Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Google Redirect

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Google Redirect

Unread postby atlmsl » August 25th, 2011, 6:20 pm

When I search for something in google everytime I click on a link it redirects me to a different website. This started about a week ago and no malware removal program I have tried has been able to clear the issue. Here are the logs:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19088
Run by Emily at 18:09:15 on 2011-08-25
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2814.1578 [GMT -4:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\TEMP\iexplore.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
uInternet Settings,ProxyOverride = *.local
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [OE] c:\program files\trend micro\internet security\tmas_oe\TMAS_OEMon.exe
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [AdobeUpdater] "c:\program files\common files\adobe\updater5\AdobeUpdater.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [UfSeAgnt.exe] "c:\program files\trend micro\internet security\UfSeAgnt.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
dRun: [OE] c:\program files\trend micro\internet security\tmas_oe\TMAS_OEMon.exe
dRun: [Qnube] rundll32.exe "c:\windows\system32\config\systemprofile\appdata\local\S0dshlg.dll",Startup
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{A77A7995-D37A-4362-B7B7-C0175079F888} : DhcpNameServer = 192.168.20.10 192.168.10.13
TCP: Interfaces\{F936993B-E4CD-4E81-B03D-8677EFA20460} : DhcpNameServer = 192.168.1.254
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
Hosts: 80.79.117.219 www.google.com
Hosts: 80.79.117.220 search.yahoo.com
Hosts: 80.79.117.220 www.bing.com
.
============= SERVICES / DRIVERS ===============
.
R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;c:\windows\system32\drivers\tmlwf.sys [2008-7-30 145424]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2008-7-30 50256]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2010-10-15 36432]
R2 tmwfp;Trend Micro WFP Callout Driver;c:\windows\system32\drivers\tmwfp.sys [2008-7-30 256528]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-5-3 42528]
S2 a2AntiMalware;Emsisoft Anti-Malware 5.1 - Service;"c:\program files\emsisoft anti-malware\a2service.exe" --> c:\program files\emsisoft anti-malware\a2service.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-8-22 136176]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\sminst\blservice.exe --> c:\windows\sminst\BLService.exe [?]
S2 TmPfw;Trend Micro Personal Firewall;"c:\program files\trend micro\internet security\tmpfw.exe" --> c:\program files\trend micro\internet security\TmPfw.exe [?]
S2 TmProxy;Trend Micro Proxy Service;"c:\program files\trend micro\internet security\tmproxy.exe" --> c:\program files\trend micro\internet security\TmProxy.exe [?]
S2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\viewpoint\common\viewpointservice.exe" --> c:\program files\viewpoint\common\ViewpointService.exe [?]
S3 Com4QLBEx;Com4QLBEx;"c:\program files\hewlett-packard\hp quick launch buttons\com4qlbex.exe" --> c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-8-22 136176]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-08-25 22:05:14 388096 ----a-r- c:\users\emily\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-08-25 21:38:29 -------- d-----w- c:\users\emily\appdata\roaming\EurekaLog
2011-08-25 16:19:29 -------- d-----w- c:\program files\Emsisoft Anti-Malware
2011-08-25 15:39:55 -------- d-----w- c:\users\emily\appdata\roaming\Malwarebytes
2011-08-25 15:39:16 -------- d-----w- c:\programdata\Malwarebytes
2011-08-25 15:39:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-25 01:17:14 -------- d-----w- c:\users\emily\appdata\local\WindowsUpdate
2011-08-24 07:18:07 7152464 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{7cc75c1f-4821-415b-890f-fb7e1adfb159}\mpengine.dll
2011-08-23 03:20:19 231424 ----a-w- c:\windows\system32\msshsq.dll
2011-08-23 03:12:02 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-08-23 02:39:16 -------- d-----w- c:\windows\system32\eu-ES
2011-08-23 02:39:16 -------- d-----w- c:\windows\system32\ca-ES
2011-08-23 02:39:15 -------- d-----w- c:\windows\system32\vi-VN
2011-08-23 02:11:12 -------- d-----w- c:\windows\system32\EventProviders
2011-08-23 00:38:46 -------- d-----w- c:\users\emily\appdata\local\Google
2011-08-16 00:35:41 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-08-16 00:28:26 64512 ----a-w- c:\windows\system32\drivers\SETCDA9.tmp
2011-08-16 00:27:43 -------- d-----w- c:\program files\Lavasoft
2011-08-14 23:58:57 877568 ----a-w- c:\programdata\863E.tmp
2011-08-14 23:58:57 854528 ----a-w- c:\programdata\9EED.tmp
2011-08-09 22:38:12 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
.
==================== Find3M ====================
.
2011-08-25 20:51:10 185856 ----a-w- c:\windows\system32\drivers\netbt.sys
2011-06-02 13:34:49 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-05-28 06:08:58 916480 ----a-w- c:\windows\system32\wininet.dll
2011-05-28 06:04:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-05-28 06:04:17 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-05-28 06:04:03 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-05-28 06:04:03 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-05-28 05:10:26 385024 ----a-w- c:\windows\system32\html.iec
2011-05-28 04:33:03 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-05-28 04:31:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.0.6002
.
CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.
device: opened successfully
user: error reading MBR
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x8688F4C0]<<
_asm { MOV EAX, [ESP+0x4]; MOV ECX, [0x868968a4]; PUSH ESI; MOV ESI, [ESP+0xc]; PUSH EDI; MOV EDI, [ESI+0x60]; CMP EAX, [0x86896730]; JNZ 0x1f; MOV [ESP+0xc], ECX; }
1 ntkrnlpa!IofCallDriver[0x81E63912] -> \Device\Harddisk0\DR0[0x85B7A688]
3 CLASSPNP[0x807A28B3] -> ntkrnlpa!IofCallDriver[0x81E63912] -> [0x8598B918]
5 acpi[0x806106BC] -> ntkrnlpa!IofCallDriver[0x81E63912] -> [0x8596B5E0]
\Driver\atapi[0x8683CC10] -> IRP_MJ_CREATE -> 0x8688F4C0
kernel: MBR read successfully
_asm { XOR DI, DI; MOV SI, 0x200; MOV SS, DI; MOV SP, 0x7a00; MOV BX, 0x7a0; MOV CX, SI; MOV DS, BX; MOV ES, BX; REP MOVSB ; JMP FAR 0x7a0:0x72; }
user != kernel MBR !!!
Warning: possible TDL4 rootkit infection !
TDL4 rootkit infection detected ! Use: "mbr.exe -f" to fix.
.
============= FINISH: 18:10:20.19 ===============




.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 7/30/2008 10:44:01 AM
System Uptime: 8/25/2011 5:52:51 PM (1 hours ago)
.
Motherboard: Wistron | | 360A
Processor: AMD Turion Dual-Core RM-70 | Socket A | 1000/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 176 GiB total, 144.603 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 1.743 GiB free.
E: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0002
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter
PNP Device ID: ROOT\*ISATAP\0002
Service: tunnel
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.3
Adobe Shockwave Player
AIM 6
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Driver Installation Program
Bonjour
Cards_Calendar_OrderGift_DoMorePlugout
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Conexant HD Audio
CyberLink DVD Suite
Google Toolbar for Internet Explorer
Google Update Helper
HDAUDIO Soft Data Fax Modem with SmartCP
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Doc Viewer
HP DVD Play 3.7
HP Help and Support
HP Photosmart Essential 2.5
HP Quick Launch Buttons 6.40 D3
HP Smart Web Printing
HP Total Care Advisor
HP Update
HP User Guides 0110
HP Wireless Assistant
HPNetworkAssistant
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabel_Tattoo
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotoSmartPhotobookHolidayPack1
HPPhotoSmartPhotobookModernPack1
HPPhotoSmartPhotobookPlayfulPack1
HPPhotoSmartPhotobookScrapbookPack1
HPPhotoSmartPhotobookWebPack1
HPTCSSetup
iTunes
Java(TM) 6 Update 17
Java(TM) 6 Update 5
LabelPrint
LightScribe System Software 1.12.33.2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.1
My HP Games
NetWaiting
NVIDIA Drivers
Power2Go
PowerDirector
PSSWCORE
PVSonyDll
QuickPlay SlingPlayer 0.4.6
QuickTime
Realtek USB 2.0 Card Reader
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Spelling Dictionaries Support For Adobe Reader 8
Synaptics Pointing Device Driver
Trend Micro Internet Security
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Office 2007 (KB934528)
VideoToolkit01
Viewpoint Media Player
.
==== Event Viewer Messages From Past Week ========
.
8/25/2011 5:57:08 PM, Error: Service Control Manager [7000] - The hpqwmiex service failed to start due to the following error: The system cannot find the file specified.
8/25/2011 5:56:05 PM, Error: Service Control Manager [7000] - The Emsisoft Anti-Malware 5.1 - Service service failed to start due to the following error: Access is denied.
8/25/2011 5:55:35 PM, Error: Service Control Manager [7000] - The HP Health Check Service service failed to start due to the following error: The system cannot find the file specified.
8/25/2011 5:54:56 PM, Error: Service Control Manager [7000] - The XAudioService service failed to start due to the following error: The system cannot find the file specified.
8/25/2011 5:54:56 PM, Error: Service Control Manager [7000] - The Viewpoint Manager Service service failed to start due to the following error: The system cannot find the file specified.
8/25/2011 5:54:56 PM, Error: Service Control Manager [7000] - The Trend Micro Unauthorized Change Prevention Service service failed to start due to the following error: The system cannot find the file specified.
8/25/2011 5:54:56 PM, Error: Service Control Manager [7000] - The Trend Micro Proxy Service service failed to start due to the following error: The system cannot find the file specified.
8/25/2011 5:54:56 PM, Error: Service Control Manager [7000] - The Trend Micro Personal Firewall service failed to start due to the following error: The system cannot find the file specified.
8/25/2011 5:54:56 PM, Error: Service Control Manager [7000] - The Trend Micro Central Control Component service failed to start due to the following error: The system cannot find the file specified.
8/25/2011 5:54:56 PM, Error: Service Control Manager [7000] - The Recovery Service for Windows service failed to start due to the following error: The system cannot find the file specified.
8/25/2011 5:54:56 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
8/25/2011 5:54:56 PM, Error: Service Control Manager [7000] - The NVIDIA Display Driver Service service failed to start due to the following error: The system cannot find the file specified.
8/25/2011 5:54:56 PM, Error: Service Control Manager [7000] - The Machine Debug Manager service failed to start due to the following error: The system cannot find the file specified.
8/25/2011 5:54:56 PM, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The system cannot find the file specified.
8/25/2011 5:54:56 PM, Error: Service Control Manager [7000] - The Cyberlink RichVideo Service(CRVS) service failed to start due to the following error: The system cannot find the file specified.
8/25/2011 5:54:56 PM, Error: Service Control Manager [7000] - The Com4QLBEx service failed to start due to the following error: The system cannot find the file specified.
8/25/2011 5:54:56 PM, Error: Service Control Manager [7000] - The Bonjour Service service failed to start due to the following error: The system cannot find the file specified.
8/25/2011 5:54:56 PM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The system cannot find the file specified.
8/25/2011 5:53:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "2" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
8/25/2011 5:53:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "2" attempting to start the service Com4QLBEx with arguments "" in order to run the server: {DB536E5D-10F7-4B34-B443-140161048E2E}
8/25/2011 5:53:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "2" attempting to start the service SfCtlCom with arguments "" in order to run the server: {1A65BAB7-30B1-4FB7-BC13-D00C28FCF605}
8/25/2011 5:53:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "2" attempting to start the service hpqwmiex with arguments "" in order to run the server: {F5539356-2F02-40D4-999E-FA61F45FE12E}
8/25/2011 12:59:42 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr tdx tmlwf tmtdi Wanarpv6
8/25/2011 12:59:42 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
8/25/2011 12:59:42 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
8/25/2011 12:59:42 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
8/25/2011 12:59:42 PM, Error: Service Control Manager [7001] - The Trend Micro Proxy Service service depends on the Trend Micro TDI Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/25/2011 12:59:42 PM, Error: Service Control Manager [7001] - The Trend Micro Personal Firewall service depends on the Trend Micro NDIS 6.0 Filter Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/25/2011 12:59:42 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
8/25/2011 12:59:42 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
8/25/2011 12:59:42 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
8/25/2011 12:59:42 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
8/25/2011 12:59:42 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
8/25/2011 12:59:42 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
8/25/2011 12:59:42 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
8/25/2011 12:59:42 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
8/25/2011 12:59:42 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/25/2011 12:59:42 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
8/25/2011 12:59:42 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
8/25/2011 12:59:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
8/25/2011 12:58:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
8/25/2011 12:58:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
8/25/2011 12:58:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
8/25/2011 12:58:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
8/25/2011 12:58:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/25/2011 12:58:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
8/25/2011 12:40:11 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 3 time(s).
8/25/2011 12:37:01 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/25/2011 12:35:51 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Health Check Service service to connect.
8/25/2011 12:35:51 PM, Error: Service Control Manager [7000] - The HP Health Check Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/25/2011 12:34:24 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect.
8/25/2011 12:34:24 PM, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/25/2011 12:34:24 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
8/25/2011 12:33:56 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/25/2011 12:33:56 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Bonjour Service service to connect.
8/25/2011 12:33:56 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
8/25/2011 12:33:56 PM, Error: Service Control Manager [7000] - The Trend Micro Personal Firewall service failed to start due to the following error: Trend Micro Personal Firewall is not a valid Win32 application.
8/25/2011 12:33:56 PM, Error: Service Control Manager [7000] - The Trend Micro Central Control Component service failed to start due to the following error: Trend Micro Central Control Component is not a valid Win32 application.
8/25/2011 12:33:56 PM, Error: Service Control Manager [7000] - The Bonjour Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/25/2011 12:33:56 PM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/25/2011 12:33:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "193" attempting to start the service SfCtlCom with arguments "" in order to run the server: {1A65BAB7-30B1-4FB7-BC13-D00C28FCF605}
8/25/2011 12:28:46 PM, Error: Service Control Manager [7031] - The Emsisoft Anti-Malware 5.1 - Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
8/24/2011 9:46:59 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
8/24/2011 9:21:22 PM, Error: EventLog [6008] - The previous system shutdown at 9:18:35 PM on 8/24/2011 was unexpected.
8/24/2011 9:15:02 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 17 time(s).
8/24/2011 8:52:04 PM, Error: Service Control Manager [7034] - The Trend Micro Personal Firewall service terminated unexpectedly. It has done this 1 time(s).
8/24/2011 8:41:56 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 16 time(s).
8/24/2011 8:28:17 AM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 12 time(s).
8/24/2011 8:27:55 AM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 11 time(s).
8/24/2011 8:21:23 AM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 10 time(s).
8/24/2011 8:02:10 AM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 9 time(s).
8/24/2011 7:52:01 AM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 8 time(s).
8/24/2011 7:51:22 AM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 7 time(s).
8/24/2011 7:36:42 AM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 6 time(s).
8/24/2011 7:33:03 AM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 5 time(s).
8/24/2011 7:32:48 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 15 time(s).
8/24/2011 7:30:48 AM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 4 time(s).
8/24/2011 6:00:37 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 14 time(s).
8/24/2011 5:41:09 AM, Error: EventLog [6008] - The previous system shutdown at 5:39:11 AM on 8/24/2011 was unexpected.
8/24/2011 5:40:28 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 13 time(s).
8/24/2011 11:12:56 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Remote Access Connection Manager service, but this action failed with the following error: An instance of the service is already running.
8/22/2011 11:42:57 PM, Error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
8/22/2011 11:37:28 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
8/22/2011 11:24:37 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Profile Service service, but this action failed with the following error: An instance of the service is already running.
8/22/2011 11:21:37 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Background Intelligent Transfer Service service, but this action failed with the following error: An instance of the service is already running.
.
==== End Of File ===========================
atlmsl
Regular Member
 
Posts: 40
Joined: August 25th, 2011, 6:12 pm
Advertisement
Register to Remove

Re: Google Redirect

Unread postby deltalima » August 29th, 2011, 1:01 pm

Checking your log - back soon.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Google Redirect

Unread postby deltalima » August 29th, 2011, 1:08 pm

Hi atlmsl,

Welcome to the forum.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Please note the following:
  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please do not run any scans or make any changes to the system unless I ask you too.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

Please Note:
The programs I ask you to run need to be run in Administrator Mode by... Right clicking the program file and selecting: Run as Administrator.
Additionally, the built-in User Account Control (UAC) utility, if enabled, may prompt you for permission to run the program.
When prompted, please select: Allow. Reference: User Account Control (UAC) and Running as Administrator

Download and run OTL
Download OTL by Old Timer and save it to your Desktop.
  • Right click on OTL.exe and select: Run as Administrator.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

Please download GMER Rootkit Scanner from here.
  • Right click the .exe file and select: Run as Administrator. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO.
  • Run Gmer again and click on the Rootkit tab.
  • Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
  • Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All".
  • Click on the "Scan" and wait for the scan to finish.
    Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan.
  • When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply.
  • Note: If you have any problems, try running GMER in SAFE MODE
Important! Please do not select the "Show all" checkbox during the scan..

Please post the GMER log along with OTL.txt and Extras.txt from the OTL scan into your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Google Redirect

Unread postby atlmsl » August 30th, 2011, 6:29 pm

OTL logfile created on: 8/30/2011 4:14:01 PM - Run 1
OTL by OldTimer - Version 3.2.26.7 Folder = C:\Users\Emily\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.13 Gb Available Physical Memory | 41.29% Memory free
5.72 Gb Paging File | 4.05 Gb Available in Paging File | 70.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 176.49 Gb Total Space | 142.70 Gb Free Space | 80.86% Space Free | Partition Type: NTFS
Drive D: | 9.82 Gb Total Space | 1.74 Gb Free Space | 17.75% Space Free | Partition Type: NTFS
Drive E: | 434.18 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: EMILY-PC | User Name: Emily | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Emily\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files\Java\jre6\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
PRC - C:\Windows\System32\wermgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - c:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEHook.dll ()
MOD - C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll ()
MOD - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll ()
MOD - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll ()
MOD - C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll ()
MOD - C:\Program Files\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files\Common Files\LightScribe\QtCore4.dll ()


========== Win32 Services (SafeList) ==========

SRV - (XAudioService) -- File not found
SRV - (Viewpoint Manager Service) -- File not found
SRV - (TmProxy) -- File not found
SRV - (TmPfw) -- File not found
SRV - (TMBMServer) -- File not found
SRV - (SfCtlCom) -- File not found
SRV - (RichVideo) Cyberlink RichVideo Service(CRVS) -- File not found
SRV - (Recovery Service for Windows) -- File not found
SRV - (nvsvc) -- File not found
SRV - (MDM) -- File not found
SRV - (LightScribeService) -- File not found
SRV - (iPod Service) -- File not found
SRV - (hpqwmiex) -- File not found
SRV - (HP Health Check Service) -- File not found
SRV - (Com4QLBEx) -- File not found
SRV - (Bonjour Service) -- File not found
SRV - (Apple Mobile Device) -- File not found
SRV - (a2AntiMalware) -- File not found
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (tmxpflt) -- C:\Windows\System32\drivers\tmxpflt.sys (Trend Micro Inc.)
DRV - (tmpreflt) -- C:\Windows\System32\drivers\tmpreflt.sys (Trend Micro Inc.)
DRV - (vsapint) -- C:\Windows\System32\drivers\vsapint.sys (Trend Micro Inc.)
DRV - (tmactmon) -- C:\Windows\System32\drivers\tmactmon.sys (Trend Micro Inc.)
DRV - (tmevtmgr) -- C:\Windows\System32\drivers\tmevtmgr.sys (Trend Micro Inc.)
DRV - (tmcomm) -- C:\Windows\System32\drivers\tmcomm.sys (Trend Micro Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (tmtdi) -- C:\Windows\System32\drivers\tmtdi.sys (Trend Micro Inc.)
DRV - (tmwfp) -- C:\Windows\System32\drivers\tmwfp.sys (Trend Micro Inc.)
DRV - (tmlwf) -- C:\Windows\System32\drivers\tmlwf.sys (Trend Micro Inc.)
DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (HpqRemHid) -- C:\Windows\System32\drivers\HpqRemHid.sys (Hewlett-Packard Development Company, L.P.)
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2620928732-3682118459-1693862386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
IE - HKU\S-1-5-21-2620928732-3682118459-1693862386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2620928732-3682118459-1693862386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2620928732-3682118459-1693862386-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2620928732-3682118459-1693862386-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008/06/25 02:50:52 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011/08/22 10:44:29 | 000,000,888 | RH-- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 80.79.117.220 search.yahoo.com
O1 - Hosts: 80.79.117.220 www.bing.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKU\.DEFAULT..\Run: [Qnube] C:\Windows\System32\config\systemprofile\AppData\Local\S0dshlg.dll (Agere Systems)
O4 - HKU\S-1-5-18..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKU\S-1-5-18..\Run: [Qnube] C:\Windows\System32\config\systemprofile\AppData\Local\S0dshlg.dll (Agere Systems)
O4 - HKU\S-1-5-19..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2620928732-3682118459-1693862386-1000..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-2620928732-3682118459-1693862386-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.65.67 213.109.72.102
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\San Francisco.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\San Francisco.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/25 02:20:48 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/01/14 05:31:41 | 000,000,042 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{892a13c6-9037-11dd-ac17-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{892a13c6-9037-11dd-ac17-806e6f6e6963}\Shell\AutoRun\command - "" = E:\browsercall.exe start.html
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/30 16:10:50 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Emily\Desktop\OTL.exe
[2011/08/30 16:05:45 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/08/26 03:27:36 | 000,841,728 | ---- | C] (Heaventools Software) -- C:\ProgramData\defender.exe
[2011/08/25 18:08:56 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Emily\Desktop\dds.scr
[2011/08/25 18:05:14 | 000,000,000 | ---D | C] -- C:\Users\Emily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/08/25 17:38:29 | 000,000,000 | ---D | C] -- C:\Users\Emily\AppData\Roaming\EurekaLog
[2011/08/25 12:19:29 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2011/08/25 12:19:29 | 000,000,000 | ---D | C] -- C:\Users\Emily\Documents\Anti-Malware
[2011/08/25 11:39:55 | 000,000,000 | ---D | C] -- C:\Users\Emily\AppData\Roaming\Malwarebytes
[2011/08/25 11:39:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/08/25 11:39:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/24 21:17:14 | 000,000,000 | ---D | C] -- C:\Users\Emily\AppData\Local\WindowsUpdate
[2011/08/22 23:20:19 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011/08/22 23:12:02 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011/08/22 22:39:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2011/08/22 22:39:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2011/08/22 22:39:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2011/08/22 22:11:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/08/22 20:45:16 | 000,000,000 | ---D | C] -- C:\Users\Emily\AppData\Roaming\Google
[2011/08/22 20:38:46 | 000,000,000 | ---D | C] -- C:\Users\Emily\AppData\Local\Google
[2011/08/22 20:38:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011/08/22 20:38:23 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011/08/15 20:35:41 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011/08/15 20:27:43 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2011/08/15 20:27:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2011/08/14 19:58:15 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/30 16:10:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Emily\Desktop\OTL.exe
[2011/08/30 15:57:29 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{BBCC01AF-861E-4B22-A02D-8F618AE85B08}.job
[2011/08/30 15:57:03 | 000,841,728 | ---- | M] (Heaventools Software) -- C:\ProgramData\defender.exe
[2011/08/30 15:57:03 | 000,000,589 | ---- | M] () -- C:\Users\Public\Desktop\Security Protection.lnk
[2011/08/30 15:47:44 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/30 15:47:44 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/30 15:46:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/30 15:38:58 | 000,000,246 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2011/08/30 15:38:42 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/30 15:38:27 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/30 15:38:27 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/30 15:38:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/26 03:12:27 | 000,000,916 | RH-- | M] () -- C:\Windows\System32\drivers\etc\hosts.87023FB57571AF3A
[2011/08/25 18:09:00 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Emily\Desktop\dds.scr
[2011/08/25 18:05:42 | 000,002,523 | ---- | M] () -- C:\Users\Emily\Desktop\HiJackThis.lnk
[2011/08/25 18:04:07 | 001,402,880 | ---- | M] () -- C:\Users\Emily\Desktop\HijackThis.msi
[2011/08/25 17:53:07 | 118,188,422 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/08/25 13:05:15 | 000,001,356 | ---- | M] () -- C:\Users\Emily\AppData\Local\d3d9caps.dat
[2011/08/25 12:33:40 | 000,048,639 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/08/25 12:33:40 | 000,048,639 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/08/25 12:33:09 | 000,000,000 | ---- | M] () -- C:\Windows\3203397148
[2011/08/22 22:42:43 | 000,391,440 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/08/22 10:44:29 | 000,000,888 | RH-- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/08/15 20:36:04 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/08/15 20:35:37 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/25 18:05:14 | 000,002,523 | ---- | C] () -- C:\Users\Emily\Desktop\HiJackThis.lnk
[2011/08/25 18:03:52 | 001,402,880 | ---- | C] () -- C:\Users\Emily\Desktop\HijackThis.msi
[2011/08/25 12:57:50 | 118,188,422 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/08/24 19:34:11 | 000,000,000 | ---- | C] () -- C:\Windows\3203397148
[2011/08/23 09:51:51 | 000,000,589 | ---- | C] () -- C:\Users\Public\Desktop\Security Protection.lnk
[2011/08/22 20:38:55 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/22 20:38:54 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/15 20:29:49 | 000,000,384 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/04/01 18:52:23 | 000,001,356 | ---- | C] () -- C:\Users\Emily\AppData\Local\d3d9caps.dat
[2010/12/10 17:09:09 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/12/10 17:09:08 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/12/03 00:26:04 | 000,003,584 | ---- | C] () -- C:\Users\Emily\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/01 17:46:24 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/10/01 17:37:17 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/07/30 11:21:09 | 000,048,639 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008/07/30 11:20:41 | 000,048,639 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/07/30 10:50:08 | 000,003,948 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008/06/25 02:36:20 | 000,101,605 | ---- | C] () -- C:\Windows\hpqins13.dat
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,391,440 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/09 05:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

< End of report >






OTL Extras logfile created on: 8/30/2011 4:14:01 PM - Run 1
OTL by OldTimer - Version 3.2.26.7 Folder = C:\Users\Emily\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.13 Gb Available Physical Memory | 41.29% Memory free
5.72 Gb Paging File | 4.05 Gb Available in Paging File | 70.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 176.49 Gb Total Space | 142.70 Gb Free Space | 80.86% Space Free | Partition Type: NTFS
Drive D: | 9.82 Gb Total Space | 1.74 Gb Free Space | 17.75% Space Free | Partition Type: NTFS
Drive E: | 434.18 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: EMILY-PC | User Name: Emily | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12B8D46A-9971-4611-A591-7254BD7DBD68}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1378A3D2-157A-46A2-8CE7-DCE7CC4062FF}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{2DF2CD0B-8A01-4D88-948E-21E65A3EEB92}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{78946C39-7433-4430-8B05-9EAF59BB895A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8053CB18-B3DE-4FCA-BEC2-2885F67B302B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{902C1511-41EA-4F94-8EAA-2178A9826391}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{921DF281-DC7D-4F62-80F2-6A5E9FE8F69F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{97A432DB-5612-448D-BF6D-2036BCA436B6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{ADA792BB-98B8-4036-8044-3B9513557D6A}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{B0C72387-179A-4CC3-A0F1-C2FBAE03795B}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{D5E415DA-5345-429D-AA29-3B51F8B27BF6}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{EC362E6C-7B02-4F66-BCF2-292716499F09}" = dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{33A846D1-E1E2-4C43-BBB6-C5B5891B0009}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{3A728F72-AEE7-4DF4-B7A1-5828132F2597}C:\program files\java\jre6\bin\jucheck.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\jucheck.exe |
"TCP Query User{5155C627-62FC-4E1E-A8A0-2512406775A8}C:\windows\system32\msfeedssync.exe" = protocol=6 | dir=in | app=c:\windows\system32\msfeedssync.exe |
"TCP Query User{94A51011-A056-4BCF-9C80-EB815AA4FFCC}C:\windows\system32\wermgr.exe" = protocol=6 | dir=in | app=c:\windows\system32\wermgr.exe |
"TCP Query User{AE7979AF-F431-4F1D-9D81-792A8B89754F}C:\windows\system32\wercon.exe" = protocol=6 | dir=in | app=c:\windows\system32\wercon.exe |
"TCP Query User{D5249B8A-B33F-42F8-897B-85CF0720890D}C:\windows\system32\wermgr.exe" = protocol=6 | dir=in | app=c:\windows\system32\wermgr.exe |
"TCP Query User{D59F40A1-7707-4D17-9D7C-A6F61CDB4187}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{D865E920-1920-4A6E-9198-9399C1611958}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{FC24ACF2-9063-4C75-8F22-E9E76E1785C0}C:\program files\malwarebytes' anti-malware\mbam.exe" = protocol=6 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe |
"UDP Query User{10369CA7-4793-4B36-9C25-08A1F06B5A63}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{4CB39F20-E7A6-475C-8F39-4F0569EF629B}C:\windows\system32\wermgr.exe" = protocol=17 | dir=in | app=c:\windows\system32\wermgr.exe |
"UDP Query User{60880C17-4991-4855-9826-ADD2FD514CEF}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{91930B5D-7109-44C6-887C-595821FBBDCB}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{B988C65F-5AEB-4EE5-BB01-9BF1FC154EB0}C:\windows\system32\wermgr.exe" = protocol=17 | dir=in | app=c:\windows\system32\wermgr.exe |
"UDP Query User{D304E775-B6AB-44D8-8F59-08FE58D0D0CC}C:\windows\system32\msfeedssync.exe" = protocol=17 | dir=in | app=c:\windows\system32\msfeedssync.exe |
"UDP Query User{D8FA5273-716C-4B75-97DF-CC6155613460}C:\program files\java\jre6\bin\jucheck.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\jucheck.exe |
"UDP Query User{DA2E338D-1AC5-40A0-AC9E-654EDF74F35D}C:\program files\malwarebytes' anti-malware\mbam.exe" = protocol=17 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe |
"UDP Query User{F053014F-A85E-4938-B0CE-DF6D58339665}C:\windows\system32\wercon.exe" = protocol=17 | dir=in | app=c:\windows\system32\wercon.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 17
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{340F521E-3576-4E1A-B75C-EB0ACF751379}" = HP Wireless Assistant
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D3
"{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}" = muvee autoProducer 6.1
"{380357CA-29F4-4B3C-B401-32C057E6B59B}" = HP Smart Web Printing
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40E12A55-C504-4223-AFAC-7672DBF1ACDE}" = Trend Micro Internet Security
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{582287DA-0806-4AC0-BF19-C15E3A466034}" = LightScribe System Software 1.12.33.2
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro Internet Security
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{8DF92D68-F8EE-4F9C-89A2-26254C1C4B6B}" = HP Help and Support
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B640E7CC-7091-4A24-AE76-2140065D2054}" = HP User Guides 0110
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AIM_6" = AIM 6
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent hp Master Uninstall" = My HP Games

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/30/2011 3:43:31 PM | Computer Name = Emily-PC | Source = SPP | ID = 16387
Description =

Error - 8/30/2011 3:43:31 PM | Computer Name = Emily-PC | Source = System Restore | ID = 8193
Description =

Error - 8/30/2011 3:44:34 PM | Computer Name = Emily-PC | Source = SPP | ID = 16387
Description =

Error - 8/30/2011 3:44:34 PM | Computer Name = Emily-PC | Source = System Restore | ID = 8193
Description =

Error - 8/30/2011 3:45:18 PM | Computer Name = Emily-PC | Source = Application Error | ID = 1000
Description = Faulting application spoolsv.exe, version 6.0.6002.18294, time stamp
0x4c6a9898, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0xfffefc85, process id 0xe10, application start time
0x01cc674d0f9ab9a0.

Error - 8/30/2011 3:53:55 PM | Computer Name = Emily-PC | Source = Application Error | ID = 1000
Description = Faulting application spoolsv.exe, version 6.0.6002.18294, time stamp
0x4c6a9898, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0xfffefc85, process id 0x1398, application start time
0x01cc674e8a63a880.

Error - 8/30/2011 3:54:26 PM | Computer Name = Emily-PC | Source = Application Error | ID = 1000
Description = Faulting application defender.exe, version 6.1.7600.16385, time stamp
0x4dc1cdd0, faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967,
exception code 0xc0000005, fault offset 0x000bfea5, process id 0x152c, application
start time 0x01cc674e9d4ce7e0.

Error - 8/30/2011 3:56:45 PM | Computer Name = Emily-PC | Source = Application Error | ID = 1000
Description = Faulting application spoolsv.exe, version 6.0.6002.18294, time stamp
0x4c6a9898, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0xfffefc85, process id 0x14a4, application start time
0x01cc674ef09f9820.

Error - 8/30/2011 4:13:02 PM | Computer Name = Emily-PC | Source = Windows Search Service | ID = 3006
Description =

Error - 8/30/2011 4:13:03 PM | Computer Name = Emily-PC | Source = Windows Search Service | ID = 3007
Description =

[ Media Center Events ]
Error - 3/25/2009 10:06:35 AM | Computer Name = Emily-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 4/18/2009 5:55:01 AM | Computer Name = Emily-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/17/2009 8:00:50 AM | Computer Name = Emily-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.

[ OSession Events ]
Error - 1/18/2011 8:00:41 AM | Computer Name = Emily-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 632
seconds with 600 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 8/30/2011 3:54:22 PM | Computer Name = Emily-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 8/30/2011 3:57:03 PM | Computer Name = Emily-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 8/30/2011 3:57:26 PM | Computer Name = Emily-PC | Source = DCOM | ID = 10005
Description =

Error - 8/30/2011 3:57:26 PM | Computer Name = Emily-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/30/2011 3:57:26 PM | Computer Name = Emily-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/30/2011 4:13:02 PM | Computer Name = Emily-PC | Source = DCOM | ID = 10005
Description =

Error - 8/30/2011 4:13:02 PM | Computer Name = Emily-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 8/30/2011 4:13:02 PM | Computer Name = Emily-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/30/2011 4:20:40 PM | Computer Name = Emily-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 8/30/2011 4:20:40 PM | Computer Name = Emily-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >
atlmsl
Regular Member
 
Posts: 40
Joined: August 25th, 2011, 6:12 pm

Re: Google Redirect

Unread postby atlmsl » August 30th, 2011, 6:35 pm

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-08-30 18:09:44
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdePort3 ST9200827AS rev.3.BHA
Running: spxvbjp1.exe; Driver: C:\Users\Emily\AppData\Local\Temp\fgloapod.sys


---- System - GMER 1.0.15 ----

SSDT 8823A000 ZwCreateKey
SSDT 88239240 ZwCreateProcess
SSDT 88239500 ZwCreateProcessEx
SSDT 8823AE60 ZwCreateThread
SSDT 8823A580 ZwDeleteKey
SSDT 8823A840 ZwDeleteValueKey
SSDT 8823B1A0 ZwLoadDriver
SSDT 88239A80 ZwOpenProcess
SSDT 8823A2C0 ZwSetValueKey
SSDT 88239D40 ZwTerminateProcess
SSDT 8823ACC0 ZwWriteVirtualMemory
SSDT 8823B000 ZwCreateThreadEx
SSDT 882397C0 ZwCreateUserProcess

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 1E9 81EEE96C 4 Bytes [00, A0, 23, 88]
.text ntkrnlpa.exe!KeSetEvent + 209 81EEE98C 8 Bytes [40, 92, 23, 88, 00, 95, 23, ...] {INC EAX; XCHG EDX, EAX; AND ECX, [EAX-0x77dc6b00]}
.text ntkrnlpa.exe!KeSetEvent + 221 81EEE9A4 4 Bytes [60, AE, 23, 88]
.text ntkrnlpa.exe!KeSetEvent + 2D5 81EEEA58 4 Bytes [80, A5, 23, 88]
.text ntkrnlpa.exe!KeSetEvent + 2E1 81EEEA64 4 Bytes [40, A8, 23, 88]
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Windows\system32\svchost.exe[1040] USER32.dll!WindowFromPoint 77DD884F 5 Bytes JMP 0224000A
.text C:\Windows\system32\svchost.exe[1040] USER32.dll!GetForegroundWindow 77DE32C4 5 Bytes JMP 0225000A
.text C:\Windows\system32\svchost.exe[1040] USER32.dll!GetCursorPos 77DF0B88 5 Bytes JMP 0223000A
.text C:\Windows\system32\svchost.exe[1040] ole32.dll!CoCreateInstance 77A69F3E 5 Bytes JMP 0067000A
.text C:\Windows\system32\svchost.exe[1040] USER32.dll!WindowFromPoint 77DD884F 5 Bytes JMP 0224000A
.text C:\Windows\system32\svchost.exe[1040] USER32.dll!GetForegroundWindow 77DE32C4 5 Bytes JMP 0225000A
.text C:\Windows\system32\svchost.exe[1040] USER32.dll!GetCursorPos 77DF0B88 5 Bytes JMP 0223000A
.text C:\Windows\system32\svchost.exe[1040] ole32.dll!CoCreateInstance 77A69F3E 5 Bytes JMP 0067000A
.text C:\Program Files\Internet Explorer\iexplore.exe[1872] USER32.dll!CreateWindowExW 77DE1305 5 Bytes JMP 6E46DB04 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1872] USER32.dll!DialogBoxParamW 77E010B0 5 Bytes JMP 6E3954C5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1872] USER32.dll!DialogBoxIndirectParamW 77E02EF5 5 Bytes JMP 6E565329 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1872] USER32.dll!DialogBoxParamA 77E18152 5 Bytes JMP 6E5652C6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1872] USER32.dll!DialogBoxIndirectParamA 77E1847D 5 Bytes JMP 6E56538C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1872] USER32.dll!MessageBoxIndirectA 77E2D4D9 5 Bytes JMP 6E56525B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1872] USER32.dll!MessageBoxIndirectW 77E2D5D3 5 Bytes JMP 6E5651F0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1872] USER32.dll!MessageBoxExA 77E2D639 5 Bytes JMP 6E56518E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1872] USER32.dll!MessageBoxExW 77E2D65D 5 Bytes JMP 6E56512C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1872] USER32.dll!CreateWindowExW 77DE1305 5 Bytes JMP 6E46DB04 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1872] USER32.dll!DialogBoxParamW 77E010B0 5 Bytes JMP 6E3954C5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1872] USER32.dll!DialogBoxIndirectParamW 77E02EF5 5 Bytes JMP 6E565329 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1872] USER32.dll!DialogBoxParamA 77E18152 5 Bytes JMP 6E5652C6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1872] USER32.dll!DialogBoxIndirectParamA 77E1847D 5 Bytes JMP 6E56538C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1872] USER32.dll!MessageBoxIndirectA 77E2D4D9 5 Bytes JMP 6E56525B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1872] USER32.dll!MessageBoxIndirectW 77E2D5D3 5 Bytes JMP 6E5651F0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1872] USER32.dll!MessageBoxExA 77E2D639 5 Bytes JMP 6E56518E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1872] USER32.dll!MessageBoxExW 77E2D65D 5 Bytes JMP 6E56512C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!CreateDialogParamW 77DD72A2 5 Bytes JMP 6E46DE90 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!GetAsyncKeyState 77DD863C 5 Bytes JMP 6E388EFF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!SetWindowsHookExW 77DD87AD 5 Bytes JMP 6E469A91 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!CallNextHookEx 77DD8E3B 5 Bytes JMP 6E45D0CD C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!UnhookWindowsHookEx 77DD98DB 5 Bytes JMP 6E3D466E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!EnableWindow 77DDCD8B 5 Bytes JMP 6E46DD1D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!CreateWindowExW 77DE1305 5 Bytes JMP 6E46DB04 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!GetKeyState 77DE8CB1 5 Bytes JMP 6E46D2CB C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!IsDialogMessageW 77DF0745 5 Bytes JMP 6E3959D7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!CreateDialogParamA 77DF17AA 5 Bytes JMP 6E565F95 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!IsDialogMessage 77DF1847 5 Bytes JMP 6E565831 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!CreateDialogIndirectParamA 77DF26F1 5 Bytes JMP 6E565FCC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!CreateDialogIndirectParamW 77DF9A62 5 Bytes JMP 6E566003 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!SetKeyboardState 77E00987 5 Bytes JMP 6E565BA0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!DialogBoxParamW 77E010B0 5 Bytes JMP 6E3954C5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!DialogBoxIndirectParamW 77E02EF5 5 Bytes JMP 6E565329 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!SendInput 77E02F75 5 Bytes JMP 6E56675F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!EndDialog 77E0326E 5 Bytes JMP 6E397E7E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!SetCursorPos 77E16FB2 5 Bytes JMP 6E5667B3 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!DialogBoxParamA 77E18152 5 Bytes JMP 6E5652C6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!DialogBoxIndirectParamA 77E1847D 5 Bytes JMP 6E56538C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!MessageBoxIndirectA 77E2D4D9 5 Bytes JMP 6E56525B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!MessageBoxIndirectW 77E2D5D3 5 Bytes JMP 6E5651F0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!MessageBoxExA 77E2D639 5 Bytes JMP 6E56518E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!MessageBoxExW 77E2D65D 5 Bytes JMP 6E56512C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!keybd_event 77E2D972 5 Bytes JMP 6E566AE3 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] SHELL32.dll!SHRestricted + D95 768789A8 4 Bytes [4D, 30, 1A, 70]
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] SHELL32.dll!SHRestricted + D9D 768789B0 8 Bytes [57, 2F, 1A, 70, 9C, 5B, 19, ...]
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] ole32.dll!OleLoadFromStream 77A31E80 5 Bytes JMP 6E565691 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] ole32.dll!CoCreateInstance 77A69F3E 5 Bytes JMP 6E46DB60 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!CreateDialogParamW 77DD72A2 5 Bytes JMP 6E46DE90 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!GetAsyncKeyState 77DD863C 5 Bytes JMP 6E388EFF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!SetWindowsHookExW 77DD87AD 5 Bytes JMP 6E469A91 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!CallNextHookEx 77DD8E3B 5 Bytes JMP 6E45D0CD C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!UnhookWindowsHookEx 77DD98DB 5 Bytes JMP 6E3D466E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!EnableWindow 77DDCD8B 5 Bytes JMP 6E46DD1D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!CreateWindowExW 77DE1305 5 Bytes JMP 6E46DB04 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!GetKeyState 77DE8CB1 5 Bytes JMP 6E46D2CB C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!IsDialogMessageW 77DF0745 5 Bytes JMP 6E3959D7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!CreateDialogParamA 77DF17AA 5 Bytes JMP 6E565F95 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!IsDialogMessage 77DF1847 5 Bytes JMP 6E565831 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!CreateDialogIndirectParamA 77DF26F1 5 Bytes JMP 6E565FCC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!CreateDialogIndirectParamW 77DF9A62 5 Bytes JMP 6E566003 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!SetKeyboardState 77E00987 5 Bytes JMP 6E565BA0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!DialogBoxParamW 77E010B0 5 Bytes JMP 6E3954C5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!DialogBoxIndirectParamW 77E02EF5 5 Bytes JMP 6E565329 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!SendInput 77E02F75 5 Bytes JMP 6E56675F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!EndDialog 77E0326E 5 Bytes JMP 6E397E7E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!SetCursorPos 77E16FB2 5 Bytes JMP 6E5667B3 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!DialogBoxParamA 77E18152 5 Bytes JMP 6E5652C6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!DialogBoxIndirectParamA 77E1847D 5 Bytes JMP 6E56538C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!MessageBoxIndirectA 77E2D4D9 5 Bytes JMP 6E56525B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!MessageBoxIndirectW 77E2D5D3 5 Bytes JMP 6E5651F0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!MessageBoxExA 77E2D639 5 Bytes JMP 6E56518E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!MessageBoxExW 77E2D65D 5 Bytes JMP 6E56512C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] USER32.dll!keybd_event 77E2D972 5 Bytes JMP 6E566AE3 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] SHELL32.dll!SHRestricted + D95 768789A8 4 Bytes [4D, 30, 1A, 70]
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] SHELL32.dll!SHRestricted + D9D 768789B0 8 Bytes [57, 2F, 1A, 70, 9C, 5B, 19, ...]
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] ole32.dll!OleLoadFromStream 77A31E80 5 Bytes JMP 6E565691 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3700] ole32.dll!CoCreateInstance 77A69F3E 5 Bytes JMP 6E46DB60 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [70191AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7019007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [7018E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [70190994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [7018EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [7018A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [70191D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [70193ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [70192999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [70193035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7018FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [7018E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [7018DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7018FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [7018D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [7019FBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegEnumValueW] [701A051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [7019EB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] [7019F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] [7019EF31] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [7019E5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCloseKey] [7019ED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7019007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7018FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [7018E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7018FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [7018E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [70191AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [7018EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindClose] [70193ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileA] [70192CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileA] [70192926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileW] [70193035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileW] [70192999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesA] [7018BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryA] [7019173F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesA] [7018BFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryA] [70190F0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryA] [701914E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileA] [7018ED1B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesW] [7018BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryW] [70191D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesW] [7018C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryW] [7019103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileW] [7018EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileW] [70190994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryW] [70191614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileA] [70190921] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [7018FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [7018A073] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [7018A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileA] [7018E717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileW] [7018E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] [7018FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7018FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [70190C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [7018DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [7018D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [7018D361] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [7018EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7019007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [7018C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [7018E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [70193035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [70192999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [70191AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [7018BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [7018BFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [7018E717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [70192CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [70192926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [70193ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [701923A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [7018BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7018FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpW] [7018FAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpA] [7018F973] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCloseKey] [7019ED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [7019E43D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyA] [7019EDE8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyA] [7019F9B7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [7019E9C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [7019E5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [7019EB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExW] [701A020D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] [7019F4DB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] [7019EF31] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyW] [7019FBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] [7019F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueW] [701A051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyW] [7019FF19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExA] [701A0085] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueA] [701A0395] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyA] [7019FDAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] [7019F677] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [7018CFA8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW] [70192999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [70190C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [7018D22A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [7018D9DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [7018DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [7018EB68] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetCurrentDirectoryW] [70191D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [7018E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [7018CAA7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7019007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [7018A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [70190994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW] [70193035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindClose] [70193ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [7018C709] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesA] [7018BD77] C:\Program Files\Internet
atlmsl
Regular Member
 
Posts: 40
Joined: August 25th, 2011, 6:12 pm

Re: Google Redirect

Unread postby atlmsl » August 30th, 2011, 6:38 pm

Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SearchPathW] [70191AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [7018CD20] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [7018D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!RemoveDirectoryW] [70191614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateDirectoryW] [7019103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [7018EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [7018C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesW] [7018BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [701909B9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameW] [7018C848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7018FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [7018E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesExW] [7018C368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7018FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetLongPathNameW] [7018C5D8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [7018F0D0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [7018FAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [7018F5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [7019620B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [70197595] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [701960AE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [7019615B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [701975E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [70196533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [7019799A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [7019684F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [70196E45] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [70196AFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [70196B47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [70197281] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [70196716] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [701971ED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [70197021] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [70197FBE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [70197159] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [701968E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsSystemFolderW] [70196BE2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [70196803] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [70196F81] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [701963A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [701980BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [70198513] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [70198176] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [701965DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [70197BA4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [70198235] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [7019697F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [70196DAD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [70196D15] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [7019731F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [70196EDD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [70196C7D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [70196AAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [701978EA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [701963F4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [701976D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [70198732] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [7019777E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [70197831] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [7019667B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [70197636] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [7018BB38] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindClose] [70193ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindFirstFileW] [70193035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7019007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SearchPathW] [70191AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [7018A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [7018EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetShortPathNameW] [7018C848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [7018C368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [7018E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7018FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [7018BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7018FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [70198235] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [701981D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [701972CD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [701975E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [701976D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [701965DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [7019788F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [701986D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [701978EA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [70198732] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCombineW] [70196533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\Iphlpapi.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [70191AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7019007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [7018E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [70190994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [7018EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [7018A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [70191D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [70193ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [70192999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [70193035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7018FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [7018E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [7018DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7018FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [7018D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [7019FBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegEnumValueW] [701A051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [7019EB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] [7019F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] [7019EF31] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [7019E5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCloseKey] [7019ED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7019007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7018FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [7018E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7018FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [7018E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [70191AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [7018EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindClose] [70193ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileA] [70192CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileA] [70192926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileW] [70193035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileW] [70192999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesA] [7018BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryA] [7019173F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesA] [7018BFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryA] [70190F0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryA] [701914E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileA] [7018ED1B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesW] [7018BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryW] [70191D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesW] [7018C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryW] [7019103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileW] [7018EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileW] [70190994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryW] [70191614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileA] [70190921] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [7018FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [7018A073] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [7018A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileA] [7018E717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileW] [7018E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] [7018FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7018FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [70190C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [7018DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [7018D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [7018D361] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [7018EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7019007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [7018C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [7018E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [70193035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [70192999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [70191AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [7018BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [7018BFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [7018E717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [70192CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [70192926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [70193ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [701923A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [7018BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7018FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpW] [7018FAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpA] [7018F973] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCloseKey] [7019ED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [7019E43D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyA] [7019EDE8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyA] [7019F9B7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [7019E9C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [7019E5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [7019EB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExW] [701A020D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] [7019F4DB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] [7019EF31] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyW] [7019FBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] [7019F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueW] [701A051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyW] [7019FF19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExA] [701A0085] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueA] [701A0395] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyA] [7019FDAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] [7019F677] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [7018CFA8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW] [70192999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [70190C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [7018D22A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [7018D9DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [7018DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [7018EB68] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetCurrentDirectoryW] [70191D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [7018E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [7018CAA7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7019007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [7018A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [70190994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW] [70193035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindClose] [70193ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [7018C709] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesA] [7018BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SearchPathW] [70191AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [7018CD20] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [7018D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!RemoveDirectoryW] [70191614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateDirectoryW] [7019103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [7018EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [7018C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesW] [7018BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [701909B9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameW] [7018C848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7018FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [7018E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesExW] [7018C368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7018FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetLongPathNameW] [7018C5D8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [7018F0D0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [7018FAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [7018F5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [7019620B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [70197595] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [701960AE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [7019615B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [701975E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [70196533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [7019799A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [7019684F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [70196E45] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [70196AFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [70196B47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [70197281] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [70196716] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [701971ED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [70197021] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [70197FBE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [70197159] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [701968E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsSystemFolderW] [70196BE2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [70196803] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [70196F81] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [701963A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [701980BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [70198513] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [70198176] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [701965DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [70197BA4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [70198235] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [7019697F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [70196DAD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [70196D15] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [7019731F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [70196EDD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [70196C7D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [70196AAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [701978EA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [701963F4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [701976D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [70198732] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [7019777E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [70197831] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [7019667B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [70197636] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [7018BB38] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindClose] [70193ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindFirstFileW] [70193035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7019007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SearchPathW] [70191AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [7018A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [7018EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetShortPathNameW] [7018C848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [7018C368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [7018E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7018FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [7018BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7018FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [70198235] C:\Program Files\Internet
atlmsl
Regular Member
 
Posts: 40
Joined: August 25th, 2011, 6:12 pm

Re: Google Redirect

Unread postby atlmsl » August 30th, 2011, 6:38 pm

Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [701981D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [701972CD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [701975E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [701976D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [701965DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [7019788F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [701986D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [701978EA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [70198732] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCombineW] [70196533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

AttachedDevice \Driver\tdx \Device\Tcp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

AttachedDevice \Driver\tdx \Device\Udp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Internet Explorer\iexplore.exe[3700] @ C:\Windows\system32\Iphlpapi.dll [KERNEL32.dll!GetProcAddress] [701882F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ar-SA~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ar-SA~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ar-SA~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ar-SA~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~bg-BG~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~bg-BG~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~bg-BG~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~bg-BG~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~cs-CZ~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~cs-CZ~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~cs-CZ~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~cs-CZ~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~da-DK~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~da-DK~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~da-DK~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~da-DK~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~de-DE~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~de-DE~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~de-DE~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~de-DE~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~el-GR~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~el-GR~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~el-GR~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~el-GR~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~en-US~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~en-US~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~en-US~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~en-US~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~es-ES~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~es-ES~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~es-ES~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~es-ES~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~et-EE~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~et-EE~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~et-EE~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~et-EE~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~fi-FI~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~fi-FI~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~fi-FI~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~fi-FI~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~fr-FR~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~fr-FR~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~fr-FR~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~fr-FR~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~he-IL~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~he-IL~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~he-IL~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~he-IL~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~hr-HR~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~hr-HR~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~hr-HR~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~hr-HR~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~hu-HU~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~hu-HU~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~hu-HU~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~hu-HU~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~it-IT~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~it-IT~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~it-IT~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~it-IT~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ja-JP~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ja-JP~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ja-JP~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ja-JP~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ko-KR~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ko-KR~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ko-KR~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ko-KR~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~lt-LT~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~lt-LT~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~lt-LT~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~lt-LT~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~lv-LV~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~lv-LV~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~lv-LV~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~lv-LV~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~nb-NO~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~nb-NO~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~nb-NO~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~nb-NO~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~nl-NL~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~nl-NL~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~nl-NL~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~nl-NL~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~pl-PL~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~pl-PL~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~pl-PL~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~pl-PL~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~pt-BR~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~pt-BR~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~pt-BR~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~pt-BR~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~pt-PT~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~pt-PT~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~pt-PT~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~pt-PT~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ro-RO~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ro-RO~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ro-RO~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ro-RO~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ru-RU~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ru-RU~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ru-RU~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~ru-RU~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~sk-SK~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~sk-SK~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~sk-SK~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~sk-SK~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~sl-SI~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~sl-SI~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~sl-SI~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~sl-SI~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~sr-LATN-CS~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~sr-LATN-CS~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~sr-LATN-CS~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~sr-LATN-CS~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~sv-SE~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~sv-SE~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~sv-SE~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~sv-SE~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~th-TH~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~th-TH~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~th-TH~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~th-TH~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~tr-TR~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~tr-TR~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~tr-TR~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~tr-TR~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~uk-UA~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~uk-UA~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~uk-UA~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~uk-UA~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~zh-CN~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~zh-CN~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~zh-CN~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~zh-CN~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~zh-HK~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~zh-HK~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~zh-HK~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~zh-HK~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~zh-TW~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~zh-TW~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~zh-TW~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-MiniLP~31bf3856ad364e35~x86~zh-TW~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-TopLevel~31bf3856ad364e35~x86~~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-TopLevel~31bf3856ad364e35~x86~~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package-TopLevel~31bf3856ad364e35~x86~~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ar-SA~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ar-SA~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ar-SA~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ar-SA~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~bg-BG~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~bg-BG~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~bg-BG~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~bg-BG~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~cs-CZ~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~cs-CZ~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~cs-CZ~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~cs-CZ~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~da-DK~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~da-DK~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~da-DK~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~da-DK~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~de-DE~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~de-DE~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~de-DE~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~de-DE~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~el-GR~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~el-GR~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~el-GR~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~el-GR~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~en-US~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~en-US~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~en-US~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~en-US~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~es-ES~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~es-ES~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~es-ES~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~es-ES~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~et-EE~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~et-EE~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~et-EE~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~et-EE~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~fi-FI~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~fi-FI~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~fi-FI~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~fi-FI~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~fr-FR~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~fr-FR~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~fr-FR~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~fr-FR~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~he-IL~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~he-IL~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~he-IL~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~he-IL~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~hr-HR~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~hr-HR~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~hr-HR~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~hr-HR~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~hu-HU~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~hu-HU~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~hu-HU~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~hu-HU~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~it-IT~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~it-IT~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~it-IT~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~it-IT~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ja-JP~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ja-JP~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ja-JP~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ja-JP~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ko-KR~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ko-KR~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ko-KR~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ko-KR~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~lt-LT~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~lt-LT~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~lt-LT~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~lt-LT~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~lv-LV~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~lv-LV~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~lv-LV~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~lv-LV~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~nb-NO~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~nb-NO~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~nb-NO~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~nb-NO~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~nl-NL~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~nl-NL~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~nl-NL~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~nl-NL~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~pl-PL~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~pl-PL~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~pl-PL~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~pl-PL~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~pt-BR~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~pt-BR~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~pt-BR~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~pt-BR~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~pt-PT~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~pt-PT~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~pt-PT~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~pt-PT~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ro-RO~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ro-RO~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ro-RO~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ro-RO~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ru-RU~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ru-RU~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ru-RU~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~ru-RU~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~sk-SK~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~sk-SK~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~sk-SK~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~sk-SK~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~sl-SI~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~sl-SI~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~sl-SI~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~sl-SI~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~sr-LATN-CS~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~sr-LATN-CS~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~sr-LATN-CS~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~sr-LATN-CS~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~sv-SE~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~sv-SE~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~sv-SE~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~sv-SE~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~th-TH~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~th-TH~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~th-TH~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~th-TH~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~tr-TR~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~tr-TR~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~tr-TR~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~tr-TR~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~uk-UA~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~uk-UA~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~uk-UA~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~uk-UA~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~zh-CN~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~zh-CN~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~zh-CN~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~zh-CN~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~zh-HK~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~zh-HK~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~zh-HK~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~zh-HK~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~zh-TW~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~zh-TW~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~zh-TW~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~zh-TW~6.0.6002.18156@LastError 985089
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~~6.0.6002.18156@CurrentState 4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~~6.0.6002.18156@Visibility 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~~6.0.6002.18156@LastProgressState 6
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-AutomationAPI-Package~31bf3856ad364e35~x86~~6.0.6002.18156@LastError 985089

---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior
Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior

---- Files - GMER 1.0.15 ----

File C:\Windows\$NtUninstallKB3255$\485945278 0 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\click.tlb 2144 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\L 0 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\L\qnbwvoto 185856 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\loader.tlb 2540 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\U 0 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\U\@00000001 41360 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\U\@000000c0 2560 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\U\@000000cb 2048 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\U\@000000cf 1536 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\U\@80000000 25600 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\U\@800000c0 33280 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\U\@800000cb 27648 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\U\@800000cf 27648 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6} 2048 bytes
File C:\Windows\$NtUninstallKB3255$\973188517 0 bytes
File C:\Windows\$NtUninstallKB3255$\485945278 0 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\click.tlb 2144 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\L 0 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\L\qnbwvoto 185856 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\loader.tlb 2540 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\U 0 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\U\@00000001 41360 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\U\@000000c0 2560 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\U\@000000cb 2048 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\U\@000000cf 1536 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\U\@80000000 25600 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\U\@800000c0 33280 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\U\@800000cb 27648 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\U\@800000cf 27648 bytes
File C:\Windows\$NtUninstallKB3255$\485945278\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6} 2048 bytes
File C:\Windows\$NtUninstallKB3255$\973188517 0 bytes
File C:\Windows\assembly\NativeImages_v4.0.30319_32\Temp\153c-0 0 bytes
File C:\Windows\assembly\NativeImages_v4.0.30319_32\index1bf.dat 0 bytes
File C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18484_none_b812979c99b8bbc4 0 bytes
File C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18484_none_b812979c99b8bbc4\winsrv.dll 375808 bytes executable
File C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.22662_none_b8afd591b2c7ee25 0 bytes
File C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.22662_none_b8afd591b2c7ee25\winsrv.dll 375808 bytes executable
File C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6002.22629_none_74a844e0d1dd31ac 0 bytes
File C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6002.22629_none_74a844e0d1dd31ac\bth.inf 35812 bytes
File C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6002.22629_none_74a844e0d1dd31ac\bthenum.sys 22528 bytes executable
File C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6002.22629_none_74a844e0d1dd31ac\bthport.sys 508928 bytes executable
File C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6002.22629_none_74a844e0d1dd31ac\BTHUSB.SYS 30208 bytes executable
File C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6002.22629_none_74a844e0d1dd31ac\fsquirt.exe 196608 bytes executable
File C:\Windows\winsxs\msil_system.security_b03f5f7f11d50a3a_6.0.6002.18222_none_9be4d87dce90ac67 0 bytes
File C:\Windows\winsxs\msil_system.security_b03f5f7f11d50a3a_6.0.6002.18222_none_9be4d87dce90ac67\System.Security.dll 258048 bytes executable

---- EOF - GMER 1.0.15 ----
atlmsl
Regular Member
 
Posts: 40
Joined: August 25th, 2011, 6:12 pm

Re: Google Redirect

Unread postby deltalima » August 31st, 2011, 3:32 am

Hi atlmsl,

TDSSKiller

  • Please Download TDSSKiller.zip and save it on your desktop.
  • Extract (unzip) its contents to your Desktop.
  • Double-click the TDSSKiller Folder on your desktop.
  • Right-click on TDSSKiller.exe and click Copy then Paste it directly on to your Desktop.
  • Important!: Run this fix once and once only.
  • Right click the TDSSKiller icon on you're desktop and select: Run as Administrator.
  • A box will appear saying System scan completed.
  • If any Malicious objects are found click Cure > Continue > Reboot now.
  • A log file should be created on your C: drive named something like TDSSKiller.2.4.0.0 24.07.2010.
  • To find the log click Start > Computer > C:.
  • Please post the contents of that log in your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Google Redirect

Unread postby atlmsl » August 31st, 2011, 7:25 am

2011/08/31 06:31:35.0154 5744 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/31 06:31:35.0684 5744 ================================================================================
2011/08/31 06:31:35.0684 5744 SystemInfo:
2011/08/31 06:31:35.0684 5744
2011/08/31 06:31:35.0684 5744 OS Version: 6.0.6002 ServicePack: 2.0
2011/08/31 06:31:35.0684 5744 Product type: Workstation
2011/08/31 06:31:35.0684 5744 ComputerName: EMILY-PC
2011/08/31 06:31:35.0684 5744 UserName: Emily
2011/08/31 06:31:35.0684 5744 Windows directory: C:\Windows
2011/08/31 06:31:35.0684 5744 System windows directory: C:\Windows
2011/08/31 06:31:35.0684 5744 Processor architecture: Intel x86
2011/08/31 06:31:35.0684 5744 Number of processors: 2
2011/08/31 06:31:35.0684 5744 Page size: 0x1000
2011/08/31 06:31:35.0684 5744 Boot type: Normal boot
2011/08/31 06:31:35.0684 5744 ================================================================================
2011/08/31 06:31:37.0291 5744 Initialize success
2011/08/31 06:31:56.0728 3348 Deinitialize success







2011/08/31 06:32:35.0416 0900 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/31 06:32:35.0806 0900 ================================================================================
2011/08/31 06:32:35.0806 0900 SystemInfo:
2011/08/31 06:32:35.0806 0900
2011/08/31 06:32:35.0806 0900 OS Version: 6.0.6002 ServicePack: 2.0
2011/08/31 06:32:35.0806 0900 Product type: Workstation
2011/08/31 06:32:35.0806 0900 ComputerName: EMILY-PC
2011/08/31 06:32:35.0806 0900 UserName: Emily
2011/08/31 06:32:35.0806 0900 Windows directory: C:\Windows
2011/08/31 06:32:35.0806 0900 System windows directory: C:\Windows
2011/08/31 06:32:35.0806 0900 Processor architecture: Intel x86
2011/08/31 06:32:35.0806 0900 Number of processors: 2
2011/08/31 06:32:35.0806 0900 Page size: 0x1000
2011/08/31 06:32:35.0806 0900 Boot type: Normal boot
2011/08/31 06:32:35.0806 0900 ================================================================================
2011/08/31 06:32:36.0898 0900 Initialize success
2011/08/31 06:32:53.0902 1088 ================================================================================
2011/08/31 06:32:53.0902 1088 Scan started
2011/08/31 06:32:53.0902 1088 Mode: Manual;
2011/08/31 06:32:53.0902 1088 ================================================================================
2011/08/31 06:32:56.0398 1088 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/08/31 06:32:56.0944 1088 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/08/31 06:32:57.0334 1088 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/08/31 06:32:57.0834 1088 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/08/31 06:32:57.0958 1088 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/08/31 06:32:58.0114 1088 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
2011/08/31 06:32:58.0582 1088 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/08/31 06:32:58.0785 1088 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/08/31 06:32:59.0035 1088 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/08/31 06:32:59.0284 1088 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/08/31 06:32:59.0815 1088 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/08/31 06:32:59.0924 1088 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/08/31 06:33:00.0018 1088 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
2011/08/31 06:33:00.0158 1088 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/08/31 06:33:00.0205 1088 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/08/31 06:33:00.0314 1088 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/08/31 06:33:00.0408 1088 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/08/31 06:33:00.0579 1088 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys
2011/08/31 06:33:00.0798 1088 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
2011/08/31 06:33:00.0907 1088 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/08/31 06:33:01.0047 1088 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/08/31 06:33:01.0188 1088 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/08/31 06:33:01.0281 1088 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/08/31 06:33:01.0375 1088 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/08/31 06:33:01.0562 1088 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/08/31 06:33:01.0624 1088 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/08/31 06:33:01.0718 1088 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/08/31 06:33:01.0796 1088 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/08/31 06:33:01.0921 1088 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/08/31 06:33:02.0046 1088 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/08/31 06:33:02.0124 1088 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/08/31 06:33:02.0202 1088 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/08/31 06:33:02.0326 1088 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/08/31 06:33:02.0482 1088 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/08/31 06:33:02.0560 1088 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/08/31 06:33:02.0670 1088 CnxtHdAudService (dda0cb141150fef87419926790cd26c8) C:\Windows\system32\drivers\CHDRT32.sys
2011/08/31 06:33:02.0794 1088 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/08/31 06:33:02.0841 1088 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/08/31 06:33:02.0935 1088 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/08/31 06:33:03.0106 1088 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
2011/08/31 06:33:03.0294 1088 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/08/31 06:33:03.0465 1088 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/08/31 06:33:03.0559 1088 DXGKrnl (fb85f7f69e9b109820409243f578cc4d) C:\Windows\System32\drivers\dxgkrnl.sys
2011/08/31 06:33:03.0699 1088 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/08/31 06:33:03.0902 1088 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/08/31 06:33:04.0058 1088 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/08/31 06:33:04.0167 1088 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/08/31 06:33:04.0339 1088 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/08/31 06:33:04.0432 1088 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/08/31 06:33:04.0573 1088 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/08/31 06:33:04.0729 1088 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/08/31 06:33:04.0822 1088 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/08/31 06:33:04.0916 1088 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/08/31 06:33:05.0010 1088 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/08/31 06:33:05.0150 1088 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/08/31 06:33:05.0197 1088 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/08/31 06:33:05.0353 1088 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/08/31 06:33:05.0524 1088 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/08/31 06:33:05.0618 1088 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/08/31 06:33:05.0727 1088 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/08/31 06:33:05.0774 1088 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/08/31 06:33:05.0883 1088 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
2011/08/31 06:33:05.0992 1088 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/08/31 06:33:06.0086 1088 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
2011/08/31 06:33:06.0180 1088 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
2011/08/31 06:33:06.0289 1088 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/08/31 06:33:06.0429 1088 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/08/31 06:33:06.0585 1088 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2011/08/31 06:33:06.0694 1088 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/08/31 06:33:06.0819 1088 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/08/31 06:33:06.0897 1088 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/08/31 06:33:06.0960 1088 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/08/31 06:33:07.0069 1088 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/08/31 06:33:07.0194 1088 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/08/31 06:33:07.0272 1088 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/08/31 06:33:07.0365 1088 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/08/31 06:33:07.0506 1088 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/08/31 06:33:07.0599 1088 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/08/31 06:33:07.0693 1088 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/08/31 06:33:07.0755 1088 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/08/31 06:33:07.0849 1088 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/08/31 06:33:07.0927 1088 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/08/31 06:33:08.0005 1088 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/08/31 06:33:08.0083 1088 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/08/31 06:33:08.0161 1088 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/08/31 06:33:08.0270 1088 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/08/31 06:33:08.0426 1088 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/08/31 06:33:08.0520 1088 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/08/31 06:33:08.0598 1088 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/08/31 06:33:08.0707 1088 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/08/31 06:33:08.0754 1088 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/08/31 06:33:08.0894 1088 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/08/31 06:33:08.0956 1088 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/08/31 06:33:09.0066 1088 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/08/31 06:33:09.0175 1088 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/08/31 06:33:09.0237 1088 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/08/31 06:33:09.0300 1088 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/08/31 06:33:09.0378 1088 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\drivers\mouhid.sys
2011/08/31 06:33:09.0424 1088 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/08/31 06:33:09.0518 1088 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/08/31 06:33:09.0580 1088 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/08/31 06:33:09.0674 1088 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/08/31 06:33:09.0799 1088 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/08/31 06:33:09.0877 1088 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/08/31 06:33:09.0955 1088 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/08/31 06:33:10.0080 1088 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/08/31 06:33:10.0189 1088 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/08/31 06:33:10.0251 1088 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/08/31 06:33:10.0360 1088 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/08/31 06:33:10.0454 1088 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/08/31 06:33:10.0563 1088 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/08/31 06:33:10.0626 1088 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/08/31 06:33:10.0688 1088 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/08/31 06:33:10.0782 1088 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/08/31 06:33:10.0906 1088 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/08/31 06:33:10.0984 1088 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/08/31 06:33:11.0125 1088 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/08/31 06:33:11.0250 1088 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/08/31 06:33:11.0374 1088 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/08/31 06:33:11.0452 1088 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/08/31 06:33:11.0530 1088 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/08/31 06:33:11.0624 1088 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/08/31 06:33:11.0718 1088 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/08/31 06:33:11.0780 1088 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/08/31 06:33:11.0858 1088 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/08/31 06:33:11.0967 1088 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/08/31 06:33:12.0045 1088 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/08/31 06:33:12.0154 1088 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/08/31 06:33:12.0342 1088 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/08/31 06:33:12.0513 1088 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/08/31 06:33:12.0576 1088 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/08/31 06:33:12.0747 1088 NVENETFD (ae78a7285df03a277415fc62f8ce8f24) C:\Windows\system32\DRIVERS\nvmfdx32.sys
2011/08/31 06:33:12.0919 1088 NVHDA (57945c4c155a79cf3e0f463e3cc9923e) C:\Windows\system32\drivers\nvhda32v.sys
2011/08/31 06:33:13.0387 1088 nvlddmkm (9dac05d828e56801fd6ce5fdfced64af) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/08/31 06:33:13.0699 1088 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/08/31 06:33:13.0792 1088 nvsmu (0fb6bf3ab170fc5bd403d25e134eafde) C:\Windows\system32\DRIVERS\nvsmu.sys
2011/08/31 06:33:13.0839 1088 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/08/31 06:33:13.0917 1088 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/08/31 06:33:14.0167 1088 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/08/31 06:33:14.0370 1088 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/08/31 06:33:14.0463 1088 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/08/31 06:33:14.0541 1088 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/08/31 06:33:14.0650 1088 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/08/31 06:33:14.0728 1088 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
2011/08/31 06:33:14.0838 1088 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/08/31 06:33:14.0962 1088 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/08/31 06:33:15.0259 1088 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/08/31 06:33:15.0321 1088 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
2011/08/31 06:33:15.0446 1088 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/08/31 06:33:15.0571 1088 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/08/31 06:33:15.0664 1088 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/08/31 06:33:15.0774 1088 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/08/31 06:33:15.0867 1088 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/08/31 06:33:15.0992 1088 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/08/31 06:33:16.0132 1088 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/08/31 06:33:16.0210 1088 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/08/31 06:33:16.0304 1088 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/08/31 06:33:16.0398 1088 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/08/31 06:33:16.0476 1088 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/08/31 06:33:16.0538 1088 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/08/31 06:33:16.0678 1088 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/08/31 06:33:16.0928 1088 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/08/31 06:33:17.0006 1088 RTSTOR (4f31cfdebd0a5bc27d45e7ebfefaaf6f) C:\Windows\system32\drivers\RTSTOR.SYS
2011/08/31 06:33:17.0084 1088 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/08/31 06:33:17.0193 1088 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/08/31 06:33:17.0334 1088 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/08/31 06:33:17.0380 1088 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/08/31 06:33:17.0505 1088 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/08/31 06:33:17.0724 1088 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/08/31 06:33:17.0786 1088 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/08/31 06:33:17.0880 1088 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/08/31 06:33:17.0942 1088 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/08/31 06:33:18.0067 1088 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/08/31 06:33:18.0114 1088 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/08/31 06:33:18.0207 1088 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/08/31 06:33:18.0363 1088 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/08/31 06:33:18.0488 1088 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/08/31 06:33:18.0582 1088 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/08/31 06:33:18.0691 1088 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
2011/08/31 06:33:18.0769 1088 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
2011/08/31 06:33:18.0894 1088 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/08/31 06:33:18.0956 1088 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/08/31 06:33:19.0050 1088 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/08/31 06:33:19.0112 1088 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/08/31 06:33:19.0237 1088 SynTP (00b19f27858f56181edb58b71a7c67a0) C:\Windows\system32\DRIVERS\SynTP.sys
2011/08/31 06:33:19.0471 1088 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/08/31 06:33:19.0658 1088 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/08/31 06:33:19.0767 1088 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/08/31 06:33:19.0845 1088 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/08/31 06:33:19.0923 1088 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/08/31 06:33:20.0017 1088 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/08/31 06:33:20.0095 1088 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/08/31 06:33:20.0251 1088 tmactmon (02ffe7402fb07f2f64d1ac6866345087) C:\Windows\system32\DRIVERS\tmactmon.sys
2011/08/31 06:33:20.0329 1088 tmcomm (8762cb58a489b385feef2aea7f7718f3) C:\Windows\system32\DRIVERS\tmcomm.sys
2011/08/31 06:33:20.0438 1088 tmevtmgr (efe60b70fa964459dde55039c5b05be7) C:\Windows\system32\DRIVERS\tmevtmgr.sys
2011/08/31 06:33:20.0516 1088 tmlwf (d5ce61a14f7489d1ae827de8ddd9a87d) C:\Windows\system32\DRIVERS\tmlwf.sys
2011/08/31 06:33:20.0625 1088 tmpreflt (9cbbe54780770fdb7aaa73be530e4d80) C:\Windows\system32\DRIVERS\tmpreflt.sys
2011/08/31 06:33:20.0703 1088 tmtdi (ce1321671eee4520b9b50cd513f67dad) C:\Windows\system32\DRIVERS\tmtdi.sys
2011/08/31 06:33:20.0828 1088 tmwfp (abd052191da6d8d6f5357c600a179d48) C:\Windows\system32\DRIVERS\tmwfp.sys
2011/08/31 06:33:20.0906 1088 tmxpflt (6cc393305bd60056ca09a4c8032a169a) C:\Windows\system32\DRIVERS\tmxpflt.sys
2011/08/31 06:33:21.0062 1088 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/08/31 06:33:21.0124 1088 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/08/31 06:33:21.0234 1088 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/08/31 06:33:21.0358 1088 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/08/31 06:33:21.0468 1088 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/08/31 06:33:21.0624 1088 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/08/31 06:33:21.0717 1088 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/08/31 06:33:21.0795 1088 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/08/31 06:33:21.0889 1088 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/08/31 06:33:21.0967 1088 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/08/31 06:33:22.0138 1088 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
2011/08/31 06:33:22.0232 1088 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/08/31 06:33:22.0341 1088 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/08/31 06:33:22.0404 1088 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/08/31 06:33:22.0497 1088 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/08/31 06:33:22.0606 1088 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
2011/08/31 06:33:22.0700 1088 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/08/31 06:33:22.0825 1088 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/08/31 06:33:22.0934 1088 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/08/31 06:33:23.0090 1088 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/08/31 06:33:23.0137 1088 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/08/31 06:33:23.0246 1088 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/08/31 06:33:23.0308 1088 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/08/31 06:33:23.0371 1088 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/08/31 06:33:23.0464 1088 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/08/31 06:33:23.0558 1088 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/08/31 06:33:23.0667 1088 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/08/31 06:33:23.0776 1088 vsapint (bbdd84ca629c1f7c8172b4405867f196) C:\Windows\system32\DRIVERS\vsapint.sys
2011/08/31 06:33:23.0932 1088 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/08/31 06:33:24.0073 1088 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/08/31 06:33:24.0151 1088 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/31 06:33:24.0198 1088 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/31 06:33:24.0276 1088 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/08/31 06:33:24.0385 1088 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/08/31 06:33:24.0650 1088 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/08/31 06:33:24.0978 1088 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/08/31 06:33:25.0102 1088 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/08/31 06:33:25.0196 1088 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/08/31 06:33:25.0336 1088 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/08/31 06:33:25.0430 1088 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
2011/08/31 06:33:25.0524 1088 MBR (0x1B8) (058abf4b2db2b8e056ed235995c6813a) \Device\Harddisk0\DR0
2011/08/31 06:33:25.0524 1088 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.a (0)
2011/08/31 06:33:25.0555 1088 Boot (0x1200) (8114c1c2de62ff6d5241e76bc0f1bf10) \Device\Harddisk0\DR0\Partition0
2011/08/31 06:33:25.0602 1088 Boot (0x1200) (3e5321bf05349402410778864528176c) \Device\Harddisk0\DR0\Partition1
2011/08/31 06:33:25.0617 1088 ================================================================================
2011/08/31 06:33:25.0617 1088 Scan finished
2011/08/31 06:33:25.0617 1088 ================================================================================
2011/08/31 06:33:25.0648 4920 Detected object count: 1
2011/08/31 06:33:25.0648 4920 Actual detected object count: 1
2011/08/31 06:33:43.0245 4920 \Device\Harddisk0\DR0 (Rootkit.Boot.Pihar.a) - will be cured after reboot
2011/08/31 06:33:43.0245 4920 \Device\Harddisk0\DR0 - ok
2011/08/31 06:33:43.0245 4920 Rootkit.Boot.Pihar.a(\Device\Harddisk0\DR0) - User select action: Cure
2011/08/31 06:33:48.0144 5196 Deinitialize success
atlmsl
Regular Member
 
Posts: 40
Joined: August 25th, 2011, 6:12 pm

Re: Google Redirect

Unread postby deltalima » August 31st, 2011, 7:50 am

Hi atlmsl,

Run OTL Script

  • Right click OTL.exe and select: Run as Administrator.
  • Copy and Paste the following code into the Image textbox. Do not include the word Code
    Code: Select all
    :processes
    killallprocesses
    :otl
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    :reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "AutoUpdateDisableNotify" = 0
    :commands
    [EMPTYTEMP]
    [EMPTYFLASH]
    [RESETHOSTS]
    [REBOOT]
    
  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Please let me know how the computer is running now.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Google Redirect

Unread postby atlmsl » August 31st, 2011, 9:15 am

All processes killed
========== PROCESSES ==========
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\"AutoUpdateDisableNotify" | 0 /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Emily
->Temp folder emptied: 11186088 bytes
->Temporary Internet Files folder emptied: 67109178 bytes
->Java cache emptied: 51038147 bytes
->Flash cache emptied: 1311 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 64512 bytes
Windows Temp folder emptied: 68598301 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 189.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Emily
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.26.7 log created on 08312011_090814

Files\Folders moved on Reboot...
C:\Users\Emily\AppData\Local\Temp\ehmsas.txt moved successfully.
File\Folder C:\Users\Emily\AppData\Local\Temp\~DFAB31.tmp not found!
File\Folder C:\Users\Emily\AppData\Local\Temp\~DFAC4E.tmp not found!
File\Folder C:\Users\Emily\AppData\Local\Temp\~DFAE06.tmp not found!
File\Folder C:\Users\Emily\AppData\Local\Temp\~DFAE64.tmp not found!
C:\Users\Emily\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O582ZAQ9\viewtopic[1].htm moved successfully.
C:\Users\Emily\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
C:\Users\Emily\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

Registry entries deleted on Reboot...
atlmsl
Regular Member
 
Posts: 40
Joined: August 25th, 2011, 6:12 pm

Re: Google Redirect

Unread postby deltalima » August 31st, 2011, 9:24 am

And how is the computer running now?
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Google Redirect

Unread postby atlmsl » August 31st, 2011, 9:26 am

Everything seems to be running okay now. I'll keep playing with it to see if any problems show.
atlmsl
Regular Member
 
Posts: 40
Joined: August 25th, 2011, 6:12 pm

Re: Google Redirect

Unread postby deltalima » August 31st, 2011, 9:31 am

Hi atlmsl,

Now that you are clean, please follow these steps in order to keep your computer clean and secure.

Update Adobe Reader

  • You should Download and Install the newest version of Adobe Reader for reading pdf files.
  • Older versions may have vulnerabilities that malware can use to infect your system.
  • Go Here to download and install Adobe Reader X (10.0.3).
  • Note: remember to Uncheck Free McAfee® Security Scan Plus (optional)

Update Java Runtime

You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, & also remove the older more vulnerable versions from your system. The most current version of Sun Java is: Java Runtime Environment Version 6 Update 27.
  • Download the latest version of Java Runtime Environment (JRE) 6 Here
  • Scroll down to where it says "JDK 6 Update 27 (JDK or JRE)"
  • Click the orange Download JRE button to the right
  • Select the Windows platform from the dropdown menu
  • Read the License Agreement and then check the box that says: "I agree to the Java SE Runtime Environment 6 with JavaFX License Agreement". Click on Continue.The page will refresh
  • Click on the link to download Windows Offline Installation & save the file to your desktop
  • Close any programs you may have running - especially your web browser
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs & remove all older versions of Java
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java(TM) 6) in the name
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions
  • Reboot your computer once all Java components are removed
  • Then from your desktop double-click on jre-6u27-windows-i586-p.exe to install the newest version


Clean up with OTL

  • Double-click OTL.exe to start the program. This will remove all the tools we used to clean your pc.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CleanUp! button
  • Say Yes to the prompt and then allow the program to reboot your computer.


Update your AntiVirus Software and keep your other programs up-to-date
Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector
F-secure Health Check

Security Updates for Windows, Internet Explorer & Microsoft Office
Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC. Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the Microsoft Update site on a regular basis.

Here are some additional utilities that will enhance your safety


Happy surfing and stay clean!
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Google Redirect

Unread postby atlmsl » August 31st, 2011, 11:26 am

Thank you so very much. I have updated everything as you recommended. I really appreciate your help.
atlmsl
Regular Member
 
Posts: 40
Joined: August 25th, 2011, 6:12 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 29 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware