GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-06-06 06:42:24 Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 WDC_WD3200AAJS-60Z0A0 rev.03.03E03 Running: gmer.exe; Driver: C:\Users\Joanna\AppData\Local\Temp\pxldypow.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateKey [0x82A12FEC] SSDT \SystemRoot\system32\ntkrnlpa.exe[unknown section] [82A12FEC] ZwCreateKey [0x82A12FEC] SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenKey [0x82A12FF1] SSDT \SystemRoot\system32\ntkrnlpa.exe[unknown section] [82A12FF1] ZwOpenKey [0x82A12FF1] INT 0x03 \SystemRoot\system32\ntkrnlpa.exe[unknown section] 82A12FF6 ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 82A503C9 1 Byte [06] .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82A89D52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} .text ntkrnlpa.exe!KeRemoveQueueEx + 11BF 82A90E74 3 Bytes [EC, 2F, A1] .text ntkrnlpa.exe!KeRemoveQueueEx + 137F 82A91034 3 Bytes [F1, 2F, A1] .text C:\Windows\system32\DRIVERS\aksfridge.sys section is writeable [0x92396000, 0x48E1C, 0xE0000020] .init C:\Windows\system32\DRIVERS\aksfridge.sys entry point in ".init" section [0x923EC224] .init C:\Windows\system32\DRIVERS\aksfridge.sys unknown last code section [0x923EC000, 0x4000, 0xE20000E0] .text C:\Windows\system32\drivers\hardlock.sys section is writeable [0x9B80D400, 0x6EB98, 0xE8000020] .protect˙˙˙˙hardlockentry point in ".protect˙˙˙˙hardlockentry point in ".protect˙˙˙˙hardlockentry point in ".p" section [0x9B897C20] C:\Windows\system32\drivers\hardlock.sys entry point in ".protect˙˙˙˙hardlockentry point in ".protect˙˙˙˙hardlockentry point in ".p" section [0x9B897C20] .protect˙˙˙˙hardlockunknown last code section [0x9B897A00, 0x50CA, 0xE0000020] C:\Windows\system32\drivers\hardlock.sys unknown last code section [0x9B897A00, 0x50CA, 0xE0000020] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Internet Explorer\iexplore.exe[3808] USER32.dll!EnableWindow 773A8D02 5 Bytes JMP 6E899A14 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3808] USER32.dll!DialogBoxParamW 773C3B9B 5 Bytes JMP 6E7F170B C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3808] USER32.dll!DialogBoxIndirectParamW 773D3B7F 5 Bytes JMP 6E9E640E C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3808] USER32.dll!DialogBoxParamA 773ECF42 5 Bytes JMP 6E9E63A9 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3808] USER32.dll!DialogBoxIndirectParamA 773ED274 5 Bytes JMP 6E9E6473 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3808] USER32.dll!MessageBoxIndirectA 773FE869 5 Bytes JMP 6E9E6330 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3808] USER32.dll!MessageBoxIndirectW 773FE963 5 Bytes JMP 6E9E62B7 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3808] USER32.dll!MessageBoxExA 773FE9C9 5 Bytes JMP 6E9E6253 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3808] USER32.dll!MessageBoxExW 773FE9ED 5 Bytes JMP 6E9E61EF C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] kernel32.dll!CreateThread 762CDCC2 5 Bytes JMP 6E8572FB C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!EnableWindow 773A8D02 5 Bytes JMP 6E899A14 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!GetAsyncKeyState 773AA256 5 Bytes JMP 6E83DD9D C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!CallNextHookEx 773AABE1 5 Bytes JMP 6E8B7BB7 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!UnhookWindowsHookEx 773AADF9 5 Bytes JMP 6E8DEB10 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!DefWindowProcA 773ABB1C 7 Bytes JMP 6E859525 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!CreateWindowExA 773ABF40 5 Bytes JMP 6E86335B C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!SetWindowsHookExW 773AE30C 5 Bytes JMP 6E892194 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!CreateWindowExW 773AEC7C 5 Bytes JMP 6E8BFF8F C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!GetKeyState 773B2B4D 5 Bytes JMP 6E83DC73 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!IsDialogMessageW 773B4104 5 Bytes JMP 6E9E6EDD C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!DefWindowProcW 773B507D 7 Bytes JMP 6E8B7C1A C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!CreateDialogParamA 773C1F42 5 Bytes JMP 6E9E6740 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!IsDialogMessage 773C2019 5 Bytes JMP 6E9E6EB5 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!DialogBoxParamW 773C3B9B 5 Bytes JMP 6E7F170B C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!CreateDialogIndirectParamA 773C721D 5 Bytes JMP 6E9E67B0 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!CreateDialogIndirectParamW 773CEA10 5 Bytes JMP 6E9E67E8 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!DialogBoxIndirectParamW 773D3B7F 5 Bytes JMP 6E9E640E C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!EndDialog 773D3BA3 5 Bytes JMP 6E9E7189 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!CreateDialogParamW 773D5630 5 Bytes JMP 6E9E6778 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!SetKeyboardState 773D695A 5 Bytes JMP 6E9E77A5 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!SendInput 773D7019 5 Bytes JMP 6E9E774D C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!SetCursorPos 773EC1B0 5 Bytes JMP 6E9E7826 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!DialogBoxParamA 773ECF42 5 Bytes JMP 6E9E63A9 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!DialogBoxIndirectParamA 773ED274 5 Bytes JMP 6E9E6473 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!MessageBoxIndirectA 773FE869 5 Bytes JMP 6E9E6330 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!MessageBoxIndirectW 773FE963 5 Bytes JMP 6E9E62B7 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!MessageBoxExA 773FE9C9 5 Bytes JMP 6E9E6253 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!MessageBoxExW 773FE9ED 5 Bytes JMP 6E9E61EF C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] USER32.dll!keybd_event 773FEC3B 5 Bytes JMP 6E9E770A C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3860] SHELL32.dll!RealDriveType + 173D 7668FDD0 4 Bytes [CF, 01, 52, 72] {IRET ; ADD [EDX+0x72], EDX} .text C:\Program Files\Internet Explorer\iexplore.exe[3860] SHELL32.dll!RealDriveType + 1745 7668FDD8 8 Bytes [E0, 61, 51, 72, 79, F7, 51, ...] {LOOPNZ 0x63; PUSH ECX; JB 0x7e; NOT DWORD [ECX+0x72]} .text C:\Program Files\Internet Explorer\iexplore.exe[3860] ole32.dll!OleLoadFromStream 77246143 5 Bytes JMP 6E9E6BE7 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [725147BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [7252029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [72515EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [72527F4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [7252F500] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [7252F94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [725307CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [7252FCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [72515E4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [7252ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [725147BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [72514E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [725163E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [7252B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [72516D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [7252BC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [7252C811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [7252029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [72514E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [72515EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [725147BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [725163E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [72514E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [7252C811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [7252E457] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [7252AA37] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [7252ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [7252B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [72516D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [72515EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [7252FCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [725307CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [7252939B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [725163E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [7252029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [72515F62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [72529229] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [7251F1F1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [725147BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [72515E4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [72520ADF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [7252F2BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [7252F94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [7253072B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [7252F9A0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [72531542] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [72531C5E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [7251FA79] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [72531191] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [7251F725] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [7251FB25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [72531095] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [72531F32] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [725312D2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [72530DFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [72520178] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [72531B2E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [7253194A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsContentTypeW] [72531233] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegQueryUSValueW] [7251F86E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegEnumUSKeyW] [7251F472] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyA] [725327C3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [7253136E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [72531284] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [72530F4E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [72532769] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCanonicalizeW] [7251F9DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [72532937] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [72517430] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [7251F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [7251E265] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [72515D08] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [7253140A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [72531590] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [72531F83] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [72520123] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [7253218A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [72531BC6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyW] [7251FACB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [725319EE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [7251FC0B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [725320D3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [72532B62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [72532028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [72530F9F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [72514927] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [72530D47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [7251FA2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [725318A2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [72531CAC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [7253171C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [725317B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [72514984] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [72528C1A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [7252CB0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [7252D6BF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [7252D11F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [72516D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [7252C49D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [7252B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [7252B245] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [7252A89F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [7252E0C1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [72514E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [7252ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [7252A249] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [72529AF3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [7252E457] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [7252E089] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [72529F4B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [7252BC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [7252A56D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [72514E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [72516D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [7251F6D1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [72531F32] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [72532028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [72532B05] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [72532B62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [72520178] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetUSValueA] [725164C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [72514CAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [72514927] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [72514984] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [72516528] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [725147BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [725147BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3860] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [725147BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- Device \Driver\ACPI_HAL \Device\00000045 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) Device \Driver\partmgr \Device\PartmgrControl aksfridge.sys (Ancillary Function Driver/SafeNet Inc.) AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Menedżer filtrów systemu plików firmy Microsoft/Microsoft Corporation) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\TrustedInstaller@Start 3 ---- Files - GMER 1.0.15 ---- File C:\Windows\Temp\TMP0000B6418ECE2FE656B9DF8A 0 bytes ---- EOF - GMER 1.0.15 ----