GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-11-29 12:20:54 Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST3250820AS rev.3.AAE Running: oh4g5bwl.exe; Driver: C:\Users\krata\AppData\Local\Temp\ugloqpow.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0x8C688392] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcConnectPort [0x8C6A324A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcCreatePort [0x8C6A3580] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcSendWaitReceivePort [0x8C6A38F6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwClose [0x8C688E0C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwConnectPort [0x8C6A2F32] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateEvent [0x8C68937E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateMutant [0x8C68926C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreatePort [0x8C6A33F0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSection [0x8C68814E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSemaphore [0x8C689496] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThread [0x8C6889C2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThreadEx [0x8C688B32] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateUserProcess [0x8C6895AE] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateWaitablePort [0x8C6A34B8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDebugActiveProcess [0x8C689856] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0x8C688E4E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDuplicateObject [0x8C68A858] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwLoadDriver [0x8C689948] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwMapViewOfSection [0x8C689EB4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwNotifyChangeKey [0x8C6A1722] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenEvent [0x8C689410] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenMutant [0x8C6892F8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenProcess [0x8C6885CC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSection [0x8C689C98] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSemaphore [0x8C689528] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenThread [0x8C6884C0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryDirectoryObject [0x8C689664] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryObject [0x8C6A191A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQuerySection [0x8C68A1DA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueueApcThread [0x8C689AE8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyPort [0x8C6A36E4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0x8C6A3632] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0x8C6A3750] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwResumeThread [0x8C68A6FA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSecureConnectPort [0x8C6A30BA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetContextThread [0x8C688CAC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetInformationToken [0x8C689702] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSystemInformation [0x8C68A32A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendProcess [0x8C68A41E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendThread [0x8C68A558] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSystemDebugControl [0x8C689778] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateProcess [0x8C68876C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateThread [0x8C6886C2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0x8C68A092] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0x8C688858] ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 83456A49 1 Byte [06] .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 834904D2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} .text ntkrnlpa.exe!KeRemoveQueueEx + 10D7 8349750C 4 Bytes [92, 83, 68, 8C] .text ntkrnlpa.exe!KeRemoveQueueEx + 10FF 83497534 8 Bytes [4A, 32, 6A, 8C, 80, 35, 6A, ...] .text ntkrnlpa.exe!KeRemoveQueueEx + 1143 83497578 4 Bytes [F6, 38, 6A, 8C] {IDIV BYTE [EAX]; PUSH -0x74} .text ntkrnlpa.exe!KeRemoveQueueEx + 116F 834975A4 4 Bytes [0C, 8E, 68, 8C] .text ntkrnlpa.exe!KeRemoveQueueEx + 1193 834975C8 1 Byte [32] .text ... .sptd1 C:\Windows\System32\Drivers\sptd.sys entry point in ".sptd1" section [0x8478BB2E] PAGE PCIIDEX.SYS!DllUnload 885AA606 5 Bytes JMP 8575A1C8 PAGE ataport.SYS!DllUnload + 1 83BF2AD7 4 Bytes JMP 857561C9 .text USBPORT.SYS!DllUnload 968C5DB9 5 Bytes JMP 86850410 .text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0x9C883000, 0xBB22, 0xE8000020] .text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0x9C897300, 0x1BEE, 0xE8000020] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Internet Explorer\iexplore.exe[2600] USER32.dll!CreateWindowExW 76B5EC7C 5 Bytes JMP 6F4538A4 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2600] USER32.dll!DialogBoxParamW 76B73B9B 5 Bytes JMP 6F387F51 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2600] USER32.dll!DialogBoxIndirectParamW 76B83B7F 5 Bytes JMP 6F58FF58 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2600] USER32.dll!DialogBoxParamA 76B9CF42 5 Bytes JMP 6F58FEF5 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2600] USER32.dll!DialogBoxIndirectParamA 76B9D274 5 Bytes JMP 6F58FFBE C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2600] USER32.dll!MessageBoxIndirectA 76BAE869 5 Bytes JMP 6F58FE8A C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2600] USER32.dll!MessageBoxIndirectW 76BAE963 5 Bytes JMP 6F58FE1F C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2600] USER32.dll!MessageBoxExA 76BAE9C9 5 Bytes JMP 6F58FDBD C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2600] USER32.dll!MessageBoxExW 76BAE9ED 5 Bytes JMP 6F58FD5B C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!EnableWindow 76B58D02 5 Bytes JMP 6F37A845 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!GetAsyncKeyState 76B5A256 5 Bytes JMP 6F37B1F2 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!CallNextHookEx 76B5ABE1 5 Bytes JMP 6F3C3CA7 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!UnhookWindowsHookEx 76B5ADF9 5 Bytes JMP 6F47D937 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!SetWindowsHookExW 76B5E30C 3 Bytes JMP 6F417DE1 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!SetWindowsHookExW + 4 76B5E310 1 Byte [F8] .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!CreateWindowExW 76B5EC7C 5 Bytes JMP 6F4538A4 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!GetKeyState 76B62B4D 1 Byte [E9] .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!GetKeyState 76B62B4D 5 Bytes JMP 6F380F51 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!IsDialogMessageW 76B64104 5 Bytes JMP 6F37AD9E C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!CreateDialogParamA 76B71F42 5 Bytes JMP 6F590BCF C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!IsDialogMessage 76B72019 5 Bytes JMP 6F590409 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!DialogBoxParamW 76B73B9B 5 Bytes JMP 6F387F51 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!CreateDialogIndirectParamA 76B7721D 5 Bytes JMP 6F590C3D C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!CreateDialogIndirectParamW 76B7EA10 5 Bytes JMP 6F590C74 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!DialogBoxIndirectParamW 76B83B7F 5 Bytes JMP 6F58FF58 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!EndDialog 76B83BA3 5 Bytes JMP 6F37AFF0 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!CreateDialogParamW 76B85630 5 Bytes JMP 6F590C06 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!SetKeyboardState 76B8695A 5 Bytes JMP 6F59076E C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!SendInput 76B87019 5 Bytes JMP 6F591394 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!SetCursorPos 76B9C1B0 5 Bytes JMP 6F5913EC C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!DialogBoxParamA 76B9CF42 5 Bytes JMP 6F58FEF5 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!DialogBoxIndirectParamA 76B9D274 5 Bytes JMP 6F58FFBE C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!MessageBoxIndirectA 76BAE869 5 Bytes JMP 6F58FE8A C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!MessageBoxIndirectW 76BAE963 5 Bytes JMP 6F58FE1F C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!MessageBoxExA 76BAE9C9 5 Bytes JMP 6F58FDBD C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!MessageBoxExW 76BAE9ED 5 Bytes JMP 6F58FD5B C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] USER32.dll!keybd_event 76BAEC3B 5 Bytes JMP 6F59171F C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] SHELL32.dll!RealDriveType + 173D 7701FE30 4 Bytes [A5, 35, AD, 73] .text C:\Program Files\Internet Explorer\iexplore.exe[3156] SHELL32.dll!RealDriveType + 1745 7701FE38 8 Bytes [F3, 34, AD, 73, 17, 73, AC, ...] .text C:\Program Files\Internet Explorer\iexplore.exe[3156] ole32.dll!OleLoadFromStream 768B6143 5 Bytes JMP 6F5902AE C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3156] ole32.dll!CoCreateInstance 768F9D0B 5 Bytes JMP 6F453432 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!EnableWindow 76B58D02 5 Bytes JMP 6F37A845 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!GetAsyncKeyState 76B5A256 5 Bytes JMP 6F37B1F2 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!CallNextHookEx 76B5ABE1 5 Bytes JMP 6F3C3CA7 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!UnhookWindowsHookEx 76B5ADF9 5 Bytes JMP 6F47D937 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!SetWindowsHookExW 76B5E30C 3 Bytes JMP 6F417DE1 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!SetWindowsHookExW + 4 76B5E310 1 Byte [F8] .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!CreateWindowExW 76B5EC7C 5 Bytes JMP 6F4538A4 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!GetKeyState 76B62B4D 1 Byte [E9] .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!GetKeyState 76B62B4D 5 Bytes JMP 6F380F51 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!IsDialogMessageW 76B64104 5 Bytes JMP 6F37AD9E C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!CreateDialogParamA 76B71F42 5 Bytes JMP 6F590BCF C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!IsDialogMessage 76B72019 5 Bytes JMP 6F590409 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!DialogBoxParamW 76B73B9B 5 Bytes JMP 6F387F51 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!CreateDialogIndirectParamA 76B7721D 5 Bytes JMP 6F590C3D C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!CreateDialogIndirectParamW 76B7EA10 5 Bytes JMP 6F590C74 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!DialogBoxIndirectParamW 76B83B7F 5 Bytes JMP 6F58FF58 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!EndDialog 76B83BA3 5 Bytes JMP 6F37AFF0 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!CreateDialogParamW 76B85630 5 Bytes JMP 6F590C06 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!SetKeyboardState 76B8695A 5 Bytes JMP 6F59076E C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!SendInput 76B87019 5 Bytes JMP 6F591394 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!SetCursorPos 76B9C1B0 5 Bytes JMP 6F5913EC C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!DialogBoxParamA 76B9CF42 5 Bytes JMP 6F58FEF5 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!DialogBoxIndirectParamA 76B9D274 5 Bytes JMP 6F58FFBE C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!MessageBoxIndirectA 76BAE869 5 Bytes JMP 6F58FE8A C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!MessageBoxIndirectW 76BAE963 5 Bytes JMP 6F58FE1F C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!MessageBoxExA 76BAE9C9 5 Bytes JMP 6F58FDBD C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!MessageBoxExW 76BAE9ED 5 Bytes JMP 6F58FD5B C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] USER32.dll!keybd_event 76BAEC3B 5 Bytes JMP 6F59171F C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] SHELL32.dll!RealDriveType + 173D 7701FE30 4 Bytes [A5, 35, AD, 73] .text C:\Program Files\Internet Explorer\iexplore.exe[3728] SHELL32.dll!RealDriveType + 1745 7701FE38 8 Bytes [F3, 34, AD, 73, 17, 73, AC, ...] .text C:\Program Files\Internet Explorer\iexplore.exe[3728] ole32.dll!OleLoadFromStream 768B6143 5 Bytes JMP 6F5902AE C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3728] ole32.dll!CoCreateInstance 768F9D0B 5 Bytes JMP 6F453432 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [84696730] \SystemRoot\System32\Drivers\sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.) IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [84696F12] \SystemRoot\System32\Drivers\sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.) IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUlong] [84697232] \SystemRoot\System32\Drivers\sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.) IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [846970F0] \SystemRoot\System32\Drivers\sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.) IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [84696914] \SystemRoot\System32\Drivers\sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.) ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\Explorer.EXE[1576] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74A424CB] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1576] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74A2562E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1576] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74A256EC] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1576] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74A42546] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1576] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74A385AA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1576] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74A34D5E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1576] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [74A35105] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1576] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [74A351DA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1576] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [74A36707] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1576] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [74A38301] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1576] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74A38850] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1576] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [74A390B1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1576] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [74A3E254] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1576] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74A34C90] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2220] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75E1FFF6] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2220] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75E1FFF6] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2220] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75E1FFF6] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2220] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75E1FFF6] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2220] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [75E1FFF6] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2220] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [75E1FFF6] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [73AB9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [73AC3932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [73AC1ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [73ABC028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [73AC3B9B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [73AC5870] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [73AC4731] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [73AC4DCC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [73AC1D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [73ABF312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [73AB9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [73AC1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [73AC06BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [73ABFAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [73AC1A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [73AC0043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [73AC0CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [73AC3932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [73AC1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [73AC1ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [73AB9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [73AC06BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [73AC1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [73AC0CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [73AC2ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [73ABF1BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [73ABF312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [73ABFAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [73AC1A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [73AC1ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [73AC4DCC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [73AC4731] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [73ABDF55] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [73AC06BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [73AC3932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [73ABDCFA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [73ABDE25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [73AC0571] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [73AB9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [73AC1D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [73ABDBCF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [73AC417A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [73AC5870] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [73AC46BE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [73AC4A6A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [73AC814E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [73AC88D4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [73AC8498] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [73AC7D69] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [73AC8BE8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [73AC8FED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [73AC7B86] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [73AC8C3A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [73AC7EA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [73AC785E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [73AC7C2D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [73AC87AC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [73AC85D4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsContentTypeW] [73AC7E07] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegQueryUSValueW] [73AC9AAD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegEnumUSKeyW] [73AC94A2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyA] [73AC98E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [73AC7F3A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [73AC7E56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [73AC79F8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [73AC9710] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCanonicalizeW] [73AC7AE5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [73AC9B66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [73AC97C9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [73AC7701] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [73AC9611] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [73AC8102] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [73AC7FD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [73AC819A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [73AC8C89] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [73AC7CCE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [73AC8E84] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [73AC8840] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyW] [73AC993E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [73AC8674] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [73AC91F7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [73AC8DD1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [73AC9D85] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [73AC8D2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [73AC7A47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [73AC8F3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [73AC77AE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [73AC82D0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [73AC8530] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [73AC8972] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [73AC8368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [73AC8400] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [73AC9888] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [73ABD9AD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [73AC0F2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [73AC1904] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [73AC141F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [73AC1A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [73AC09C2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [73ABFAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [73ABF834] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [73ABF084] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [73AC27FF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [73AC1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [73ABF312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [73ABEB7A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [73ABE563] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [73AC2ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [73AC27DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [73ABE901] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [73AC0043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [73ABEE02] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [73AC1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [73AC1A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [73AC9888] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [73AC982A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [73AC8920] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [73AC8C3A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [73AC8D2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [73AC7C2D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [73AC8EE2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [73AC9D2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [73AC8F3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [73AC9D85] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCombineW] [73AC7B86] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [73AB9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [73AB9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3156] @ C:\Windows\System32\Secur32.dll [KERNEL32.dll!GetProcAddress] [73AB9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [73AB9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [73AC3932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [73AC1ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [73ABC028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [73AC3B9B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [73AC5870] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [73AC4731] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [73AC4DCC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [73AC1D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [73ABF312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [73AB9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [73AC1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [73AC06BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [73ABFAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [73AC1A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [73AC0043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [73AC0CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [73AC3932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [73AC1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [73AC1ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [73AB9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [73AC06BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [73AC1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [73AC0CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [73AC2ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [73ABF1BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [73ABF312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [73ABFAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [73AC1A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [73AC1ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [73AC4DCC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [73AC4731] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [73ABDF55] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [73AC06BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [73AC3932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [73ABDCFA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [73ABDE25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [73AC0571] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [73AB9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [73AC1D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [73ABDBCF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [73AC417A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [73AC5870] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [73AC46BE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [73AC4A6A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [73AC814E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [73AC88D4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [73AC8498] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [73AC7D69] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [73AC8BE8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [73AC8FED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [73AC7B86] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [73AC8C3A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [73AC7EA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [73AC785E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [73AC7C2D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [73AC87AC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [73AC85D4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsContentTypeW] [73AC7E07] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegQueryUSValueW] [73AC9AAD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegEnumUSKeyW] [73AC94A2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyA] [73AC98E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [73AC7F3A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [73AC7E56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [73AC79F8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [73AC9710] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCanonicalizeW] [73AC7AE5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [73AC9B66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [73AC97C9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [73AC7701] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [73AC9611] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [73AC8102] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [73AC7FD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [73AC819A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [73AC8C89] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [73AC7CCE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [73AC8E84] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [73AC8840] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyW] [73AC993E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [73AC8674] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [73AC91F7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [73AC8DD1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [73AC9D85] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [73AC8D2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [73AC7A47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [73AC8F3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [73AC77AE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [73AC82D0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [73AC8530] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [73AC8972] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [73AC8368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [73AC8400] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [73AC9888] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [73ABD9AD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [73AC0F2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [73AC1904] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [73AC141F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [73AC1A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [73AC09C2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [73ABFAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [73ABF834] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [73ABF084] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [73AC27FF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [73AC1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [73ABF312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [73ABEB7A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [73ABE563] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [73AC2ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [73AC27DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [73ABE901] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [73AC0043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [73ABEE02] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [73AC1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [73AC1A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [73AC9888] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [73AC982A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [73AC8920] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [73AC8C3A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [73AC8D2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [73AC7C2D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [73AC8EE2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [73AC9D2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [73AC8F3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [73AC9D85] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCombineW] [73AC7B86] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [73AB9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [73AB9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3728] @ C:\Windows\System32\Secur32.dll [KERNEL32.dll!GetProcAddress] [73AB9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 8575E1E8 Device \FileSystem\fastfat \FatCdrom 86001430 Device \Driver\usbuhci \Device\USBPDO-0 867A31E8 Device \Driver\usbuhci \Device\USBPDO-1 867A31E8 Device \Driver\ACPI_HAL \Device\00000052 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) Device \Driver\usbuhci \Device\USBPDO-2 867A31E8 Device \Driver\usbuhci \Device\USBPDO-3 867A31E8 Device \Driver\usbehci \Device\USBPDO-4 86854430 AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) Device \Driver\cdrom \Device\CdRom0 866621E8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 8575C1E8 Device \Driver\atapi \Device\Ide\IdePort0 8575C1E8 Device \Driver\atapi \Device\Ide\IdePort1 8575C1E8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 8575C1E8 Device \Driver\NetBT \Device\NetBt_Wins_Export 86684430 Device \Driver\NetBT \Device\NetBT_Tcpip_{CE2B762A-254A-4795-AB51-A5FC64205F10} 86684430 AttachedDevice \Driver\tdx \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) AttachedDevice \Driver\tdx \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) Device \Driver\usbuhci \Device\USBFDO-0 867A31E8 Device \Driver\usbuhci \Device\USBFDO-1 867A31E8 Device \Driver\usbuhci \Device\USBFDO-2 867A31E8 Device \Driver\usbuhci \Device\USBFDO-3 867A31E8 Device \Driver\usbehci \Device\USBFDO-4 86854430 Device \FileSystem\fastfat \Fat 86001430 AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Menedżer filtrów systemu plików firmy Microsoft/Microsoft Corporation) Device \FileSystem\cdfs \Cdfs 879581E8 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x2F 0x75 0x45 0xEB ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xDE 0x98 0x53 0x8B ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x2F 0x75 0x45 0xEB ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1 Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xDE 0x98 0x53 0x8B ... ---- EOF - GMER 1.0.15 ----