Could it be an infection?

jaxdacool1 · June 22, 2009, 4:43am

Hello, I am a new member and to be honest the sole purpose of me joining this community was because I suspect I may have gotten an infection in my Computer. I did happen to open a "suspicious" .exe file which I slightly regret now, but I would like your help. I believe I have MSIVXserv.sys problem going on. As I researched on the internet a bit, I found that this was a spyware, so I tried to remove it personally, but did no good as whenever I try to run Norton Antivirus, it stays at 0% and my definitions cannot be bothered to be updated. I am willing to co-operate but would really like some help in this. Please tell me what information should I include in my next post which would help you guys to help me solve my problem...

For starters. I am running Windows Vista Home Premium Edition x86 (32 bit) on my Toshiba Satellite Laptop.

jaxdacool1 · June 22, 2009, 4:43am

Hello, I am a new member and to be honest the sole purpose of me joining this community was because I suspect I may have gotten an infection in my Computer. I did happen to open a "suspicious" .exe file which I slightly regret now, but I would like your help. I believe I have MSIVXserv.sys problem going on. As I researched on the internet a bit, I found that this was a spyware, so I tried to remove it personally, but did no good as whenever I try to run Norton Antivirus, it stays at 0% and my definitions cannot be bothered to be updated. I am willing to co-operate but would really like some help in this. Please tell me what information should I include in my next post which would help you guys to help me solve my problem...

For starters. I am running Windows Vista Home Premium Edition x86 (32 bit) on my Toshiba Satellite Laptop.

Quads · June 22, 2009, 4:54am

Hi

I Need a GMER log, GMER, http://www.gmer.net/ and "Scan" then "Save" the log, Post the log section from "DEVICES" section to the end of the log.

Please do not use GMER for anything else as it could cause a crash / BSOD.

Thanks

Quads

Oh double posting

jaxdacool1 · June 22, 2009, 7:22am

Hello Quads and dbrisendine,

thankyou for your replies... as requested I have downloaded GMER and RootRepeal but when I tried to run RootRepeal, it gave me a driver error stating "Could not load driver (0xc0000035!)". Therefore, I was not able to include RootRepeal logs with this post, although GMER worked just fine and here are the logs...

Quads · June 22, 2009, 8:08am

Where is the log??

Quads

jaxdacool1 · June 22, 2009, 10:38pm

GMER 1.0.15.14972 - http://www.gmer.net
Rootkit scan 2009-06-22 03:09:35
Windows 6.0.6002 Service Pack 2

---- System - GMER 1.0.15 ----

SSDT            87F009F8       ZwAlertResumeThread
SSDT            87F00AD8       ZwAlertThread
SSDT            87EF04A8       ZwAllocateVirtualMemory
SSDT            87EE12F0       ZwConnectPort
SSDT            87F00758       ZwCreateMutant
SSDT            87EF0600       ZwCreateThread
SSDT            87EF0428       ZwFreeVirtualMemory
SSDT            87F00838       ZwImpersonateAnonymousToken
SSDT            87F00918       ZwImpersonateThread
SSDT            87EEF198       ZwMapViewOfSection
SSDT            87F00678       ZwOpenEvent
SSDT            87EE64E0       ZwOpenProcessToken
SSDT            87EFE5A8       ZwOpenThreadToken
SSDT            87E83050       ZwResumeThread
SSDT            87EFF300       ZwSetContextThread
SSDT            87EFE688       ZwSetInformationProcess
SSDT            87EFF220       ZwSetInformationThread
SSDT            87F00598       ZwSuspendProcess
SSDT            87EFF060       ZwSuspendThread
SSDT            87EE1D20       ZwTerminateProcess
SSDT            87EFF140       ZwTerminateThread
SSDT            87EFE768       ZwUnmapViewOfSection
SSDT            87EEF320       ZwWriteVirtualMemory

INT 0x52        ?            86334BF8
INT 0x62        ?              86334BF8
INT 0x82        ?              8487ABF8
INT 0x92        ?              8487ABF8
INT 0xA2        ?              86334BF8

Code            87E814C8       ZwEnumerateKey
Code            87E10730       ZwFlushInstructionCache
Code            87E71E65       IofCallDriver
Code            87E71A46       IofCompleteRequest

jaxdacool1 · June 22, 2009, 10:43pm

---- Kernel code sections - GMER 1.0.15 ----

.text           ntoskrnl.exe!IofCallDriver               8247A11B 5 Bytes JMP 87E71E6A
.text           ntoskrnl.exe!IofCompleteRequest          8247A188 5 Bytes JMP 87E71A4B
.text           ntoskrnl.exe!KeInsertQueue + 30D         824A1944 8 Bytes [F8, 09, F0, 87, D8, 0A, F0, ...]
.text           ntoskrnl.exe!KeInsertQueue + 321         824A1958 4 Bytes [A8, 04, EF, 87]
.text           ntoskrnl.exe!KeInsertQueue + 3B1         824A19E8 4 Bytes [F0, 12, EE, 87]
.text           ntoskrnl.exe!KeInsertQueue + 3E5         824A1A1C 4 Bytes [58, 07, F0, 87]
.text           ntoskrnl.exe!KeInsertQueue + 411         824A1A48 4 Bytes [00, 06, EF, 87]
.text           ...
PAGE            ntoskrnl.exe!ZwFlushInstructionCache     825DC0AA 5 Bytes JMP 87E10734
PAGE            ntoskrnl.exe!ZwEnumerateKey              82607366 5 Bytes JMP 87E814CC
?               System32\Drivers\spjv.sys                The system cannot find the path specified. !
.text           USBPORT.SYS!DllUnload                    8CE9941B 5 Bytes JMP 863341D8
?               C:\Windows\system32\drivers\rootrepeal[1].sys    The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!CreateDialogParamW    776072A2 5 Bytes JMP 6AFBD660 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!GetAsyncKeyState      7760863C 5 Bytes JMP 6AED8E62 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!SetWindowsHookExW     776087AD 5 Bytes JMP 6AFB9271 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!CallNextHookEx        77608E3B 5 Bytes JMP 6AFAC8B9 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!UnhookWindowsHookEx   776098DB 5 Bytes JMP 6AF24284 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!EnableWindow          7760CD8B 5 Bytes JMP 6AFBD4ED C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!CreateWindowExW       77611305 5 Bytes JMP 6AFBD2D4 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!GetKeyState           77618CB1 5 Bytes JMP 6AFBCA9B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!IsDialogMessageW      77620745 5 Bytes JMP 6AEE56E7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!CreateDialogParamA    776217AA 5 Bytes JMP 6B0DC018 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!IsDialogMessage       77621847 5 Bytes JMP 6B0DBA1F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!CreateDialogIndirectParamA   776226F1 5 Bytes JMP 6B0DC04F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!CreateDialogIndirectParamW   77629A62 5 Bytes JMP 6B0DC086 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!SetKeyboardState             77630987 5 Bytes JMP 6B0DBD8E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!DialogBoxParamW              776310B0 3 Bytes JMP 6AEE51D5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!DialogBoxParamW + 4          776310B4 1 Byte [F3]
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!DialogBoxIndirectParamW      77632EF5 5 Bytes JMP 6B0DB6FB C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!SendInput                    77632F75 5 Bytes JMP 6B0DC703 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!EndDialog                    7763326E 3 Bytes JMP 6AEE7B8E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!EndDialog + 4                77633272 1 Byte [F3]
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!DialogBoxParamA              77648152 5 Bytes JMP 6B0DB698 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!DialogBoxIndirectParamA      7764847D 5 Bytes JMP 6B0DB75E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!MessageBoxIndirectA          7765D4D9 5 Bytes JMP 6B0DB62D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!MessageBoxIndirectW          7765D5D3 5 Bytes JMP 6B0DB5C2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!MessageBoxExA                7765D639 5 Bytes JMP 6B0DB560 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!MessageBoxExW                7765D65D 5 Bytes JMP 6B0DB4FE C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] USER32.dll!keybd_event                  7765D972 5 Bytes JMP 6B0DC92F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] SHELL32.dll!SHRestricted + D95          76888988 4 Bytes [5D, 30, AC, 6D]
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] SHELL32.dll!SHRestricted + D9D          76888990 8 Bytes [67, 2F, AC, 6D, 49, 5C, AB, ...]
.text           C:\Program Files\Internet Explorer\iexplore.exe[564] ole32.dll!CoCreateInstance              76299EA6 5 Bytes JMP 6AFBD330 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[892] USER32.dll!CreateWindowExW              77611305 5 Bytes JMP 6AFBD2D4 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[892] USER32.dll!DialogBoxParamW              776310B0 3 Bytes JMP 6AEE51D5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[892] USER32.dll!DialogBoxParamW + 4          776310B4 1 Byte [F3]
.text           C:\Program Files\Internet Explorer\iexplore.exe[892] USER32.dll!DialogBoxIndirectParamW      77632EF5 5 Bytes JMP 6B0DB6FB C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

jaxdacool1 · June 22, 2009, 10:48pm

.text           C:\Program Files\Internet Explorer\iexplore.exe[892] USER32.dll!DialogBoxParamA              77648152 5 Bytes JMP 6B0DB698 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[892] USER32.dll!DialogBoxIndirectParamA      7764847D 5 Bytes JMP 6B0DB75E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[892] USER32.dll!MessageBoxIndirectA          7765D4D9 5 Bytes JMP 6B0DB62D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[892] USER32.dll!MessageBoxIndirectW          7765D5D3 5 Bytes JMP 6B0DB5C2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[892] USER32.dll!MessageBoxExA                7765D639 5 Bytes JMP 6B0DB560 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[892] USER32.dll!MessageBoxExW                7765D65D 5 Bytes JMP 6B0DB4FE C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT             \SystemRoot\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint]                        848792D8
IAT             \SystemRoot\system32\drivers\pci.sys[ntoskrnl.exe!IoDetachDevice]                            [82E78C4C] \SystemRoot\System32\Drivers\spjv.sys
IAT             \SystemRoot\system32\drivers\pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack]               [82E78CA0] \SystemRoot\System32\Drivers\spjv.sys
IAT             \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar]                    [82E486D6] \SystemRoot\System32\Drivers\spjv.sys
IAT             \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar]                     [82E48042] \SystemRoot\System32\Drivers\spjv.sys
IAT             \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort]             [82E48800] \SystemRoot\System32\Drivers\spjv.sys
IAT             \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort]                    [82E480C0] \SystemRoot\System32\Drivers\spjv.sys
IAT             \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort]              [82E4813E] \SystemRoot\System32\Drivers\spjv.sys
IAT             \SystemRoot\system32\drivers\ataport.SYS[ntoskrnl.exe!DbgBreakPoint]                         8487A2D8
IAT             \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint]                         863342D8
IAT             \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR]                           [82E57E9C] \SystemRoot\System32\Drivers\spjv.sys
IAT             \SystemRoot\system32\DRIVERS\storport.sys[ntoskrnl.exe!DbgBreakPoint]                        8634D2D8

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]       [6DAA82E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress]         [6DAA82E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW]            [6DAB1B90] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW]         [6DAB0120] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW]              [6DAAE28D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW]              [6DAB0A38] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW]            [6DAAEEEA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW]         [6DAAA3EB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW]   [6DAB1DFA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose]          [6DAB3BB7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW]                                [6DAB2A3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

jaxdacool1 · June 22, 2009, 10:51pm

IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW]         [6DAB3110] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA]           [6DAAFC85] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW]            [6DAAE904] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6DAADD00] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW]                [6DAAFE0A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress]              [6DAA82E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW]    [6DAAD55C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryInfoKeyW]            [6DABFCAB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegEnumValueW]               [6DAC0615] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW]               [6DABEC35] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW]            [6DABF90F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW]               [6DABF029] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW]             [6DABE6BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCloseKey]                 [6DABEE8D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW]               [6DAB0120] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA]                 [6DAAFC85] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW]                    [6DAAE28D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]               [6DAA82E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW]                 [6DAAFE0A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW]                  [6DAAE904] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW]                  [6DAB1B90] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW]                  [6DAAEEEA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindClose]                   [6DAB3BB7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileA]              [6DAB2DAD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileA]               [6DAB29CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileW]              [6DAB3110] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileW]               [6DAB2A3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesA]          [6DAABE1B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryA]        [6DAB17E3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesA]          [6DAAC071] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryA]            [6DAB0FB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryA]            [6DAB158D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileA]                 [6DAAEDBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesW]          [6DAABF46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryW]        [6DAB1DFA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesW]          [6DAAC19F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryW]            [6DAB10E1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

jaxdacool1 · June 22, 2009, 10:57pm

IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryW]           [6DAB10E1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileW]                [6DAAEEEA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileW]                  [6DAB0A38] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryW]           [6DAB16B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileA]                  [6DAB09C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress]             [6DAA82E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA]               [6DAAFC85] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]             [6DAAA063] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]             [6DAAA3EB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileA]                [6DAAE7BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileW]                [6DAAE904] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW]               [6DAAFE0A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW]              [6DAAFE0A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW]              [6DAB0D39] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW]   [6DAADD00] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW]     [6DAAD55C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA]     [6DAAD405] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW]                  [6DAAEEEA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW]               [6DAB0120] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW]           [6DAAC19F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW]                  [6DAAE904] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW]               [6DAB3110] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW]                [6DAB2A3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW]                  [6DAB1B90] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW]           [6DAABF46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA]           [6DAAC071] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA]                  [6DAAE7BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA]               [6DAB2DAD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA]                [6DAB29CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose]                    [6DAB3BB7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA]                  [6DAB2449] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA]           [6DAABE1B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA]                 [6DAAFC85] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]               [6DAA82E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpW]                       [6DAAFB4E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpA]                       [6DAAFA17] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCloseKey]                  [6DABEE8D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA]              [6DABE535] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyA]                [6DABEEE0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyA]             [6DABFAAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA]                [6DABEABD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW]              [6DABE6BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW]                [6DABEC35] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExW]                [6DAC0305] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW]               [6DABF5D3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW]                [6DABF029] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyW]             [6DABFCAB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW]             [6DABF90F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueW]                [6DAC0615] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyW]                  [6DAC0011] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

delphinium · June 22, 2009, 11:00pm

Have you got more to come Jaxdacool1?

jaxdacool1 · June 22, 2009, 11:03pm

IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExA]               [6DAC017D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueA]               [6DAC048D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyA]                 [6DABFEA7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA]            [6DABF76F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW]   [6DAAD04C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW]               [6DAB2A3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW]                [6DAB0D39] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6DAAD2CE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW]     [6DAADA7E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW]      [6DAADD00] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW]                 [6DAAEC0C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetCurrentDirectoryW]            [6DAB1DFA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW]                       [6DAAE28D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW]                  [6DAACB4B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW]                  [6DAB0120] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                  [6DAAA3EB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW]                       [6DAB0A38] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW]                  [6DAB3110] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindClose]                       [6DAB3BB7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA]               [6DAAC7AD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesA]              [6DAABE1B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SearchPathW]                     [6DAB1B90] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW]           [6DAACDC4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW]        [6DAAD55C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!RemoveDirectoryW]                [6DAB16B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateDirectoryW]                [6DAB10E1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW]                     [6DAAEEEA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW]              [6DAAC19F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesW]              [6DAABF46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW]                     [6DAB0A5D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameW]               [6DAAC8EC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW]                    [6DAAFE0A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW]                     [6DAAE904] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesExW]            [6DAAC40C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA]                    [6DAAFC85] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetLongPathNameW]                [6DAAC67C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW]                        [6DAAF174] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW]                          [6DAAFB4E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW]              [6DAAF669] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW]               [6DAB66B5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW]           [6DAB62E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

jaxdacool1 · June 22, 2009, 11:07pm

IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW]            [6DAB7670] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW]                   [6DAB6189] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW]                [6DAB6236] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA]                     [6DAB76C2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW]                     [6DAB660E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W]                [6DAB7A75] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW]                 [6DAB692A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW]                       [6DAB6F20] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA]                      [6DAB6BD6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW]                      [6DAB6C22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW]                 [6DAB735C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW]                  [6DAB67F1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW]                   [6DAB72C8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW]                  [6DAB70FC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW]             [6DAB8099] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW]                    [6DAB7234] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW]            [6DAB69C2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsSystemFolderW]              [6DAB6CBD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA]                 [6DAB68DE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW]              [6DAB705C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA]                   [6DAB6480] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW]                    [6DAB8198] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW]                    [6DAB85EE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW]                 [6DAB8251] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW]                  [6DAB7C7F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW]                   [6DAB8310] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW]                           [6DAB6A5A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW]                        [6DAB6E88] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW]                             [6DAB6DF0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW]                      [6DAB73FA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW]                        [6DAB6FB8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW]                                   [6DAB6D58] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW]                              [6DAB6B8A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW]                                  [6DAB79C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW]                               [6DAB64CF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW]                               [6DAB77B2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW]                                  [6DAB880D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW]                                 [6DAB7859] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW]                                 [6DAB790C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW]                              [6DAB6756] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

jaxdacool1 · June 22, 2009, 11:08pm

IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW]                                 [6DAB7711] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile]                           [6DAABBDC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindClose]                                     [6DAB3BB7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindFirstFileW]                                [6DAB3110] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW]                                [6DAB0120] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SearchPathW]                                   [6DAB1B90] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                [6DAAA3EB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW]                                   [6DAAEEEA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetShortPathNameW]                             [6DAAC8EC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW]                          [6DAAC40C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW]                                   [6DAAE904] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW]                                  [6DAAFE0A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW]                            [6DAABF46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA]                                  [6DAAFC85] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress]                               [6DAA82E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW]                               [6DAB8310] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA]                               [6DAB82B2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA]                      [6DAB73A8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA]                                 [6DAB76C2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW]                               [6DAB77B2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW]                           [6DAB66B5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA]                                  [6DAB796A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA]                                  [6DAB87B2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW]                                  [6DAB79C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW]                                  [6DAB880D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCombineW]                                 [6DAB660E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress]                              [6DAA82E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress]                              [6DAA82E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress]                              [6DAA82E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress]                              [6DAA82E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress]                             [6DAA82E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress]                               [6DAA82E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[564] @ C:\Windows\system32\IPHLPAPI.DLL [KERNEL32.dll!GetProcAddress]                             [6DAA82E6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

jaxdacool1 · June 22, 2009, 11:11pm

---- Devices - GMER 1.0.15 ----

Device                                                        8520F1F8
Device                                                        Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device                                                        B45551F8
Device                                                        udfs.sys (UDF File System Driver/Microsoft Corporation)
Device          \Driver\sptd \Device\2391631334               spjv.sys
Device          \Driver\volmgr \Device\VolMgrControl          8487C1F8
Device          \Driver\usbuhci \Device\USBPDO-0              862201F8
Device          \Driver\usbuhci \Device\USBPDO-1              862201F8
Device          \Driver\usbuhci \Device\USBPDO-2              862201F8
Device          \Driver\usbuhci \Device\USBPDO-3              862201F8
Device          \Driver\usbehci \Device\USBPDO-4              862551F8

AttachedDevice \Driver\tdx \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device          \Driver\volmgr \Device\HarddiskVolume1        8487C1F8
Device          \Driver\volmgr \Device\HarddiskVolume2        8487C1F8
Device          \Driver\cdrom \Device\CdRom0                  863D5498
Device          \Driver\cdrom \Device\CdRom1                  863D5498
Device          \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0   8520D1F8
Device          \Driver\atapi \Device\Ide\IdePort0            8520D1F8
Device          \Driver\atapi \Device\Ide\IdePort1            8520D1F8
Device          \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1   8520D1F8
Device          \Driver\volmgr \Device\HarddiskVolume3        8487C1F8
Device          \Driver\netbt \Device\NetBt_Wins_Export       87EC91F8
Device          \Driver\netbt \Device\NetBT_Tcpip_{39AC9E9C-FEF0-448E-9382-D7A44A682AD7}     87EC91F8
Device          \Driver\Smb \Device\NetbiosSmb                                               87EB11F8
Device          \Driver\PCI_PNP5318 \Device\0000004d                                         spjv.sys
Device          \Driver\netbt \Device\NetBT_Tcpip_{137CAF29-491A-4829-81B8-3A3202B9672C}     87EC91F8
Device          \Driver\iScsiPrt \Device\RaidPort0                                           8634C1F8

AttachedDevice \Driver\tdx \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device          \Driver\usbuhci \Device\USBFDO-0              862201F8
Device          \Driver\usbuhci \Device\USBFDO-1              862201F8
Device          \Driver\usbuhci \Device\USBFDO-2              862201F8
Device          \Driver\usbuhci \Device\USBFDO-3              862201F8
Device          \Driver\usbehci \Device\USBFDO-4              862551F8
Device          \Driver\azamf4ic \Device\Scsi\azamf4ic1       863DB1F8
Device          \Driver\azamf4ic \Device\Scsi\azamf4ic1Port3Path0Target0Lun0     863DB1F8
Device          \FileSystem\cdfs \Cdfs                                           93FCA1F8

jaxdacool1 · June 22, 2009, 11:14pm

---- Services - GMER 1.0.15 ----

Service C:\Windows\system32\drivers\MSIVXvdfvyeqqnnqvoebtirqdlpmwybtnajna.sys (*** hidden *** ) [SYSTEM] MSIVXserv.sys <-- ROOTKIT !!!

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys
Reg             HKLM\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys@start                     1
Reg             HKLM\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys@type                      1
Reg             HKLM\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys@imagepath                 \systemroot\system32\drivers\MSIVXvdfvyeqqnnqvoebtirqdlpmwybtnajna.sys
Reg             HKLM\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys@group                     file system
Reg             HKLM\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys\modules
Reg             HKLM\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys\modules@MSIVXserv         \\?\globalroot\systemroot\system32\drivers\MSIVXvdfvyeqqnnqvoebtirqdlpmwybtnajna.sys
Reg             HKLM\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys\modules@MSIVXl            \\?\globalroot\systemroot\system32\MSIVXcxqscryjwtbrgngidvgieqbbxsrhxdpq.dll
Reg             HKLM\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys\modules@MSIVXclk          \\?\globalroot\systemroot\system32\MSIVXttvmxcpssrxxrdpvefpifpvlyiwiryso.dll
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                             771343423
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                             285507792
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0                             2
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0         C:\Program Files\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0         1
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12      0x32 0xA5 0x67 0x5D ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0    0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12   0x91 0xC5 0x74 0x19 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12   0x2D 0x54 0xA0 0x41 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                    0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                 0x6F 0x51 0xC5 0xD6 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh        0x07 0x82 0x46 0xA3 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x3A 0x81 0x58 0x89 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x65 0x1D 0x44 0xB6 ...

jaxdacool1 · June 22, 2009, 11:17pm

Reg             HKLM\SYSTEM\ControlSet003\Services\MSIVXserv.sys
Reg             HKLM\SYSTEM\ControlSet003\Services\MSIVXserv.sys@start                1
Reg             HKLM\SYSTEM\ControlSet003\Services\MSIVXserv.sys@type                 1
Reg             HKLM\SYSTEM\ControlSet003\Services\MSIVXserv.sys@imagepath            \systemroot\system32\drivers\MSIVXvdfvyeqqnnqvoebtirqdlpmwybtnajna.sys
Reg             HKLM\SYSTEM\ControlSet003\Services\MSIVXserv.sys@group                file system
Reg             HKLM\SYSTEM\ControlSet003\Services\MSIVXserv.sys\modules
Reg             HKLM\SYSTEM\ControlSet003\Services\MSIVXserv.sys\modules@MSIVXserv    \\?\globalroot\systemroot\system32\drivers\MSIVXvdfvyeqqnnqvoebtirqdlpmwybtnajna.sys
Reg             HKLM\SYSTEM\ControlSet003\Services\MSIVXserv.sys\modules@MSIVXl       \\?\globalroot\systemroot\system32\MSIVXcxqscryjwtbrgngidvgieqbbxsrhxdpq.dll
Reg             HKLM\SYSTEM\ControlSet003\Services\MSIVXserv.sys\modules@MSIVXclk     \\?\globalroot\systemroot\system32\MSIVXttvmxcpssrxxrdpvefpifpvlyiwiryso.dll
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0      C:\Program Files\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0      1
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12   0x32 0xA5 0x67 0x5D ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0   0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12    0x91 0xC5 0x74 0x19 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12    0x64 0x9E 0x13 0x82 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                     0
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                  0x6F 0x51 0xC5 0xD6 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh         0x07 0x82 0x46 0xA3 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh   0x3A 0x81 0x58 0x89 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh   0x65 0x1D 0x44 0xB6 ...
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F39B6DC4-7940-9A91-F3AB-4FD2C051E8B3}
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F39B6DC4-7940-9A91-F3AB-4FD2C051E8B3}@jaofijahekpehginoggb              0x66 0x61 0x62 0x63 ...
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F39B6DC4-7940-9A91-F3AB-4FD2C051E8B3}@pagebhfcncjcabkeedfmoipkcbikjgah 0x65 0x61 0x62 0x63 ...
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F39B6DC4-7940-9A91-F3AB-4FD2C051E8B3}@haofijahekpehgin                  0x6E 0x62 0x62 0x63 ...

---- Files - GMER 1.0.15 ----

File            C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LCF0LZVS\MSIVXSERV.SYS[1].htm                             5516 bytes
File            C:\Windows\System32\drivers\MSIVXvdfvyeqqnnqvoebtirqdlpmwybtnajna.sys                                                                             77824 bytes executable                                                                                                    <-- ROOTKIT !!!
File            C:\Windows\System32\MSIVXcount                                                                                                                    4 bytes
File            C:\Windows\System32\MSIVXcxqscryjwtbrgngidvgieqbbxsrhxdpq.dll                                                                                     25600 bytes executable
File            C:\Windows\System32\MSIVXttvmxcpssrxxrdpvefpifpvlyiwiryso.dll                                                                                     54272 bytes executable

---- EOF - GMER 1.0.15 ----

That was the end of the log... sorry for all those posts, but it had to be done.

delphinium · June 22, 2009, 11:44pm

No problem with the logs Jaxdacool. Very nice job. You do indeed have an MSIVX rootkit infection. Quads will put together a script to enable it to be removed, when he is back online. In the meantime, you can prepare by downloading Avenger. DO NOT do anything with it. Very bad things can happen.

http://swandog46.geekstogo.com/avenger2/avenger2.html

jaxdacool1 · June 23, 2009, 2:02am

Thank you delphinium and Quads for working my case,

well about the avenger, there is something I failed to say earlier and that is that I while I was researching about MSIVXserv, when I came across the Norton community I read a couple of posts which were very similar and so I chose to download avenger for myself and I ran one of the older scripts which Quads had written for another user. I don't know if that made the case worse or better... but as I did that, the very next second avenger did run the script and asked me to reboot. As I did that, the computer had also erased some vital reg keys, but fortunately the Vista has an automatic startup helper which saved my behind that day by replacing all the missing drivers and reg keys... phew! And here I am using that very same computer again. Sorry that I didnt mention this earlier :mansad:

delphinium · June 23, 2009, 2:23am

That's all right Jaxdacool1:

The problem with rootkits is that they can change file names, save backups of themselves, and have many different variants of the same rootkit. That is why using someone else's script did not work properly. Avenger has to be very carefully told exactly what to take. We are bound to run into the occasional do-it-yourselfer once in a while. :smileywink:

It looks like no harm done, which is a good thing.

Quads should be along shortly. We run into time zone problems on this forum.

Could it be an infection?

Announcements