windows\system32\services.exe[668] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 00190051
.text C:\Windows\system32\services.exe[668] kernel32.dll!LoadLibraryExA 755F94B4 5 Bytes JMP 00190FAF
.text C:\Windows\system32\services.exe[668] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 00190040
.text C:\Windows\system32\services.exe[668] kernel32.dll!VirtualProtectEx 755FDBDA 5 Bytes JMP 00190F66
.text C:\Windows\system32\services.exe[668] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 00190F1C
.text C:\Windows\system32\services.exe[668] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 00190025
.text C:\Windows\system32\services.exe[668] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 0019000A
.text C:\Windows\system32\services.exe[668] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 001900A2
.text C:\Windows\system32\services.exe[668] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 001A0047
.text C:\Windows\system32\services.exe[668] ADVAPI32.dll!RegCreateKeyA 75C33BA9 5 Bytes JMP 001A002C
.text C:\Windows\system32\services.exe[668] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 001A0000
.text C:\Windows\system32\services.exe[668] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 001A0FA5
.text C:\Windows\system32\services.exe[668] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 001A0F80
.text C:\Windows\system32\services.exe[668] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 001A001B
.text C:\Windows\system32\services.exe[668] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 001A0FDB
.text C:\Windows\system32\services.exe[668] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 001A0FC0
.text C:\Windows\system32\services.exe[668] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 00060FB9
.text C:\Windows\system32\services.exe[668] msvcrt.dll!system 7557804B 5 Bytes JMP 00060044
.text C:\Windows\system32\services.exe[668] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 00060FDE
.text C:\Windows\system32\services.exe[668] msvcrt.dll!_open 7557D106 5 Bytes JMP 00060000
.text C:\Windows\system32\services.exe[668] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 00060033
.text C:\Windows\system32\services.exe[668] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 00060FEF
.text C:\Windows\system32\services.exe[668] WS2_32.dll!socket 76FF36D1 5 Bytes JMP 00270FEF
.text C:\Windows\system32\lsass.exe[684] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 000B00F2
.text C:\Windows\system32\lsass.exe[684] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 000B00D7
.text C:\Windows\system32\lsass.exe[684] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 000B011E
.text C:\Windows\system32\lsass.exe[684] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 000B010D
.text C:\Windows\system32\lsass.exe[684] kernel32.dll!VirtualProtect 755D1DC3 1 Byte [E9]
.text C:\Windows\system32\lsass.exe[684] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 000B0FC7
.text C:\Windows\system32\lsass.exe[684] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 000B0036
.text C:\Windows\system32\lsass.exe[684] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 000B0051
.text C:\Windows\system32\lsass.exe[684] kernel32.dll!CreatePipe 755F8E6E 5 Bytes JMP 000B0FB6
.text C:\Windows\system32\lsass.exe[684] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 000B00AB
.text C:\Windows\system32\lsass.exe[684] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 000B0073
.text C:\Windows\system32\lsass.exe[684] kernel32.dll!LoadLibraryExA 755F94B4 5 Bytes JMP 000B008E
.text C:\Windows\system32\lsass.exe[684] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 000B0062
.text C:\Windows\system32\lsass.exe[684] kernel32.dll!VirtualProtectEx 755FDBDA 5 Bytes JMP 000B00BC
.text C:\Windows\system32\lsass.exe[684] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 000B0F6C
.text C:\Windows\system32\lsass.exe[684] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 000B0011
.text C:\Windows\system32\lsass.exe[684] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 000B0000
.text C:\Windows\system32\lsass.exe[684] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 000B0F91
.text C:\Windows\system32\lsass.exe[684] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 000C0FA5
.text C:\Windows\system32\lsass.exe[684] ADVAPI32.dll!RegCreateKeyA 75C33BA9 5 Bytes JMP 000C0FCA
.text C:\Windows\system32\lsass.exe[684] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 000C0000
.text C:\Windows\system32\lsass.exe[684] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 000C0047
.text C:\Windows\system32\lsass.exe[684] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 000C0062
.text C:\Windows\system32\lsass.exe[684] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 000C0036
.text C:\Windows\system32\lsass.exe[684] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 000C001B
.text C:\Windows\system32\lsass.exe[684] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 000C0FDB
.text C:\Windows\system32\lsass.exe[684] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 000A0FCA
.text C:\Windows\system32\lsass.exe[684] msvcrt.dll!system 7557804B 5 Bytes JMP 000A0055
.text C:\Windows\system32\lsass.exe[684] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 000A0044
.text C:\Windows\system32\lsass.exe[684] msvcrt.dll!_open 7557D106 5 Bytes JMP 000A000C
.text C:\Windows\system32\lsass.exe[684] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 000A0FE5
.text C:\Windows\system32\lsass.exe[684] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 000A0029
.text C:\Windows\system32\lsass.exe[684] WS2_32.dll!socket 76FF36D1 5 Bytes JMP 00860FE5
.text C:\Windows\system32\svchost.exe[844] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 006F0F44
.text C:\Windows\system32\svchost.exe[844] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 006F0F5F
.text C:\Windows\system32\svchost.exe[844] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 006F00CA
.text C:\Windows\system32\svchost.exe[844] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 006F0F33
.text C:\Windows\system32\svchost.exe[844] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 006F0F81
.text C:\Windows\system32\svchost.exe[844] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 006F0014
.text C:\Windows\system32\svchost.exe[844] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 006F002F
.text C:\Windows\system32\svchost.exe[844] kernel32.dll!CreatePipe 755F8E6E 5 Bytes JMP 006F008A
.text C:\Windows\system32\svchost.exe[844] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 006F0F9E
.text C:\Windows\system32\svchost.exe[844] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 006F004A
.text C:\Windows\system32\svchost.exe[844] kernel32.dll!LoadLibraryExA 755F94B4 5 Bytes JMP 006F005B
.text C:\Windows\system32\svchost.exe[844] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 006F0FC3
.text C:\Windows\system32\svchost.exe[844] kernel32.dll!VirtualProtectEx 755FDBDA 5 Bytes JMP 006F0F70
.text C:\Windows\system32\svchost.exe[844] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 006F0F18
.text C:\Windows\system32\svchost.exe[844] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 006F0FD4
.text C:\Windows\system32\svchost.exe[844] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 006F0FE5
.text C:\Windows\system32\svchost.exe[844] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 006F00AF
.text C:\Windows\system32\svchost.exe[844] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 00260F7C
.text C:\Windows\system32\svchost.exe[844] msvcrt.dll!system 7557804B 5 Bytes JMP 00260FA1
.text C:\Windows\system32\svchost.exe[844] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 00260FCD
.text C:\Windows\system32\svchost.exe[844] msvcrt.dll!_open 7557D106 5 Bytes JMP 00260FEF
.text C:\Windows\system32\svchost.exe[844] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 00260FB2
.text C:\Windows\system32\svchost.exe[844] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 00260FDE
.text C:\Windows\system32\svchost.exe[844] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 00700F97
.text C:\Windows\system32\svchost.exe[844] ADVAPI32.dll!RegCreateKeyA 75C33BA9 5 Bytes JMP 00700FA8
.text C:\Windows\system32\svchost.exe[844] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 00700FEF
.text C:\Windows\system32\svchost.exe[844] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 00700039
.text C:\Windows\system32\svchost.exe[844] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 00700054
.text C:\Windows\system32\svchost.exe[844] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 00700FC3
.text C:\Windows\system32\svchost.exe[844] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 00700FD4
.text C:\Windows\system32\svchost.exe[844] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 0070001E
.text C:\Windows\system32\svchost.exe[844] WS2_32.dll!socket 76FF36D1 5 Bytes JMP 00710FEF
.text C:\Windows\system32\svchost.exe[960] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 002E0F4D
.text C:\Windows\system32\svchost.exe[960] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 002E0093
.text C:\Windows\system32\svchost.exe[960] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 002E00CC
.text C:\Windows\system32\svchost.exe[960] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 002E0F2B
.text C:\Windows\system32\svchost.exe[960] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 002E005D
.text C:\Windows\system32\svchost.exe[960] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 002E0FD4
.text C:\Windows\system32\svchost.exe[960] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 002E0FC3
.text C:\Windows\system32\svchost.exe[960] kernel32.dll!CreatePipe 755F8E6E 5 Bytes JMP 002E0078
.text C:\Windows\system32\svchost.exe[960] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 002E0F83
.text C:\Windows\system32\svchost.exe[960] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 002E0F9E
.text C:\Windows\system32\svchost.exe[960] kernel32.dll!LoadLibraryExA 755F94B4 5 Bytes JMP 002E0040
.text C:\Windows\system32\svchost.exe[960] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 002E0025
.text C:\Windows\system32\svchost.exe[960] kernel32.dll!VirtualProtectEx 755FDBDA 5 Bytes JMP 002E0F68
.text C:\Windows\system32\svchost.exe[960] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 002E0F1A
.text C:\Windows\system32\svchost.exe[960] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 002E000A
.text C:\Windows\system32\svchost.exe[960] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 002E0FEF
.text C:\Windows\system32\svchost.exe[960] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 002E0F3C
.text C:\Windows\system32\svchost.exe[960] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 002F0042
.text C:\Windows\system32\svchost.exe[960] msvcrt.dll!system 7557804B 5 Bytes JMP 002F0FC1
.text C:\Windows\system32\svchost.exe[960] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 002F0027
.text C:\Windows\system32\svchost.exe[960] msvcrt.dll!_open 7557D106 5 Bytes JMP 002F0000
.text C:\Windows\system32\svchost.exe[960] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 002F0FD2
.text C:\Windows\system32\svchost.exe[960] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 002F0FEF
.text C:\Windows\system32\svchost.exe[960] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 0030004A
.text C:\Windows\system32\svchost.exe[960] ADVAPI32.dll!RegCreateKeyA 75C33BA9 5 Bytes JMP 00300F9E
.text C:\Windows\system32\svchost.exe[960] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 00300FEF
.text C:\Windows\system32\svchost.exe[960] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 0030002F
.text C:\Windows\system32\svchost.exe[960] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 0030005B
.text C:\Windows\system32\svchost.exe[960] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 00300FB9
.text C:\Windows\system32\svchost.exe[960] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 00300FD4
.text C:\Windows\system32\svchost.exe[960] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 00300014
.text C:\Windows\system32\svchost.exe[960] WS2_32.dll!socket 76FF36D1 5 Bytes JMP 008A0FEF
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 0083008C
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 00830071
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 00830EFC
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 0083009D
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 00830F6B
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 00830025
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 00830FD4
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!CreatePipe 755F8E6E 5 Bytes JMP 00830060
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 00830F86
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 00830FA8
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!LoadLibraryExA 755F94B4 5 Bytes JMP 00830F97
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 00830FC3
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!VirtualProtectEx 755FDBDA 5 Bytes JMP 00830F5A
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 00830EEB
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 00830FEF
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 00830000
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 00830F21
.text C:\Windows\System32\svchost.exe[1000] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 00840FA1
.text C:\Windows\System32\svchost.exe[1000] msvcrt.dll!system 7557804B 5 Bytes JMP 0084002C
.text C:\Windows\System32\svchost.exe[1000] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 00840FC6
.text C:\Windows\System32\svchost.exe[1000] msvcrt.dll!_open 7557D106 5 Bytes JMP 00840000
.text C:\Windows\System32\svchost.exe[1000] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 0084001B
.text C:\Windows\System32\svchost.exe[1000] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 00840FD7
.text C:\Windows\System32\svchost.exe[1000] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 00860F83
.text C:\Windows\System32\svchost.exe[1000] ADVAPI32.dll!RegCreateKeyA 75C33BA9 5 Bytes JMP 0086000A
.text C:\Windows\System32\svchost.exe[1000] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 00860FEF
.text C:\Windows\System32\svchost.exe[1000] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 00860025
.text C:\Windows\System32\svchost.exe[1000] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 00860F68
.text C:\Windows\System32\svchost.exe[1000] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 00860FB9
.text C:\Windows\System32\svchost.exe[1000] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 00860FCA
.text C:\Windows\System32\svchost.exe[1000] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 00860FA8
.text C:\Windows\System32\svchost.exe[1000] WS2_32.dll!socket 76FF36D1 5 Bytes JMP 00950000
.text C:\Windows\System32\svchost.exe[1000] wininet.dll!InternetOpenA 756DD690 5 Bytes JMP 00850FE5
.text C:\Windows\System32\svchost.exe[1000] wininet.dll!InternetOpenW 756DDB09 5 Bytes JMP 00850FD4
.text C:\Windows\System32\svchost.exe[1000] wininet.dll!InternetOpenUrlA 756DF3A4 5 Bytes JMP 00850014
.text C:\Windows\System32\svchost.exe[1000] wininet.dll!InternetOpenUrlW 75726DDF 5 Bytes JMP 00850025
.text C:\Windows\System32\svchost.exe[1100] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 00760098
.text C:\Windows\System32\svchost.exe[1100] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 00760F52
.text C:\Windows\System32\svchost.exe[1100] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 00760F12
.text C:\Windows\System32\svchost.exe[1100] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 007600A9
.text C:\Windows\System32\svchost.exe[1100] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 00760F77
.text C:\Windows\System32\svchost.exe[1100] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 00760FDB
.text C:\Windows\System32\svchost.exe[1100] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 00760FCA
.text C:\Windows\System32\svchost.exe[1100] kernel32.dll!CreatePipe 755F8E6E 5 Bytes JMP 0076007D
.text C:\Windows\System32\svchost.exe[1100] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 00760F94
.text C:\Windows\System32\svchost.exe[1100] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 00760051
.text C:\Windows\System32\svchost.exe[1100] kernel32.dll!LoadLibraryExA 755F94B4 5 Bytes JMP 00760FAF
.text C:\Windows\System32\svchost.exe[1100] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 00760036
.text C:\Windows\System32\svchost.exe[1100] kernel32.dll!VirtualProtectEx 755FDBDA 5 Bytes JMP 00760062
.text C:\Windows\System32\svchost.exe[1100] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 007600C4
.text C:\Windows\System32\svchost.exe[1100] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 00760011
.text C:\Windows\System32\svchost.exe[1100] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 00760000
.text C:\Windows\System32\svchost.exe[1100] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 00760F37
.text C:\Windows\System32\svchost.exe[1100] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 00750F95
.text C:\Windows\System32\svchost.exe[1100] msvcrt.dll!system 7557804B 5 Bytes JMP 00750FA6
.text C:\Windows\System32\svchost.exe[1100] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 00750FD2
.text C:\Windows\System32\svchost.exe[1100] msvcrt.dll!_open 7557D106 5 Bytes JMP 0075000C
.text C:\Windows\System32\svchost.exe[1100] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 00750FB7
.text C:\Windows\System32\svchost.exe[1100] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 00750FE3
.text C:\Windows\System32\svchost.exe[1100] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 00DA0F8D
.text C:\Windows\System32\svchost.exe[1100] ADVAPI32.dll!RegCreateKeyA 75C33BA9 5 Bytes JMP 00DA002F
.text C:\Windows\System32\svchost.exe[1100] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 00DA0FE5
.text C:\Windows\System32\svchost.exe[1100] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 00DA0F9E
.text C:\Windows\System32\svchost.exe[1100] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 00DA0F7C
.text C:\Windows\System32\svchost.exe[1100] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 00DA000A
.text C:\Windows\System32\svchost.exe[1100] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 00DA0FD4
.text C:\Windows\System32\svchost.exe[1100] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 00DA0FB9
.text C:\Windows\System32\svchost.exe[1100] WS2_32.dll!socket 76FF36D1 5 Bytes JMP 00DB0000
.text C:\Windows\System32\svchost.exe[1132] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 008D00C9
.text C:\Windows\System32\svchost.exe[1132] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 008D0F79
.text C:\Windows\System32\svchost.exe[1132] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 008D00FF
.text C:\Windows\System32\svchost.exe[1132] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 008D0F5E
.text C:\Windows\System32\svchost.exe[1132] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 008D0093
.text C:\Windows\System32\svchost.exe[1132] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 008D0036
.text C:\Windows\System32\svchost.exe[1132] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 008D0FE5
.text C:\Windows\System32\svchost.exe[1132] kernel32.dll!CreatePipe 755F8E6E 5 Bytes JMP 008D0F94
.text C:\Windows\System32\svchost.exe[1132] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 008D0FAF
.text C:\Windows\System32\svchost.exe[1132] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 008D006C
.text C:\Windows\System32\svchost.exe[1132] kernel32.dll!LoadLibraryExA 755F94B4 5 Bytes JMP 008D0FC0
.text C:\Windows\System32\svchost.exe[1132] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 008D005B
.text C:\Windows\System32\svchost.exe[1132] kernel32.dll!VirtualProtectEx 755FDBDA 5 Bytes JMP 008D00A4
.text C:\Windows\System32\svchost.exe[1132] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 008D0110
.text C:\Windows\System32\svchost.exe[1132] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 008D001B
.text C:\Windows\System32\svchost.exe[1132] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 008D0000
.text C:\Windows\System32\svchost.exe[1132] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 008D00DA
.text C:\Windows\System32\svchost.exe[1132] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 00A80FB9
.text C:\Windows\System32\svchost.exe[1132] msvcrt.dll!system 7557804B 5 Bytes JMP 00A80044
.text C:\Windows\System32\svchost.exe[1132] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 00A80029
.text C:\Windows\System32\svchost.exe[1132] msvcrt.dll!_open 7557D106 5 Bytes JMP 00A8000C
.text C:\Windows\System32\svchost.exe[1132] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 00A80FD4
.text C:\Windows\System32\svchost.exe[1132] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 00A80FEF
.text C:\Windows\System32\svchost.exe[1132] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 00E20FCA
.text C:\Windows\System32\svchost.exe[1132] ADVAPI32.dll!RegCreateKeyA 75C33BA9 5 Bytes JMP 00E20051
.text C:\Windows\System32\svchost.exe[1132] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 00E20000
.text C:\Windows\System32\svchost.exe[1132] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 00E20062
.text C:\Windows\System32\svchost.exe[1132] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 00E20087
.text C:\Windows\System32\svchost.exe[1132] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 00E20FE5
.text C:\Windows\System32\svchost.exe[1132] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 00E2001B
.text C:\Windows\System32\svchost.exe[1132] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 00E20040
.text C:\Windows\System32\svchost.exe[1132] WS2_32.dll!socket 76FF36D1 5 Bytes JMP 00E3000A
.text C:\Windows\system32\svchost.exe[1152] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 00D900CC
.text C:\Windows\system32\svchost.exe[1152] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 00D90F7C
.text C:\Windows\system32\svchost.exe[1152] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 00D90F35
.text C:\Windows\system32\svchost.exe[1152] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 00D90F50
.text C:\Windows\system32\svchost.exe[1152] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 00D90FB9
.text C:\Windows\system32\svchost.exe[1152] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 00D90025
.text C:\Windows\system32\svchost.exe[1152] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 00D9004A
.text C:\Windows\system32\svchost.exe[1152] kernel32.dll!CreatePipe 755F8E6E 5 Bytes JMP 00D90F97
.text C:\Windows\system32\svchost.exe[1152] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 00D90087
.text C:\Windows\system32\svchost.exe[1152] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 00D90076
.text C:\Windows\system32\svchost.exe[1152] kernel32.dll!LoadLibraryExA 755F94B4 5 Bytes JMP 00D90FCA
.text C:\Windows\system32\svchost.exe[1152] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 00D9005B
.text C:\Windows\system32\svchost.exe[1152] kernel32.dll!VirtualProtectEx 755FDBDA 5 Bytes JMP 00D90FA8
.text C:\Windows\system32\svchost.exe[1152] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 00D900DD
.text C:\Windows\system32\svchost.exe[1152] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 00D90FEF
.text C:\Windows\system32\svchost.exe[1152] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 00D9000A
.text C:\Windows\system32\svchost.exe[1152] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 00D90F61
.text C:\Windows\system32\svchost.exe[1152] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 00DE0040
.text C:\Windows\system32\svchost.exe[1152] msvcrt.dll!system 7557804B 5 Bytes JMP 00DE0FAB
.text C:\Windows\system32\svchost.exe[1152] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 00DE0FD7
.text C:\Windows\system32\svchost.exe[1152] msvcrt.dll!_open 7557D106 5 Bytes JMP 00DE0000
.text C:\Windows\system32\svchost.exe[1152] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 00DE0FC6
.text C:\Windows\system32\svchost.exe[1152] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 00DE0011
.text C:\Windows\system32\svchost.exe[1152] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 00DF0F72
.text C:\Windows\system32\svchost.exe[1152] ADVAPI32.dll!RegCreateKeyA 75C33BA9 5 Bytes JMP 00DF0F9E
.text C:\Windows\system32\svchost.exe[1152] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 00DF0000
.text C:\Windows\system32\svchost.exe[1152] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 00DF0F8D
.text C:\Windows\system32\svchost.exe[1152] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 00DF0F57
.text C:\Windows\system32\svchost.exe[1152] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 00DF0FCA
.text C:\Windows\system32\svchost.exe[1152] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 00DF0FE5
.text C:\Windows\system32\svchost.exe[1152] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 00DF0FB9
.text C:\Windows\system32\svchost.exe[1152] WS2_32.dll!socket 76FF36D1 5 Bytes JMP 00E0000A
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 002600DD
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 002600B8
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 00260F68
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 002600FF
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 00260FA8
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 00260036
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 00260FE5
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!CreatePipe 755F8E6E 5 Bytes JMP 002600A7
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 00260076
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 0026005B
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!LoadLibraryExA 755F94B4 5 Bytes JMP 00260FB9
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 00260FCA
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!VirtualProtectEx 755FDBDA 5 Bytes JMP 00260F97
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 0026011A
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 0026001B
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 0026000A
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 002600EE
.text C:\Windows\system32\svchost.exe[1328] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 00140F97
.text C:\Windows\system32\svchost.exe[1328] msvcrt.dll!system 7557804B 5 Bytes JMP 00140FA8
.text C:\Windows\system32\svchost.exe[1328] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 00140018
.text C:\Windows\system32\svchost.exe[1328] msvcrt.dll!_open 7557D106 5 Bytes JMP 00140FEF
.text C:\Windows\system32\svchost.exe[1328] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 00140FC3
.text C:\Windows\system32\svchost.exe[1328] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 00140FDE
.text C:\Windows\system32\svchost.exe[1328] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 00270087
.text C:\Windows\system32\svchost.exe[1328] ADVAPI32.dll!RegCreateKeyA 75C33BA9 5 Bytes JMP 0027005B
.text C:\Windows\system32\svchost.exe[1328] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 00270FE5
.text C:\Windows\system32\svchost.exe[1328] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 00270076
.text C:\Windows\system32\svchost.exe[1328] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 00270098
.text C:\Windows\system32\svchost.exe[1328] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 0027001B
.text C:\Windows\system32\svchost.exe[1328] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 0027000A
.text C:\Windows\system32\svchost.exe[1328] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 00270040
.text C:\Windows\system32\svchost.exe[1328] WS2_32.dll!socket 76FF36D1 5 Bytes JMP 00280000
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 00820F54
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 0082009A
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 008200C6
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 00820F2F
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 00820064
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 0082001B
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 0082002C
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!CreatePipe 755F8E6E 5 Bytes JMP 0082007F
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 00820F8A
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 00820FB6
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!LoadLibraryExA 755F94B4 5 Bytes JMP 00820FA5
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 0082003D
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!VirtualProtectEx 755FDBDA 5 Bytes JMP 00820F79
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 00820F14
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 0082000A
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 00820FEF
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 008200B5
.text C:\Windows\system32\svchost.exe[1604] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 00810047
.text C:\Windows\system32\svchost.exe[1604] msvcrt.dll!system 7557804B 5 Bytes JMP 0081002C
.text C:\Windows\system32\svchost.exe[1604] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 00810011
.text C:\Windows\system32\svchost.exe[1604] msvcrt.dll!_open 7557D106 5 Bytes JMP 00810FEF
.text C:\Windows\system32\svchost.exe[1604] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 00810FBC
.text C:\Windows\system32\svchost.exe[1604] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 00810000
.text C:\Windows\system32\svchost.exe[1604] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 00830F9A
.text C:\Windows\system32\svchost.exe[1604] ADVAPI32.dll!RegCreateKeyA 75C33BA9 5 Bytes JMP 00830FBC
.text C:\Windows\system32\svchost.exe[1604] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 00830FEF
.text C:\Windows\system32\svchost.exe[1604] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 00830FAB
.text C:\Windows\system32\svchost.exe[1604] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 00830057
.text C:\Windows\system32\svchost.exe[1604] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 00830FDE
.text C:\Windows\system32\svchost.exe[1604] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 00830014
.text C:\Windows\system32\svchost.exe[1604] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 00830FCD
.text C:\Windows\system32\svchost.exe[1604] WS2_32.dll!socket 76FF36D1 5 Bytes JMP 00840FEF
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 00EB0F46
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 00EB0F61
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 00EB0F1A
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 00EB0F35
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 00EB0F83
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 00EB0FD4
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 00EB001B
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!CreatePipe 755F8E6E 3 Bytes JMP 00EB008C
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!CreatePipe + 4 755F8E72 1 Byte [8B]
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 00EB0067
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!LoadLibraryW 755F9362 3 Bytes JMP 00EB0036
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!LoadLibraryW + 4 755F9366 1 Byte [8B]
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!LoadLibraryExA 755F94B4 3 Bytes JMP 00EB0F9E
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!LoadLibraryExA + 4 755F94B8 1 Byte [8B]
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!LoadLibraryA 755F94DC 3 Bytes JMP 00EB0FB9
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!LoadLibraryA + 4 755F94E0 1 Byte [8B]
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!VirtualProtectEx 755FDBDA 3 Bytes JMP 00EB0F72
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!VirtualProtectEx + 4 755FDBDE 1 Byte [8B]
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 00EB0F09
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 00EB0FE5
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 00EB0000
.text C:\Windows\system32\svchost.exe[1660] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 00EB00B1
.text C:\Windows\system32\svchost.exe[1660] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 00110022
.text C:\Windows\system32\svchost.exe[1660] msvcrt.dll!system 7557804B 5 Bytes JMP 00110FA1
.text C:\Windows\system32\svchost.exe[1660] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 00110FD7
.text C:\Windows\system32\svchost.exe[1660] msvcrt.dll!_open 7557D106 5 Bytes JMP 00110000
.text C:\Windows\system32\svchost.exe[1660] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 00110FBC
.text C:\Windows\system32\svchost.exe[1660] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 00110011
.text C:\Windows\system32\svchost.exe[1660] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 00F00FCD
.text C:\Windows\system32\svchost.exe[1660] ADVAPI32.dll!RegCreateKeyA 75C33BA9 5 Bytes JMP 00F00FDE
.text C:\Windows\system32\svchost.exe[1660] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 00F00FEF
.text C:\Windows\system32\svchost.exe[1660] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 00F0006F
.text C:\Windows\system32\svchost.exe[1660] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 00F00094
.text C:\Windows\system32\svchost.exe[1660] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 00F00025
.text C:\Windows\system32\svchost.exe[1660] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 00F0000A
.text C:\Windows\system32\svchost.exe[1660] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 00F00040
.text C:\Windows\system32\svchost.exe[1660] WS2_32.dll!socket 76FF36D1 5 Bytes JMP 00F10FEF
.text C:\Windows\system32\svchost.exe[1868] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 01600F5B
.text C:\Windows\system32\svchost.exe[1868] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 016000A1
.text C:\Windows\system32\svchost.exe[1868] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 016000CD
.text C:\Windows\system32\svchost.exe[1868] kernel32.dll!CreateProcessA 755D1C28 1 Byte [E9]
.text C:\Windows\system32\svchost.exe[1868] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 01600F2C
.text C:\Windows\system32\svchost.exe[1868] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 01600F87
.text C:\Windows\system32\svchost.exe[1868] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 01600022
.text C:\Windows\system32\svchost.exe[1868] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 01600033
.text C:\Windows\system32\svchost.exe[1868] kernel32.dll!CreatePipe 755F8E6E 5 Bytes JMP 01600090
.text C:\Windows\system32\svchost.exe[1868] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 01600055
.text C:\Windows\system32\svchost.exe[1868] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 01600FB3
.text C:\Windows\system32\svchost.exe[1868] kernel32.dll!LoadLibraryExA 755F94B4 5 Bytes JMP 01600FA2
.text C:\Windows\system32\svchost.exe[1868] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 01600044
.text C:\Windows\system32\svchost.exe[1868] kernel32.dll!VirtualProtectEx 755FDBDA 5 Bytes JMP 01600F76
.text C:\Windows\system32\svchost.exe[1868] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 016000DE
.text C:\Windows\system32\svchost.exe[1868] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 01600011
.text C:\Windows\system32\svchost.exe[1868] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 01600000
.text C:\Windows\system32\svchost.exe[1868] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 016000B2
.text C:\Windows\system32\svchost.exe[1868] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 00FB005D
.text C:\Windows\system32\svchost.exe[1868] msvcrt.dll!system 7557804B 5 Bytes JMP 00FB0038
.text C:\Windows\system32\svchost.exe[1868] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 00FB0FC8
.text C:\Windows\system32\svchost.exe[1868] msvcrt.dll!_open 7557D106 5 Bytes JMP 00FB000C
.text C:\Windows\system32\svchost.exe[1868] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 00FB0027
.text C:\Windows\system32\svchost.exe[1868] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 00FB0FEF
.text C:\Windows\system32\svchost.exe[1868] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 01650F9B
.text C:\Windows\system32\svchost.exe[1868] ADVAPI32.dll!RegCreateKeyA 75C33BA9 5 Bytes JMP 01650FB6
.text C:\Windows\system32\svchost.exe[1868] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 01650000
.text C:\Windows\system32\svchost.exe[1868] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 0165003D
.text C:\Windows\system32\svchost.exe[1868] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 01650058
.text C:\Windows\system32\svchost.exe[1868] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 01650011
.text C:\Windows\system32\svchost.exe[1868] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 01650FE5
.text C:\Windows\system32\svchost.exe[1868] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 01650022
.text C:\Windows\Explorer.EXE[2120] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 022000C9
.text C:\Windows\Explorer.EXE[2120] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 02200F83
.text C:\Windows\Explorer.EXE[2120] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 02200F61
.text C:\Windows\Explorer.EXE[2120] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 022000EE
.text C:\Windows\Explorer.EXE[2120] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 02200F9E
.text C:\Windows\Explorer.EXE[2120] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 0220002F
.text C:\Windows\Explorer.EXE[2120] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 02200040
.text C:\Windows\Explorer.EXE[2120] kernel32.dll!CreatePipe 755F8E6E 5 Bytes JMP 022000AE
.text C:\Windows\Explorer.EXE[2120] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 02200076
.text C:\Windows\Explorer.EXE[2120] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 02200051
.text C:\Windows\Explorer.EXE[2120] kernel32.dll!LoadLibraryExA 755F94B4 5 Bytes JMP 02200FB9
.text C:\Windows\Explorer.EXE[2120] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 02200FD4
.text C:\Windows\Explorer.EXE[2120] kernel32.dll!VirtualProtectEx 755FDBDA 5 Bytes JMP 02200093
.text C:\Windows\Explorer.EXE[2120] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 02200F3C
.text C:\Windows\Explorer.EXE[2120] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 02200014
.text C:\Windows\Explorer.EXE[2120] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 02200FEF
.text C:\Windows\Explorer.EXE[2120] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 02200F72
.text C:\Windows\Explorer.EXE[2120] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 033C0054
.text C:\Windows\Explorer.EXE[2120] ADVAPI32.dll!RegCreateKeyA 75C33BA9 5 Bytes JMP 033C0FB2
.text C:\Windows\Explorer.EXE[2120] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 033C0FEF
.text C:\Windows\Explorer.EXE[2120] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 033C0043
.text C:\Windows\Explorer.EXE[2120] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 033C0FA1
.text C:\Windows\Explorer.EXE[2120] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 033C0014
.text C:\Windows\Explorer.EXE[2120] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 033C0FDE
.text C:\Windows\Explorer.EXE[2120] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 033C0FC3
.text C:\Windows\Explorer.EXE[2120] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 000E0FC8
.text C:\Windows\Explorer.EXE[2120] msvcrt.dll!system 7557804B 5 Bytes JMP 000E0049
.text C:\Windows\Explorer.EXE[2120] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 000E001D
.text C:\Windows\Explorer.EXE[2120] msvcrt.dll!_open 7557D106 5 Bytes JMP 000E0000
.text C:\Windows\Explorer.EXE[2120] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 000E0038
.text C:\Windows\Explorer.EXE[2120] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 000E0FE3
.text C:\Windows\Explorer.EXE[2120] WS2_32.dll!socket 76FF36D1 5 Bytes JMP 033D0000
.text C:\Windows\Explorer.EXE[2120] WININET.dll!InternetOpenA 756DD690 5 Bytes JMP 03380000
.text C:\Windows\Explorer.EXE[2120] WININET.dll!InternetOpenW 756DDB09 5 Bytes JMP 03380011
.text C:\Windows\Explorer.EXE[2120] WININET.dll!InternetOpenUrlA 756DF3A4 5 Bytes JMP 03380022
.text C:\Windows\Explorer.EXE[2120] WININET.dll!InternetOpenUrlW 75726DDF 5 Bytes JMP 03380047
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 00010F79
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 00010F94
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 00010F68
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 000100F5
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 000100A4
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 00010036
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 00010047
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] kernel32.dll!CreatePipe 755F8E6E 5 Bytes JMP 00010FA5
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 00010FCA
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 0001006C
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] kernel32.dll!LoadLibraryExA 755F94B4 5 Bytes JMP 0001007D
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 00010FDB
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] kernel32.dll!VirtualProtectEx 755FDBDA 5 Bytes JMP 000100B5
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 00010F57
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 0001001B
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 0001000A
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 000100E4
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 00040FCA
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] ADVAPI32.dll!RegCreateKeyA 75C33BA9 5 Bytes JMP 00040047
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 0004000A
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 0004006C
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 00040FAF
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 00040036
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 0004001B
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 00040FDB
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!CreateDialogParamW 75B772A2 5 Bytes JMP 6F68DA10 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!GetAsyncKeyState 75B7863C 5 Bytes JMP 6F5A90DB C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!SetWindowsHookExW 75B787AD 5 Bytes JMP 6F6897FD C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!CallNextHookEx 75B78E3B 5 Bytes JMP 6F67CE81 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!UnhookWindowsHookEx 75B798DB 5 Bytes JMP 6F5F4620 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!EnableWindow 75B7CD8B 5 Bytes JMP 6F68D89D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!CreateWindowExW 75B81305 5 Bytes JMP 6F68D684 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!GetKeyState 75B88CB1 5 Bytes JMP 6F68CE4B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!IsDialogMessageW 75B90745 5 Bytes JMP 6F5B592F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!CreateDialogParamA 75B917AA 5 Bytes JMP 6F785084 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!IsDialogMessage 75B91847 5 Bytes JMP 6F784920 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!CreateDialogIndirectParamA 75B926F1 5 Bytes JMP 6F7850BB C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!CreateDialogIndirectParamW 75B99A62 5 Bytes JMP 6F7850F2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!SetKeyboardState 75BA0987 5 Bytes JMP 6F784C8F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!DialogBoxParamW 75BA10B0 5 Bytes JMP 6F5B541D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!DialogBoxIndirectParamW 75BA2EF5 5 Bytes JMP 6F7843FF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!SendInput 75BA2F75 5 Bytes JMP 6F78584B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!EndDialog 75BA326E 5 Bytes JMP 6F5B7DD6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!SetCursorPos 75BB6FB2 5 Bytes JMP 6F78589F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!DialogBoxParamA 75BB8152 5 Bytes JMP 6F78439C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!DialogBoxIndirectParamA 75BB847D 5 Bytes JMP 6F784462 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!MessageBoxIndirectA 75BCD4D9 5 Bytes JMP 6F784331 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!MessageBoxIndirectW 75BCD5D3 5 Bytes JMP 6F7842C6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!MessageBoxExA 75BCD639 5 Bytes JMP 6F784264 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!MessageBoxExW 75BCD65D 5 Bytes JMP 6F784202 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] USER32.dll!keybd_event 75BCD972 5 Bytes JMP 6F785BCF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 00050F9A
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] msvcrt.dll!system 7557804B 5 Bytes JMP 00050FAB
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 00050000
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] msvcrt.dll!_open 7557D106 5 Bytes JMP 00050FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 0005001B
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 00050FC6
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] SHELL32.dll!SHRestricted + D95 76058988 4 Bytes [4D, 30, 85, 6B]
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] SHELL32.dll!SHRestricted + D9D 76058990 8 Bytes [57, 2F, 85, 6B, 9C, 5B, 84, ...]
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] ole32.dll!OleLoadFromStream 75D01E12 5 Bytes JMP 6F784780 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] ole32.dll!CoCreateInstance 75D39EA6 5 Bytes JMP 6F68D6E0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] WININET.dll!InternetOpenA 756DD690 5 Bytes JMP 00260000
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] WININET.dll!InternetOpenW 756DDB09 5 Bytes JMP 00260FE5
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] WININET.dll!InternetOpenUrlA 756DF3A4 5 Bytes JMP 00260FD4
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] WININET.dll!InternetOpenUrlW 75726DDF 5 Bytes JMP 00260025
.text C:\Program Files\Internet Explorer\iexplore.exe[2704] ws2_32.dll!socket 76FF36D1 5 Bytes JMP 00AF0000
.text C:\Windows\system32\svchost.exe[2816] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 00830F2F
.text C:\Windows\system32\svchost.exe[2816] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 00830F54
.text C:\Windows\system32\svchost.exe[2816] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 00830F1E
.text C:\Windows\system32\svchost.exe[2816] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 008300AB
.text C:\Windows\system32\svchost.exe[2816] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 00830F8A
.text C:\Windows\system32\svchost.exe[2816] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 00830FD4
.text C:\Windows\system32\svchost.exe[2816] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 0083001B
.text C:\Windows\system32\svchost.exe[2816] kernel32.dll!CreatePipe 755F8E6E 5 Bytes JMP 0083007F
.text C:\Windows\system32\svchost.exe[2816] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 00830062
.text C:\Windows\system32\svchost.exe[2816] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 00830FAF
.text C:\Windows\system32\svchost.exe[2816] kernel32.dll!LoadLibraryExA 755F94B4 5 Bytes JMP 00830051
.text C:\Windows\system32\svchost.exe[2816] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 00830036
.text C:\Windows\system32\svchost.exe[2816] kernel32.dll!VirtualProtectEx 755FDBDA 5 Bytes JMP 00830F79
.text C:\Windows\system32\svchost.exe[2816] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 008300DA
.text C:\Windows\system32\svchost.exe[2816] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 00830FE5
.text C:\Windows\system32\svchost.exe[2816] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 00830000
.text C:\Windows\system32\svchost.exe[2816] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 0083009A
.text C:\Windows\system32\svchost.exe[2816] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 00250053
.text C:\Windows\system32\svchost.exe[2816] msvcrt.dll!system 7557804B 5 Bytes JMP 00250FC8
.text C:\Windows\system32\svchost.exe[2816] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 0025001D
.text C:\Windows\system32\svchost.exe[2816] msvcrt.dll!_open 7557D106 5 Bytes JMP 00250FEF
.text C:\Windows\system32\svchost.exe[2816] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 0025002E
.text C:\Windows\system32\svchost.exe[2816] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 0025000C
.text C:\Windows\system32\svchost.exe[2816] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 00840FA8
.text C:\Windows\system32\svchost.exe[2816] ADVAPI32.dll!RegCreateKeyA 75C33BA9 5 Bytes JMP 00840FC3
.text C:\Windows\system32\svchost.exe[2816] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 0084000A
.text C:\Windows\system32\svchost.exe[2816] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 0084004A
.text C:\Windows\system32\svchost.exe[2816] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 00840F83
.text C:\Windows\system32\svchost.exe[2816] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 00840025
.text C:\Windows\system32\svchost.exe[2816] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 00840FEF
.text C:\Windows\system32\svchost.exe[2816] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 00840FD4
.text C:\Windows\system32\svchost.exe[2816] WS2_32.dll!socket 76FF36D1 5 Bytes JMP 0089000A
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 000100A5
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 0001008A
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 00010F3A
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 000100D1
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 0001004A
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 0001001B
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 00010FCA
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] kernel32.dll!CreatePipe 755F8E6E 5 Bytes JMP 00010F55
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 00010F70
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 00010F9E
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] kernel32.dll!LoadLibraryExA 755F94B4 5 Bytes JMP 00010F8D
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 00010FB9
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] kernel32.dll!VirtualProtectEx 755FDBDA 5 Bytes JMP 0001005B
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 000100EC
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 00010000
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 00010FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 000100B6
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 00040F75
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] ADVAPI32.dll!RegCreateKeyA 75C33BA9 5 Bytes JMP 00040FA1
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 00040FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 00040F90
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 00040032
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 00040FCD
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 00040FDE
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 00040FB2
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!CreateDialogParamW 75B772A2 5 Bytes JMP 6F68DA10 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!GetAsyncKeyState 75B7863C 5 Bytes JMP 6F5A90DB C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!SetWindowsHookExW 75B787AD 5 Bytes JMP 6F6897FD C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!CallNextHookEx 75B78E3B 5 Bytes JMP 6F67CE81 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!UnhookWindowsHookEx 75B798DB 5 Bytes JMP 6F5F4620 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!EnableWindow 75B7CD8B 5 Bytes JMP 6F68D89D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!CreateWindowExW 75B81305 5 Bytes JMP 6F68D684 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!GetKeyState 75B88CB1 5 Bytes JMP 6F68CE4B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!IsDialogMessageW 75B90745 5 Bytes JMP 6F5B592F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!CreateDialogParamA 75B917AA 5 Bytes JMP 6F785084 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!IsDialogMessage 75B91847 5 Bytes JMP 6F784920 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!CreateDialogIndirectParamA 75B926F1 5 Bytes JMP 6F7850BB C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!CreateDialogIndirectParamW 75B99A62 5 Bytes JMP 6F7850F2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!SetKeyboardState 75BA0987 5 Bytes JMP 6F784C8F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!DialogBoxParamW 75BA10B0 5 Bytes JMP 6F5B541D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!DialogBoxIndirectParamW 75BA2EF5 5 Bytes JMP 6F7843FF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!SendInput 75BA2F75 5 Bytes JMP 6F78584B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!EndDialog 75BA326E 5 Bytes JMP 6F5B7DD6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!SetCursorPos 75BB6FB2 5 Bytes JMP 6F78589F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!DialogBoxParamA 75BB8152 5 Bytes JMP 6F78439C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!DialogBoxIndirectParamA 75BB847D 5 Bytes JMP 6F784462 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!MessageBoxIndirectA 75BCD4D9 5 Bytes JMP 6F784331 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!MessageBoxIndirectW 75BCD5D3 5 Bytes JMP 6F7842C6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!MessageBoxExA 75BCD639 5 Bytes JMP 6F784264 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!MessageBoxExW 75BCD65D 5 Bytes JMP 6F784202 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] USER32.dll!keybd_event 75BCD972 5 Bytes JMP 6F785BCF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 00050FC0
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] msvcrt.dll!system 7557804B 5 Bytes JMP 00050FD1
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 0005003A
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] msvcrt.dll!_open 7557D106 5 Bytes JMP 0005000C
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 0005004B
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 0005001D
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] SHELL32.dll!SHRestricted + D95 76058988 4 Bytes [4D, 30, 85, 6B]
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] SHELL32.dll!SHRestricted + D9D 76058990 8 Bytes [57, 2F, 85, 6B, 9C, 5B, 84, ...]
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] ole32.dll!OleLoadFromStream 75D01E12 5 Bytes JMP 6F784780 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] ole32.dll!CoCreateInstance 75D39EA6 5 Bytes JMP 6F68D6E0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] WININET.dll!InternetOpenA 756DD690 5 Bytes JMP 00390000
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] WININET.dll!InternetOpenW 756DDB09 5 Bytes JMP 00390011
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] WININET.dll!InternetOpenUrlA 756DF3A4 5 Bytes JMP 0039002C
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] WININET.dll!InternetOpenUrlW 75726DDF 5 Bytes JMP 00390FDB
.text C:\Program Files\Internet Explorer\iexplore.exe[3000] ws2_32.dll!socket 76FF36D1 5 Bytes JMP 00B00000
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 000100A1
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 00010090
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 000100E8
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 000100D7
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 00010F8A
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 00010FCA
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 0001001B
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] kernel32.dll!CreatePipe 755F8E6E 5 Bytes JMP 00010F6F
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 00010FA5
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 00010047
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] kernel32.dll!LoadLibraryExA 755F94B4 5 Bytes JMP 00010062
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 00010036
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] kernel32.dll!VirtualProtectEx 755FDBDA 5 Bytes JMP 0001007F
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 000100F9
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 00010FE5
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 00010000
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 000100B2
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 0004005B
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] ADVAPI32.dll!.

**mobileman1953** · 20-01-2010

second part
RegCreateKeyA 75C33BA9 5 Bytes JMP 00040025
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 00040FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 00040040
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 00040F9E
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 00040014
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 00040FDE
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 00040FC3
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!CreateWindowExW 75B81305 5 Bytes JMP 6F68D684 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!DialogBoxParamW 75BA10B0 5 Bytes JMP 6F5B541D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!DialogBoxIndirectParamW 75BA2EF5 5 Bytes JMP 6F7843FF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!DialogBoxParamA 75BB8152 5 Bytes JMP 6F78439C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!DialogBoxIndirectParamA 75BB847D 5 Bytes JMP 6F784462 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!MessageBoxIndirectA 75BCD4D9 5 Bytes JMP 6F784331 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!MessageBoxIndirectW 75BCD5D3 5 Bytes JMP 6F7842C6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!MessageBoxExA 75BCD639 5 Bytes JMP 6F784264 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!MessageBoxExW 75BCD65D 5 Bytes JMP 6F784202 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 00050042
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] msvcrt.dll!system 7557804B 5 Bytes JMP 00050FB7
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 00050FC8
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] msvcrt.dll!_open 7557D106 5 Bytes JMP 00050FE3
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 00050027
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 0005000C
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] WININET.dll!InternetOpenA 756DD690 5 Bytes JMP 001F0000
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] WININET.dll!InternetOpenW 756DDB09 5 Bytes JMP 001F0FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] WININET.dll!InternetOpenUrlA 756DF3A4 5 Bytes JMP 001F001B
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] WININET.dll!InternetOpenUrlW 75726DDF 5 Bytes JMP 001F0036
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] WS2_32.dll!socket 76FF36D1 3 Bytes JMP 008B0FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[3168] WS2_32.dll!socket + 4 76FF36D5 1 Byte [89]
.text C:\Windows\system32\svchost.exe[3444] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 00DE00D5
.text C:\Windows\system32\svchost.exe[3444] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 00DE0F99
.text C:\Windows\system32\svchost.exe[3444] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 00DE011C
.text C:\Windows\system32\svchost.exe[3444] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 00DE010B
.text C:\Windows\system32\svchost.exe[3444] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 00DE008E
.text C:\Windows\system32\svchost.exe[3444] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 00DE0036
.text C:\Windows\system32\svchost.exe[3444] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 00DE0FDB
.text C:\Windows\system32\svchost.exe[3444] kernel32.dll!CreatePipe 755F8E6E 5 Bytes JMP 00DE00BA
.text C:\Windows\system32\svchost.exe[3444] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 00DE007D
.text C:\Windows\system32\svchost.exe[3444] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 00DE0FCA
.text C:\Windows\system32\svchost.exe[3444] kernel32.dll!LoadLibraryExA 755F94B4 5 Bytes JMP 00DE006C
.text C:\Windows\system32\svchost.exe[3444] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 00DE0051
.text C:\Windows\system32\svchost.exe[3444] kernel32.dll!VirtualProtectEx 755FDBDA 5 Bytes JMP 00DE00A9
.text C:\Windows\system32\svchost.exe[3444] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 00DE012D
.text C:\Windows\system32\svchost.exe[3444] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 00DE001B
.text C:\Windows\system32\svchost.exe[3444] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 00DE000A
.text C:\Windows\system32\svchost.exe[3444] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 00DE00F0
.text C:\Windows\system32\svchost.exe[3444] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 00DD0049
.text C:\Windows\system32\svchost.exe[3444] msvcrt.dll!system 7557804B 5 Bytes JMP 00DD0FB4
.text C:\Windows\system32\svchost.exe[3444] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 00DD002E
.text C:\Windows\system32\svchost.exe[3444] msvcrt.dll!_open 7557D106 5 Bytes JMP 00DD0000
.text C:\Windows\system32\svchost.exe[3444] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 00DD0FD9
.text C:\Windows\system32\svchost.exe[3444] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 00DD0011
.text C:\Windows\system32\svchost.exe[3444] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 00DF0FC0
.text C:\Windows\system32\svchost.exe[3444] ADVAPI32.dll!RegCreateKeyA 75C33BA9 5 Bytes JMP 00DF0047
.text C:\Windows\system32\svchost.exe[3444] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 00DF000A
.text C:\Windows\system32\svchost.exe[3444] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 00DF0062
.text C:\Windows\system32\svchost.exe[3444] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 00DF0087
.text C:\Windows\system32\svchost.exe[3444] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 00DF0FE5
.text C:\Windows\system32\svchost.exe[3444] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 00DF001B
.text C:\Windows\system32\svchost.exe[3444] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 00DF002C
.text C:\Windows\system32\svchost.exe[3444] WS2_32.dll!socket 76FF36D1 5 Bytes JMP 00E00000
.text C:\Windows\System32\svchost.exe[3480] kernel32.dll!GetStartupInfoW 755D1929 5 Bytes JMP 000600AC
.text C:\Windows\System32\svchost.exe[3480] kernel32.dll!GetStartupInfoA 755D19C9 5 Bytes JMP 00060F5C
.text C:\Windows\System32\svchost.exe[3480] kernel32.dll!CreateProcessW 755D1BF3 5 Bytes JMP 000600F3
.text C:\Windows\System32\svchost.exe[3480] kernel32.dll!CreateProcessA 755D1C28 5 Bytes JMP 000600E2
.text C:\Windows\System32\svchost.exe[3480] kernel32.dll!VirtualProtect 755D1DC3 5 Bytes JMP 00060F88
.text C:\Windows\System32\svchost.exe[3480] kernel32.dll!CreateNamedPipeA 755D2EF5 5 Bytes JMP 00060FB9
.text C:\Windows\System32\svchost.exe[3480] kernel32.dll!CreateNamedPipeW 755D5C0C 5 Bytes JMP 0006000A
.text C:\Windows\System32\svchost.exe[3480] kernel32.dll!CreatePipe 755F8E6E 5 Bytes JMP 00060087
.text C:\Windows\System32\svchost.exe[3480] kernel32.dll!LoadLibraryExW 755F9109 5 Bytes JMP 00060062
.text C:\Windows\System32\svchost.exe[3480] kernel32.dll!LoadLibraryW 755F9362 5 Bytes JMP 00060036
.text C:\Windows\System32\svchost.exe[3480] kernel32.dll!LoadLibraryExA 755F94B4 5 Bytes JMP 00060051
.text C:\Windows\System32\svchost.exe[3480] kernel32.dll!LoadLibraryA 755F94DC 5 Bytes JMP 00060025
.text C:\Windows\System32\svchost.exe[3480] kernel32.dll!VirtualProtectEx 755FDBDA 5 Bytes JMP 00060F77
.text C:\Windows\System32\svchost.exe[3480] kernel32.dll!GetProcAddress 7561903B 5 Bytes JMP 00060104
.text C:\Windows\System32\svchost.exe[3480] kernel32.dll!CreateFileW 7561AECB 5 Bytes JMP 00060FD4
.text C:\Windows\System32\svchost.exe[3480] kernel32.dll!CreateFileA 7561CE5F 5 Bytes JMP 00060FEF
.text C:\Windows\System32\svchost.exe[3480] kernel32.dll!WinExec 75665CF7 5 Bytes JMP 000600BD
.text C:\Windows\System32\svchost.exe[3480] msvcrt.dll!_wsystem 75577F2F 5 Bytes JMP 0005004E
.text C:\Windows\System32\svchost.exe[3480] msvcrt.dll!system 7557804B 5 Bytes JMP 0005003D
.text C:\Windows\System32\svchost.exe[3480] msvcrt.dll!_creat 7557BBE1 5 Bytes JMP 00050FD7
.text C:\Windows\System32\svchost.exe[3480] msvcrt.dll!_open 7557D106 5 Bytes JMP 00050000
.text C:\Windows\System32\svchost.exe[3480] msvcrt.dll!_wcreat 7557D326 5 Bytes JMP 0005002C
.text C:\Windows\System32\svchost.exe[3480] msvcrt.dll!_wopen 7557D501 5 Bytes JMP 00050011
.text C:\Windows\System32\svchost.exe[3480] ADVAPI32.dll!RegCreateKeyExA 75C339AB 5 Bytes JMP 00070036
.text C:\Windows\System32\svchost.exe[3480] ADVAPI32.dll!RegCreateKeyA 75C33BA9 5 Bytes JMP 0007001B
.text C:\Windows\System32\svchost.exe[3480] ADVAPI32.dll!RegOpenKeyA 75C389C7 5 Bytes JMP 00070000
.text C:\Windows\System32\svchost.exe[3480] ADVAPI32.dll!RegCreateKeyW 75C4391E 5 Bytes JMP 00070F94
.text C:\Windows\System32\svchost.exe[3480] ADVAPI32.dll!RegCreateKeyExW 75C441F1 5 Bytes JMP 0007005B
.text C:\Windows\System32\svchost.exe[3480] ADVAPI32.dll!RegOpenKeyExA 75C47C42 5 Bytes JMP 00070FCA
.text C:\Windows\System32\svchost.exe[3480] ADVAPI32.dll!RegOpenKeyW 75C4E2B5 5 Bytes JMP 00070FDB
.text C:\Windows\System32\svchost.exe[3480] ADVAPI32.dll!RegOpenKeyExW 75C57BA1 5 Bytes JMP 00070FB9

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\a-squared Free\a2service.exe[380] @ C:\Windows\system32\shell32.dll [KERNEL32.dll!QueueUserWorkItem] [00454AB4] C:\Program Files\a-squared Free\a2service.exe (a-squared Service/Emsi Software GmbH)
IAT C:\Program Files\a-squared Free\a2service.exe[380] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!QueueUserWorkItem] [00454AB4] C:\Program Files\a-squared Free\a2service.exe (a-squared Service/Emsi Software GmbH)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [6B841AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6B84007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [6B83E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [6B840994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [6B83EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [6B83A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6B841D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [6B843ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [6B842999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [6B843035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6B83FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6B83E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6B83DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6B83FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6B83D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [6B84FBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegEnumValueW] [6B85051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [6B84EB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] [6B84F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] [6B84EF31] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [6B84E5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCloseKey] [6B84ED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6B84007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6B83FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6B83E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6B83FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6B83E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [6B841AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6B83EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindClose] [6B843ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileA] [6B842CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileA] [6B842926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileW] [6B843035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileW] [6B842999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesA] [6B83BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryA] [6B84173F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesA] [6B83BFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryA] [6B840F0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryA] [6B8414E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileA] [6B83ED1B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesW] [6B83BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryW] [6B841D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesW] [6B83C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryW] [6B84103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileW] [6B83EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileW] [6B840994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryW] [6B841614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileA] [6B840921] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [6B83FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [6B83A073] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [6B83A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileA] [6B83E717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileW] [6B83E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] [6B83FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6B83FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [6B840C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [6B83DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [6B83D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [6B83D361] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6B83EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6B84007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6B83C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6B83E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [6B843035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [6B842999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [6B841AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [6B83BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6B83BFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6B83E717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [6B842CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [6B842926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [6B843ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [6B8423A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [6B83BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6B83FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpW] [6B83FAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpA] [6B83F973] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCloseKey] [6B84ED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [6B84E43D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyA] [6B84EDE8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyA] [6B84F9B7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [6B84E9C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [6B84E5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [6B84EB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExW] [6B85020D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] [6B84F4DB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] [6B84EF31] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyW] [6B84FBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] [6B84F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueW] [6B85051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyW] [6B84FF19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExA] [6B850085] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueA] [6B850395] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyA] [6B84FDAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] [6B84F677] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [6B83CFA8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW] [6B842999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [6B840C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6B83D22A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [6B83D9DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6B83DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [6B83EB68] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6B841D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6B83E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [6B83CAA7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6B84007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [6B83A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6B840994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW] [6B843035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindClose] [6B843ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [6B83C709] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesA] [6B83BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SearchPathW] [6B841AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [6B83CD20] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6B83D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!RemoveDirectoryW] [6B841614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateDirectoryW] [6B84103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [6B83EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [6B83C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesW] [6B83BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6B8409B9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameW] [6B83C848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6B83FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [6B83E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesExW] [6B83C368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6B83FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetLongPathNameW] [6B83C5D8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [6B83F0D0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [6B83FAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [6B83F5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [6B8465DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [6B84620B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [6B847595] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [6B8460AE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [6B84615B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [6B8475E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [6B846533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [6B84799A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [6B84684F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [6B846E45] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [6B846AFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [6B846B47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [6B847281] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [6B846716] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [6B8471ED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [6B847021] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [6B847FBE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [6B847159] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [6B8468E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsSystemFolderW] [6B846BE2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [6B846803] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [6B846F81] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [6B8463A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [6B8480BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [6B848513] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [6B848176] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [6B847BA4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [6B848235] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [6B84697F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [6B846DAD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [6B846D15] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [6B84731F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [6B846EDD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [6B846C7D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [6B846AAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [6B8478EA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [6B8463F4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [6B8476D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [6B848732] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [6B84777E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [6B847831] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [6B84667B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [6B847636] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [6B83BB38] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindClose] [6B843ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindFirstFileW] [6B843035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6B84007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SearchPathW] [6B841AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [6B83A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [6B83EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetShortPathNameW] [6B83C848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [6B83C368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [6B83E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6B83FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [6B83BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6B83FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [6B848235] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [6B8481D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [6B8472CD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [6B8475E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [6B8476D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [6B8465DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [6B84788F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [6B8486D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [6B8478EA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [6B848732] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\.

**mobileman1953** · 20-01-2010

third part
system32\WININET.dll [SHLWAPI.dll!PathCombineW] [6B846533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2704] @ C:\Windows\system32\IPHLPAPI.DLL [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [6B841AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6B84007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [6B83E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [6B840994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [6B83EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [6B83A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6B841D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [6B843ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [6B842999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [6B843035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6B83FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6B83E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6B83DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6B83FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6B83D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [6B84FBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegEnumValueW] [6B85051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [6B84EB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] [6B84F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] [6B84EF31] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [6B84E5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCloseKey] [6B84ED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6B84007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6B83FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6B83E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6B83FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6B83E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [6B841AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6B83EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindClose] [6B843ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileA] [6B842CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileA] [6B842926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileW] [6B843035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileW] [6B842999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesA] [6B83BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryA] [6B84173F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesA] [6B83BFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryA] [6B840F0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryA] [6B8414E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileA] [6B83ED1B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesW] [6B83BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryW] [6B841D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesW] [6B83C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryW] [6B84103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileW] [6B83EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileW] [6B840994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryW] [6B841614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileA] [6B840921] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [6B83FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [6B83A073] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [6B83A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileA] [6B83E717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileW] [6B83E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] [6B83FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6B83FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [6B840C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [6B83DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [6B83D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [6B83D361] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6B83EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6B84007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6B83C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6B83E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [6B843035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [6B842999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [6B841AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [6B83BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6B83BFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6B83E717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [6B842CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [6B842926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [6B843ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [6B8423A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [6B83BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6B83FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpW] [6B83FAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpA] [6B83F973] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCloseKey] [6B84ED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [6B84E43D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyA] [6B84EDE8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyA] [6B84F9B7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [6B84E9C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [6B84E5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [6B84EB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExW] [6B85020D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] [6B84F4DB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] [6B84EF31] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyW] [6B84FBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] [6B84F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueW] [6B85051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyW] [6B84FF19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExA] [6B850085] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueA] [6B850395] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyA] [6B84FDAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] [6B84F677] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [6B83CFA8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW] [6B842999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [6B840C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6B83D22A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [6B83D9DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6B83DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [6B83EB68] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6B841D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\.

**mobileman1953** · 20-01-2010

system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6B83E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [6B83CAA7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6B84007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [6B83A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6B840994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW] [6B843035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindClose] [6B843ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [6B83C709] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesA] [6B83BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SearchPathW] [6B841AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [6B83CD20] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6B83D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!RemoveDirectoryW] [6B841614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateDirectoryW] [6B84103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [6B83EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [6B83C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesW] [6B83BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6B8409B9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameW] [6B83C848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6B83FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [6B83E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesExW] [6B83C368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6B83FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetLongPathNameW] [6B83C5D8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [6B83F0D0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [6B83FAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [6B83F5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [6B8465DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [6B84620B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [6B847595] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [6B8460AE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [6B84615B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [6B8475E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [6B846533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [6B84799A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [6B84684F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [6B846E45] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [6B846AFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [6B846B47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [6B847281] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [6B846716] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [6B8471ED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [6B847021] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [6B847FBE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [6B847159] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [6B8468E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsSystemFolderW] [6B846BE2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [6B846803] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [6B846F81] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [6B8463A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [6B8480BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [6B848513] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [6B848176] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [6B847BA4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [6B848235] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [6B84697F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [6B846DAD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [6B846D15] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [6B84731F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [6B846EDD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [6B846C7D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [6B846AAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [6B8478EA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [6B8463F4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [6B8476D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [6B848732] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [6B84777E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [6B847831] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [6B84667B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [6B847636] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [6B83BB38] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindClose] [6B843ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindFirstFileW] [6B843035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6B84007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SearchPathW] [6B841AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [6B83A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [6B83EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetShortPathNameW] [6B83C848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [6B83C368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [6B83E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6B83FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [6B83BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6B83FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [6B848235] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [6B8481D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [6B8472CD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [6B8475E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [6B8476D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [6B8465DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [6B84788F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [6B8486D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [6B8478EA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [6B848732] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCombineW] [6B846533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\IPHLPAPI.DLL [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3000] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [6B8382F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Tcp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Udp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\RawIp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)

---- EOF - GMER 1.0.15 ----
.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:48:40, on 20/01/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\WScript.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = The Sun | The Best for News, Sport, Showbiz, Celebrities & TV | The Sun| The Sun
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell Start Page
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, News, Sport, Music, Movies, Money, Cars, Shopping, Windows Live from MSN UK
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\siteadvisor\mcsacore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8337 bytes

thanks

**broni** · 20-01-2010

1. Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

2. Go to Kaspersky website and perform an online antivirus scan.

1. Disable your active antivirus program.
2. Read through the requirements and privacy statement and click on Accept button.
3. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
4. When the downloads have finished, click on Settings.
5. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:

Spyware, Adware, Dialers, and other potentially dangerous programs

Archives

Mail databases

6. Click on My Computer under Scan.
7. Once the scan is complete, it will display the results. Click on View Scan Report.
8. You will see a list of infected items there. Click on Save Report As....
9. Save this report to a convenient place. Change the Files of type to Text file (.txt before clicking on the Save button. Then post it here.

trojan problem

trojan problem

Similar Threads

[RESOLVED] Trojan problem

[RESOLVED] Trojan problem

[RESOLVED] Trojan Problem.

Trojan Problem.

Trojan problem!