GMER 1.0.15.15570 - http://www.gmer.net Rootkit scan 2011-03-24 16:42:40 Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK2555GSX rev.FG001M Running: 5f88t47f.exe; Driver: C:\Users\Marta\AppData\Local\Temp\pgrdykod.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0x8EC4B9CA] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0x8F894A68] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0x8EC4DEAC] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0x8EC4DF04] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0x8EC4E01A] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0x8EC4DE02] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSection [0x8EC4DF54] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0x8EC4DE56] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0x8EC4DFC8] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0x8EC4B9EE] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0x8F894B18] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwLoadDriver [0x8EC4B7B8] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0x8EC4BA12] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0x8EC4E412] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0x8EC4C4AA] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0x8EC4DEDC] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0x8EC4DF2C] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0x8EC4E044] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0x8EC4DE2E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0x8EC4DF94] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0x8EC4DE84] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0x8EC4DFF2] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0x8F894BB0] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0x8EC4C370] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0x8EC4BA36] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0x8EC4BA5A] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0x8EC4B812] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0x8EC4B94E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0x8EC4B92A] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0x8EC4B972] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0x8EC4BA7E] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x8F8A98DE] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwSaveKeyEx + 13BD 82C7F589 1 Byte [06] .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82CA4092 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} .text ntkrnlpa.exe!RtlSidHashLookup + 214 82CAB824 4 Bytes [CA, B9, C4, 8E] .text ntkrnlpa.exe!RtlSidHashLookup + 23C 82CAB84C 4 Bytes [68, 4A, 89, 8F] .text ntkrnlpa.exe!RtlSidHashLookup + 2F0 82CAB900 8 Bytes [AC, DE, C4, 8E, 04, DF, C4, ...] .text ntkrnlpa.exe!RtlSidHashLookup + 2FC 82CAB90C 4 Bytes CALL 47AAD393 .text ntkrnlpa.exe!RtlSidHashLookup + 318 82CAB928 4 Bytes [02, DE, C4, 8E] .text ... PAGE ntkrnlpa.exe!ObMakeTemporaryObject 82E452CB 5 Bytes JMP 8F8A529E \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObInsertObject + 27 82E5F003 5 Bytes JMP 8F8A6D50 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 108 82EA95CA 4 Bytes CALL 8EC4CE3B \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) PAGE ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 122 82EB16A5 4 Bytes CALL 8EC4CE51 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) PAGE ntkrnlpa.exe!ZwCreateProcessEx 82F172F4 7 Bytes JMP 8F8A98E2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[236] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0016006C .text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[236] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00160030 .text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[236] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00220120 .text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[236] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0022006C .text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[236] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 002200E4 .text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[236] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00220030 .text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[236] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 002200A8 .text C:\Program[300] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Program[300] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Program[300] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00110120 .text C:\Program[300] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0011006C .text C:\Program[300] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 001100E4 .text C:\Program[300] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00110030 .text C:\Program[300] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 001100A8 .text C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe[332] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0016006C .text C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe[332] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00160030 .text C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe[332] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00300120 .text C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe[332] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0030006C .text C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe[332] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 003000E4 .text C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe[332] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00300030 .text C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe[332] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 003000A8 .text C:\Windows\system32\wininit.exe[432] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0003006C .text C:\Windows\system32\wininit.exe[432] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00030030 .text C:\Windows\system32\wininit.exe[432] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 000C0120 .text C:\Windows\system32\wininit.exe[432] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 000C006C .text C:\Windows\system32\wininit.exe[432] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 000C00E4 .text C:\Windows\system32\wininit.exe[432] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 000C0030 .text C:\Windows\system32\wininit.exe[432] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 000C00A8 .text C:\Windows\system32\services.exe[488] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Windows\system32\services.exe[488] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Windows\system32\winlogon.exe[528] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0003006C .text C:\Windows\system32\winlogon.exe[528] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00030030 .text C:\Windows\system32\winlogon.exe[528] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 000C0120 .text C:\Windows\system32\winlogon.exe[528] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 000C006C .text C:\Windows\system32\winlogon.exe[528] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 000C00E4 .text C:\Windows\system32\winlogon.exe[528] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 000C0030 .text C:\Windows\system32\winlogon.exe[528] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 000C00A8 .text C:\Windows\system32\lsass.exe[540] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Windows\system32\lsass.exe[540] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Windows\system32\lsass.exe[540] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00210120 .text C:\Windows\system32\lsass.exe[540] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0021006C .text C:\Windows\system32\lsass.exe[540] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 002100E4 .text C:\Windows\system32\lsass.exe[540] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00210030 .text C:\Windows\system32\lsass.exe[540] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 002100A8 .text C:\Windows\system32\lsm.exe[548] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Windows\system32\lsm.exe[548] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Windows\system32\svchost.exe[664] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 000A006C .text C:\Windows\system32\svchost.exe[664] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 000A0030 .text C:\Windows\system32\svchost.exe[800] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Windows\system32\svchost.exe[800] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Windows\System32\svchost.exe[848] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 000A006C .text C:\Windows\System32\svchost.exe[848] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 000A0030 .text C:\Windows\System32\svchost.exe[848] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00550120 .text C:\Windows\System32\svchost.exe[848] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0055006C .text C:\Windows\System32\svchost.exe[848] USER32.dll!SetWindowsHookExW 75C9210A 3 Bytes JMP 005500E4 .text C:\Windows\System32\svchost.exe[848] USER32.dll!SetWindowsHookExW + 4 75C9210E 1 Byte [8A] .text C:\Windows\System32\svchost.exe[848] USER32.dll!SetWinEventHook 75C9507E 3 Bytes JMP 00550030 .text C:\Windows\System32\svchost.exe[848] USER32.dll!SetWinEventHook + 4 75C95082 1 Byte [8A] .text C:\Windows\System32\svchost.exe[848] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 005500A8 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[880] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0005006C .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[880] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00050030 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[880] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 000F0120 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[880] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 000F006C .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[880] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 000F00E4 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[880] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 000F0030 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[880] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 000F00A8 .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[936] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[936] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[936] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 003F0120 .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[936] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 003F006C .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[936] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 003F00E4 .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[936] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 003F0030 .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[936] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 003F00A8 .text C:\Windows\System32\svchost.exe[940] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Windows\System32\svchost.exe[940] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Windows\System32\svchost.exe[940] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 001F0120 .text C:\Windows\System32\svchost.exe[940] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 001F006C .text C:\Windows\System32\svchost.exe[940] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 001F00E4 .text C:\Windows\System32\svchost.exe[940] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 001F0030 .text C:\Windows\System32\svchost.exe[940] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 001F00A8 .text C:\Windows\system32\svchost.exe[984] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Windows\system32\svchost.exe[984] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Windows\system32\svchost.exe[984] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00BC0120 .text C:\Windows\system32\svchost.exe[984] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 00BC006C .text C:\Windows\system32\svchost.exe[984] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 00BC00E4 .text C:\Windows\system32\svchost.exe[984] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00BC0030 .text C:\Windows\system32\svchost.exe[984] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 00BC00A8 .text C:\Windows\system32\svchost.exe[1108] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Windows\system32\svchost.exe[1108] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Windows\system32\svchost.exe[1108] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00630120 .text C:\Windows\system32\svchost.exe[1108] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0063006C .text C:\Windows\system32\svchost.exe[1108] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 006300E4 .text C:\Windows\system32\svchost.exe[1108] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00630030 .text C:\Windows\system32\svchost.exe[1108] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 006300A8 .text C:\Windows\system32\svchost.exe[1216] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Windows\system32\svchost.exe[1216] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Windows\system32\svchost.exe[1216] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00620120 .text C:\Windows\system32\svchost.exe[1216] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0062006C .text C:\Windows\system32\svchost.exe[1216] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 006200E4 .text C:\Windows\system32\svchost.exe[1216] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00620030 .text C:\Windows\system32\svchost.exe[1216] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 006200A8 .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1308] kernel32.dll!SetUnhandledExceptionFilter 75DA3162 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP } .text C:\Windows\System32\spoolsv.exe[1612] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Windows\System32\spoolsv.exe[1612] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Windows\System32\spoolsv.exe[1612] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00140120 .text C:\Windows\System32\spoolsv.exe[1612] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0014006C .text C:\Windows\System32\spoolsv.exe[1612] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 001400E4 .text C:\Windows\System32\spoolsv.exe[1612] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00140030 .text C:\Windows\System32\spoolsv.exe[1612] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 001400A8 .text C:\Windows\system32\svchost.exe[1640] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Windows\system32\svchost.exe[1640] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Windows\system32\svchost.exe[1640] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00140120 .text C:\Windows\system32\svchost.exe[1640] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0014006C .text C:\Windows\system32\svchost.exe[1640] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 001400E4 .text C:\Windows\system32\svchost.exe[1640] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00140030 .text C:\Windows\system32\svchost.exe[1640] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 001400A8 .text C:\Program Files\Application Updater\ApplicationUpdater.exe[1728] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0007006C .text C:\Program Files\Application Updater\ApplicationUpdater.exe[1728] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00070030 .text C:\Program Files\Application Updater\ApplicationUpdater.exe[1728] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00100120 .text C:\Program Files\Application Updater\ApplicationUpdater.exe[1728] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0010006C .text C:\Program Files\Application Updater\ApplicationUpdater.exe[1728] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 001000E4 .text C:\Program Files\Application Updater\ApplicationUpdater.exe[1728] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00100030 .text C:\Program Files\Application Updater\ApplicationUpdater.exe[1728] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 001000A8 .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[1764] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0016006C .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[1764] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00160030 .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[1764] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00250120 .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[1764] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0025006C .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[1764] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 002500E4 .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[1764] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00250030 .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[1764] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 002500A8 .text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1816] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 000A006C .text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1816] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 000A0030 .text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1816] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 000D0120 .text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1816] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 000D006C .text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1816] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 000D00E4 .text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1816] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 000D0030 .text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1816] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 000D00A8 .text C:\Windows\system32\svchost.exe[1940] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Windows\system32\svchost.exe[1940] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Windows\system32\SearchIndexer.exe[2312] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Windows\system32\SearchIndexer.exe[2312] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Windows\system32\SearchIndexer.exe[2312] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 000E0120 .text C:\Windows\system32\SearchIndexer.exe[2312] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 000E006C .text C:\Windows\system32\SearchIndexer.exe[2312] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 000E00E4 .text C:\Windows\system32\SearchIndexer.exe[2312] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 000E0030 .text C:\Windows\system32\SearchIndexer.exe[2312] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 000E00A8 .text C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe[2352] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0016006C .text C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe[2352] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00160030 .text C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe[2352] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00360120 .text C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe[2352] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0036006C .text C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe[2352] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 003600E4 .text C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe[2352] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00360030 .text C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe[2352] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 003600A8 .text C:\Program Files\Internet Explorer\iexplore.exe[2456] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0005006C .text C:\Program Files\Internet Explorer\iexplore.exe[2456] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00050030 .text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 000F0120 .text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 000F006C .text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!CreateWindowExW 75C90E51 5 Bytes JMP 6AF2818F C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 000F00E4 .text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 000F0030 .text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!DialogBoxIndirectParamW 75CB4AA7 5 Bytes JMP 6B04FE68 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!DialogBoxParamW 75CB564A 5 Bytes JMP 6AE44BA7 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 000F00A8 .text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!DialogBoxParamA 75CCCF6A 5 Bytes JMP 6B04FE05 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!DialogBoxIndirectParamA 75CCD29C 5 Bytes JMP 6B04FECB C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!MessageBoxIndirectA 75CDE8C9 5 Bytes JMP 6B04FD9A C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!MessageBoxIndirectW 75CDE9C3 5 Bytes JMP 6B04FD2F C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!MessageBoxExA 75CDEA29 5 Bytes JMP 6B04FCCD C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!MessageBoxExW 75CDEA4D 5 Bytes JMP 6B04FC6B C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2536] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0017006C .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2536] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00170030 .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2536] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00200120 .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2536] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0020006C .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2536] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 002000E4 .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2536] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00200030 .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2536] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 002000A8 .text C:\Windows\system32\taskhost.exe[2580] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0005006C .text C:\Windows\system32\taskhost.exe[2580] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00050030 .text C:\Windows\system32\taskhost.exe[2580] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 000F0120 .text C:\Windows\system32\taskhost.exe[2580] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 000F006C .text C:\Windows\system32\taskhost.exe[2580] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 000F00E4 .text C:\Windows\system32\taskhost.exe[2580] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 000F0030 .text C:\Windows\system32\taskhost.exe[2580] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 000F00A8 .text C:\Windows\System32\svchost.exe[2604] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Windows\System32\svchost.exe[2604] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Windows\System32\svchost.exe[2604] user32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00300120 .text C:\Windows\System32\svchost.exe[2604] user32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0030006C .text C:\Windows\System32\svchost.exe[2604] user32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 003000E4 .text C:\Windows\System32\svchost.exe[2604] user32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00300030 .text C:\Windows\System32\svchost.exe[2604] user32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 003000A8 .text C:\Windows\system32\Dwm.exe[2668] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Windows\system32\Dwm.exe[2668] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Windows\system32\Dwm.exe[2668] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 000F0120 .text C:\Windows\system32\Dwm.exe[2668] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 000F006C .text C:\Windows\system32\Dwm.exe[2668] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 000F00E4 .text C:\Windows\system32\Dwm.exe[2668] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 000F0030 .text C:\Windows\system32\Dwm.exe[2668] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 000F00A8 .text C:\Windows\Explorer.EXE[2792] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Windows\Explorer.EXE[2792] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Windows\Explorer.EXE[2792] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00110120 .text C:\Windows\Explorer.EXE[2792] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0011006C .text C:\Windows\Explorer.EXE[2792] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 001100E4 .text C:\Windows\Explorer.EXE[2792] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00110030 .text C:\Windows\Explorer.EXE[2792] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 001100A8 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2804] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0005006C .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2804] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00050030 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2804] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 000C0120 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2804] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 000C006C .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2804] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 000C00E4 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2804] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 000C0030 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2804] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 000C00A8 .text C:\Windows\system32\svchost.exe[2932] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Windows\system32\svchost.exe[2932] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Windows\system32\svchost.exe[2932] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 006D0120 .text C:\Windows\system32\svchost.exe[2932] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 006D006C .text C:\Windows\system32\svchost.exe[2932] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 006D00E4 .text C:\Windows\system32\svchost.exe[2932] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 006D0030 .text C:\Windows\system32\svchost.exe[2932] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 006D00A8 .text C:\Program Files\Software Informer\softinfo.exe[2940] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0016006C .text C:\Program Files\Software Informer\softinfo.exe[2940] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00160030 .text C:\Program Files\Software Informer\softinfo.exe[2940] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00360120 .text C:\Program Files\Software Informer\softinfo.exe[2940] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0036006C .text C:\Program Files\Software Informer\softinfo.exe[2940] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 003600E4 .text C:\Program Files\Software Informer\softinfo.exe[2940] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00360030 .text C:\Program Files\Software Informer\softinfo.exe[2940] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 003600A8 .text C:\Program Files\Windows Sidebar\sidebar.exe[3028] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Program Files\Windows Sidebar\sidebar.exe[3028] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Program Files\Windows Sidebar\sidebar.exe[3028] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00110120 .text C:\Program Files\Windows Sidebar\sidebar.exe[3028] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0011006C .text C:\Program Files\Windows Sidebar\sidebar.exe[3028] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 001100E4 .text C:\Program Files\Windows Sidebar\sidebar.exe[3028] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00110030 .text C:\Program Files\Windows Sidebar\sidebar.exe[3028] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 001100A8 .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3220] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0016006C .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3220] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00160030 .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3220] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00220120 .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3220] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0022006C .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3220] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 002200E4 .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3220] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00220030 .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3220] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 002200A8 .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[3228] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0016006C .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[3228] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00160030 .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[3228] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00870120 .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[3228] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0087006C .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[3228] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 008700E4 .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[3228] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00870030 .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[3228] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 008700A8 .text C:\Windows\System32\igfxtray.exe[3272] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0016006C .text C:\Windows\System32\igfxtray.exe[3272] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00160030 .text C:\Windows\System32\igfxtray.exe[3272] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00200120 .text C:\Windows\System32\igfxtray.exe[3272] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0020006C .text C:\Windows\System32\igfxtray.exe[3272] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 002000E4 .text C:\Windows\System32\igfxtray.exe[3272] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00200030 .text C:\Windows\System32\igfxtray.exe[3272] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 002000A8 .text C:\Windows\System32\hkcmd.exe[3284] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0016006C .text C:\Windows\System32\hkcmd.exe[3284] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00160030 .text C:\Windows\System32\hkcmd.exe[3284] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00200120 .text C:\Windows\System32\hkcmd.exe[3284] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0020006C .text C:\Windows\System32\hkcmd.exe[3284] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 002000E4 .text C:\Windows\System32\hkcmd.exe[3284] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00200030 .text C:\Windows\System32\hkcmd.exe[3284] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 002000A8 .text C:\Windows\System32\igfxpers.exe[3296] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0016006C .text C:\Windows\System32\igfxpers.exe[3296] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00160030 .text C:\Windows\System32\igfxpers.exe[3296] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00210120 .text C:\Windows\System32\igfxpers.exe[3296] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0021006C .text C:\Windows\System32\igfxpers.exe[3296] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 002100E4 .text C:\Windows\System32\igfxpers.exe[3296] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00210030 .text C:\Windows\System32\igfxpers.exe[3296] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 002100A8 .text C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe[3304] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe[3304] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe[3304] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 000F0120 .text C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe[3304] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 000F006C .text C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe[3304] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 000F00E4 .text C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe[3304] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 000F0030 .text C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe[3304] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 000F00A8 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3468] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0017006C .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3468] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00170030 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3468] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00210120 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3468] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0021006C .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3468] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 002100E4 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3468] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00210030 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3468] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 002100A8 .text C:\Program Files\HP\HP Software Update\hpwuschd2.exe[3512] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0016006C .text C:\Program Files\HP\HP Software Update\hpwuschd2.exe[3512] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00160030 .text C:\Program Files\HP\HP Software Update\hpwuschd2.exe[3512] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 001F0120 .text C:\Program Files\HP\HP Software Update\hpwuschd2.exe[3512] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 001F006C .text C:\Program Files\HP\HP Software Update\hpwuschd2.exe[3512] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 001F00E4 .text C:\Program Files\HP\HP Software Update\hpwuschd2.exe[3512] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 001F0030 .text C:\Program Files\HP\HP Software Update\hpwuschd2.exe[3512] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 001F00A8 .text C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe[3608] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe[3608] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe[3608] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00090120 .text C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe[3608] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0009006C .text C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe[3608] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 000900E4 .text C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe[3608] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00090030 .text C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe[3608] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 000900A8 .text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[3656] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0016006C .text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[3656] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00160030 .text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[3656] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00290120 .text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[3656] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0029006C .text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[3656] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 002900E4 .text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[3656] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00290030 .text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[3656] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 002900A8 .text C:\Program Files\ipla\ipla.exe[3680] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Program Files\ipla\ipla.exe[3680] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Program Files\ipla\ipla.exe[3680] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00410120 .text C:\Program Files\ipla\ipla.exe[3680] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0041006C .text C:\Program Files\ipla\ipla.exe[3680] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 004100E4 .text C:\Program Files\ipla\ipla.exe[3680] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00410030 .text C:\Program Files\ipla\ipla.exe[3680] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 004100A8 .text C:\Program Files\Internet Explorer\iexplore.exe[3872] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0005006C .text C:\Program Files\Internet Explorer\iexplore.exe[3872] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00050030 .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!CreateDialogParamW 75C89BFF 5 Bytes JMP 6AE7C570 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!EnableWindow 75C8A72E 5 Bytes JMP 6AE7C4EB C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!GetAsyncKeyState 75C8C09A 5 Bytes JMP 6AE3D6E9 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 6AF383A2 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!CallNextHookEx 75C8CC8F 5 Bytes JMP 6AF19D8C C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0008006C .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!CreateWindowExW 75C90E51 5 Bytes JMP 6AF2818F C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 6AED4643 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!GetKeyState 75C94FDA 5 Bytes JMP 6AE7D762 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00080030 .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!IsDialogMessageW 75C96F06 5 Bytes JMP 6AE44284 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!CreateDialogParamA 75CA3E79 5 Bytes JMP 6B050A5E C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!IsDialogMessage 75CA407A 5 Bytes JMP 6B0502FF C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!CreateDialogIndirectParamA 75CA9110 5 Bytes JMP 6B050A95 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!CreateDialogIndirectParamW 75CB08AD 5 Bytes JMP 6B050ACC C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!DialogBoxIndirectParamW 75CB4AA7 5 Bytes JMP 6B04FE68 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!EndDialog 75CB555C 5 Bytes JMP 6AE45AE9 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!DialogBoxParamW 75CB564A 5 Bytes JMP 6AE44BA7 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!SetKeyboardState 75CB6B52 5 Bytes JMP 6B050664 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 000800A8 .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!SendInput 75CB7055 5 Bytes JMP 6B051228 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!SetCursorPos 75CCC1D8 5 Bytes JMP 6B051280 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!DialogBoxParamA 75CCCF6A 5 Bytes JMP 6B04FE05 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!DialogBoxIndirectParamA 75CCD29C 5 Bytes JMP 6B04FECB C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!MessageBoxIndirectA 75CDE8C9 5 Bytes JMP 6B04FD9A C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!MessageBoxIndirectW 75CDE9C3 5 Bytes JMP 6B04FD2F C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!MessageBoxExA 75CDEA29 5 Bytes JMP 6B04FCCD C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!MessageBoxExW 75CDEA4D 5 Bytes JMP 6B04FC6B C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] USER32.dll!keybd_event 75CDEC9B 5 Bytes JMP 6B0515B3 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] SHELL32.dll!SHChangeNotification_Lock + 45BA 7609B440 4 Bytes [11, 36, 5E, 70] .text C:\Program Files\Internet Explorer\iexplore.exe[3872] SHELL32.dll!SHChangeNotification_Lock + 45C2 7609B448 8 Bytes [5F, 35, 5E, 70, D0, 73, 5D, ...] .text C:\Program Files\Internet Explorer\iexplore.exe[3872] ole32.dll!OleLoadFromStream 75AD5BF6 5 Bytes JMP 6B0501BB C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3872] ole32.dll!CoCreateInstance 75B2590C 5 Bytes JMP 6AF28C7D C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3952] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3952] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3952] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00240120 .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3952] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0024006C .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3952] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 002400E4 .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3952] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00240030 .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3952] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 002400A8 .text C:\Windows\system32\DllHost.exe[4592] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0005006C .text C:\Windows\system32\DllHost.exe[4592] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00050030 .text C:\Windows\system32\DllHost.exe[4592] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00120120 .text C:\Windows\system32\DllHost.exe[4592] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0012006C .text C:\Windows\system32\DllHost.exe[4592] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 001200E4 .text C:\Windows\system32\DllHost.exe[4592] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 00120030 .text C:\Windows\system32\DllHost.exe[4592] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 001200A8 .text C:\Windows\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe[4644] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0007006C .text C:\Windows\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe[4644] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00070030 .text C:\Windows\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe[4644] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 00550120 .text C:\Windows\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe[4644] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 0055006C .text C:\Windows\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe[4644] USER32.dll!SetWindowsHookExW 75C9210A 3 Bytes JMP 005500E4 .text C:\Windows\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe[4644] USER32.dll!SetWindowsHookExW + 4 75C9210E 1 Byte [8A] .text C:\Windows\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe[4644] USER32.dll!SetWinEventHook 75C9507E 3 Bytes JMP 00550030 .text C:\Windows\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe[4644] USER32.dll!SetWinEventHook + 4 75C95082 1 Byte [8A] .text C:\Windows\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe[4644] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 005500A8 .text C:\Program Files\AIMP2\AIMP2.exe[4816] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0016006C .text C:\Program Files\AIMP2\AIMP2.exe[4816] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00160030 .text C:\Program Files\AIMP2\AIMP2.exe[4816] user32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 001F0120 .text C:\Program Files\AIMP2\AIMP2.exe[4816] user32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 001F006C .text C:\Program Files\AIMP2\AIMP2.exe[4816] user32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 001F00E4 .text C:\Program Files\AIMP2\AIMP2.exe[4816] user32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 001F0030 .text C:\Program Files\AIMP2\AIMP2.exe[4816] user32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 001F00A8 .text C:\Program Files\Internet Explorer\iexplore.exe[5348] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0005006C .text C:\Program Files\Internet Explorer\iexplore.exe[5348] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00050030 .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!CreateDialogParamW 75C89BFF 5 Bytes JMP 6AE7C570 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!EnableWindow 75C8A72E 5 Bytes JMP 6AE7C4EB C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!GetAsyncKeyState 75C8C09A 5 Bytes JMP 6AE3D6E9 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 6AF383A2 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!CallNextHookEx 75C8CC8F 5 Bytes JMP 6AF19D8C C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 001F006C .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!CreateWindowExW 75C90E51 5 Bytes JMP 6AF2818F C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 6AED4643 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!GetKeyState 75C94FDA 5 Bytes JMP 6AE7D762 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 001F0030 .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!IsDialogMessageW 75C96F06 5 Bytes JMP 6AE44284 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!CreateDialogParamA 75CA3E79 5 Bytes JMP 6B050A5E C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!IsDialogMessage 75CA407A 5 Bytes JMP 6B0502FF C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!CreateDialogIndirectParamA 75CA9110 5 Bytes JMP 6B050A95 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!CreateDialogIndirectParamW 75CB08AD 5 Bytes JMP 6B050ACC C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!DialogBoxIndirectParamW 75CB4AA7 5 Bytes JMP 6B04FE68 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!EndDialog 75CB555C 5 Bytes JMP 6AE45AE9 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!DialogBoxParamW 75CB564A 5 Bytes JMP 6AE44BA7 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!SetKeyboardState 75CB6B52 5 Bytes JMP 6B050664 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 001F00A8 .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!SendInput 75CB7055 5 Bytes JMP 6B051228 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!SetCursorPos 75CCC1D8 5 Bytes JMP 6B051280 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!DialogBoxParamA 75CCCF6A 5 Bytes JMP 6B04FE05 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!DialogBoxIndirectParamA 75CCD29C 5 Bytes JMP 6B04FECB C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!MessageBoxIndirectA 75CDE8C9 5 Bytes JMP 6B04FD9A C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!MessageBoxIndirectW 75CDE9C3 5 Bytes JMP 6B04FD2F C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!MessageBoxExA 75CDEA29 5 Bytes JMP 6B04FCCD C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!MessageBoxExW 75CDEA4D 5 Bytes JMP 6B04FC6B C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] USER32.dll!keybd_event 75CDEC9B 5 Bytes JMP 6B0515B3 C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] SHELL32.dll!SHChangeNotification_Lock + 45BA 7609B440 4 Bytes [11, 36, 5E, 70] .text C:\Program Files\Internet Explorer\iexplore.exe[5348] SHELL32.dll!SHChangeNotification_Lock + 45C2 7609B448 8 Bytes [5F, 35, 5E, 70, D0, 73, 5D, ...] .text C:\Program Files\Internet Explorer\iexplore.exe[5348] ole32.dll!OleLoadFromStream 75AD5BF6 5 Bytes JMP 6B0501BB C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5348] ole32.dll!CoCreateInstance 75B2590C 5 Bytes JMP 6AF28C7D C:\Windows\system32\IEFRAME.dll (Przeglądarka internetowa/Microsoft Corporation) .text C:\Windows\System32\svchost.exe[5760] ntdll.dll!LdrUnloadDll 773BBEAF 5 Bytes JMP 0006006C .text C:\Windows\System32\svchost.exe[5760] ntdll.dll!LdrLoadDll 773BF5B5 5 Bytes JMP 00060030 .text C:\Windows\System32\svchost.exe[5760] USER32.dll!UnhookWindowsHookEx 75C8CC7B 5 Bytes JMP 001F0120 .text C:\Windows\System32\svchost.exe[5760] USER32.dll!UnhookWinEvent 75C8D924 5 Bytes JMP 001F006C .text C:\Windows\System32\svchost.exe[5760] USER32.dll!SetWindowsHookExW 75C9210A 5 Bytes JMP 001F00E4 .text C:\Windows\System32\svchost.exe[5760] USER32.dll!SetWinEventHook 75C9507E 5 Bytes JMP 001F0030 .text C:\Windows\System32\svchost.exe[5760] USER32.dll!SetWindowsHookExA 75CB6DFA 5 Bytes JMP 001F00A8 ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\Explorer.EXE[2792] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [71632494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2792] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [71615624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2792] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [716156E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2792] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [7163250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2792] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [71628573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2792] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [71624D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2792] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [716250CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2792] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [716251A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2792] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [716266D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2792] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [716282CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2792] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [71628819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2792] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7162907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2792] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7162E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2792] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [71624C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [705C9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [705D3932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [705D1ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [705CC028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [705D3B9B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [705D595C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [705D47A8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [705D4EB8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [705D1D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [705CF312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [705C9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [705D1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [705D06BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [705CFAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [705D1ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [705D1A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [705D0043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [705D0CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [705D3932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [705D1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [705C9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [705D06BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [705D1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [705D0CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [705D2ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [705CF1BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [705CF312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [705CFAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [705D1A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [705D1ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [705D4EB8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [705D47A8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [705CDF55] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [705D06BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [705D3932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [705CDCFA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [705CDE25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [705D0571] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [705C9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [705D1D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [705CDBCF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [705D41F1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [705D595C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [705D4735] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [705D4B56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [705D823A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [705D89C0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [705D8584] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [705D7E55] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [705D8CD4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [705D90D9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [705D7C72] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [705D8D26] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [705D7F8E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [705D794A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [705D7D19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [705D8898] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [705D86C0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [705D8760] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsContentTypeW] [705D7EF3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegQueryUSValueW] [705D9B99] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegEnumUSKeyW] [705D958E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyA] [705D99D2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [705D8026] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [705D7F42] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [705D7AE4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [705D97FC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCanonicalizeW] [705D7BD1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [705D9C52] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [705D98B5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [705D77ED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [705D96FD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [705D81EE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [705D80BE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [705D8286] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [705D8D75] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [705D7DBA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [705D8F70] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [705D892C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyW] [705D9A2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [705D92E3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [705D9E71] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [705D8E16] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [705D7B33] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [705D9029] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [705D789A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [705D83BC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [705D861C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [705D8A5E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [705D8454] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [705D84EC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [705D9974] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [705D8EBD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [705CD9AD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [705D0F2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [705D1904] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [705D141F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [705D1A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [705D09C2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [705CFAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [705CF834] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [705CF084] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [705D27FF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [705D1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [705CF312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [705CEB7A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [705CE563] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [705D2ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [705D27DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [705CE901] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [705D0043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [705CEE02] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [705D1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [705D1A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [705D9974] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [705D9916] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [705D8A0C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [705D8D26] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [705D8E16] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [705D7D19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [705D8FCE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [705D9E16] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [705D9029] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [705D9E71] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCombineW] [705D7C72] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [705C9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3872] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [705C9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [705C9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [705D3932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [705D1ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [705CC028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [705D3B9B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [705D595C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [705D47A8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [705D4EB8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [705D1D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [705CF312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [705C9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [705D1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [705D06BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [705CFAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [705D1ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [705D1A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [705D0043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [705D0CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [705D3932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [705D1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [705C9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [705D06BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [705D1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [705D0CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [705D2ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [705CF1BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [705CF312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [705CFAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [705D1A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [705D1ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [705D4EB8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [705D47A8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [705CDF55] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [705D06BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [705D3932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [705CDCFA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [705CDE25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [705D0571] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [705C9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [705D1D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [705CDBCF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [705D41F1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [705D595C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [705D4735] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [705D4B56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [705D823A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [705D89C0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [705D8584] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [705D7E55] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [705D8CD4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [705D90D9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [705D7C72] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [705D8D26] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [705D7F8E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [705D794A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [705D7D19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [705D8898] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [705D86C0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [705D8760] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsContentTypeW] [705D7EF3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegQueryUSValueW] [705D9B99] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegEnumUSKeyW] [705D958E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyA] [705D99D2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [705D8026] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [705D7F42] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [705D7AE4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [705D97FC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCanonicalizeW] [705D7BD1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [705D9C52] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [705D98B5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [705D77ED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [705D96FD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [705D81EE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [705D80BE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [705D8286] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [705D8D75] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [705D7DBA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [705D8F70] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [705D892C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyW] [705D9A2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [705D92E3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [705D9E71] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [705D8E16] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [705D7B33] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [705D9029] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [705D789A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [705D83BC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [705D861C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [705D8A5E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [705D8454] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [705D84EC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [705D9974] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [705D8EBD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [705CD9AD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [705D0F2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [705D1904] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [705D141F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [705D1A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [705D09C2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [705CFAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [705CF834] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [705CF084] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [705D27FF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [705D1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [705CF312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [705CEB7A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [705CE563] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [705D2ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [705D27DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [705CE901] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [705D0043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [705CEE02] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [705D1BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [705D1A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [705D9974] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [705D9916] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [705D8A0C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [705D8D26] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [705D8E16] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [705D7D19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [705D8FCE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [705D9E16] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [705D9029] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [705D9E71] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCombineW] [705D7C72] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [705C9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[5348] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [705C9F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- Device \Driver\ACPI_HAL \Device\00000048 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) ---- Processes - GMER 1.0.15 ---- Library C:\Program (*** hidden *** ) @ C:\Program [300] 0x01130000 Library C:\Program (*** hidden *** ) @ C:\Program [300] 0x60E40000 Library C:\Program (*** hidden *** ) @ C:\Program [300] 0x61A10000 Library C:\Program (*** hidden *** ) @ C:\Program Files\Internet Explorer\iexplore.exe [3872] 0x62500000 Library C:\Program (*** hidden *** ) @ C:\Program Files\Internet Explorer\iexplore.exe [3872] 0x60E40000 Library C:\Program (*** hidden *** ) @ C:\Program Files\Internet Explorer\iexplore.exe [3872] 0x61A10000 Library C:\Program (*** hidden *** ) @ C:\Program Files\Internet Explorer\iexplore.exe [3872] 0x07270000 ---- Files - GMER 1.0.15 ---- File C:\## aswSnx private storage 0 bytes File C:\## aswSnx private storage\r10 0 bytes File C:\## aswSnx private storage\snx_rhive 262144 bytes File C:\## aswSnx private storage\snx_rhive.LOG1 25600 bytes File C:\## aswSnx private storage\snx_rhive.LOG2 0 bytes File C:\## aswSnx private storage\snx_rhive{d4d195d7-5518-11e0-af8f-001e33f1f8da}.TM.blf 65536 bytes File C:\## aswSnx private storage\snx_rhive{d4d195d7-5518-11e0-af8f-001e33f1f8da}.TMContainer00000000000000000001.regtrans-ms 524288 bytes File C:\## aswSnx private storage\snx_rhive{d4d195d7-5518-11e0-af8f-001e33f1f8da}.TMContainer00000000000000000002.regtrans-ms 524288 bytes File C:\## aswSnx private storage\webStorage 0 bytes File C:\## aswSnx private storage\webStorage\attrib 0 bytes File C:\## aswSnx private storage\webStorage\image 0 bytes File C:\## aswSnx private storage\webStorage\image\Windows 0 bytes File C:\## aswSnx private storage\webStorage\image\Windows\Prefetch 0 bytes File C:\## aswSnx private storage\webStorage\image\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf 17424 bytes File C:\## aswSnx private storage\webStorage\snx_fs.dat 474 bytes ---- EOF - GMER 1.0.15 ----