[Resolvido]Analisem meu log por favor!

[Orlando Júnior]

PC com sinais de vírus, gostaria que analisassem meu log

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:13:56, on 18/12/2009

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18865)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Júnior\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [LosAlamos] rundll32.exe C:\Windows\system32\sshnas.dll,NvTaskbarInit

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O8 - Extra context menu item: Baixar Link Utiizando Gerenciador Mega... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O20 - Winlogon Notify: GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--

End of file - 5640 bytes

[killer ™]

Faça o download do Malwarebytes Anti-Malware

http://www.besttechie.net/mbam/mbam-setup.exe

• Faça a instalação dando um duplo clique em mbam-setup.exe.
• Marque Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware, e clique em Concluir.
• Marque Verificação Completa e depois clique em Verificar.
• Quando o scan terminar, clique em Ok e em Mostrar Resultados para ver o log.
• Se algo for detectado, veja se tudo está marcado e clique em Remover.
• O log é automaticamente gravado e pode ser consultado clicando em Logs do menu principal do programa.
• Copie e cole o conteúdo desse log na sua próxima resposta.

Poste também um novo Log do Hijackthis.

[Orlando Júnior]

Como solicitado acima, seguem os dois logs:

Malwarebytes' Anti-Malware 1.42

Versão do banco de dados: 3386

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18865

18/12/2009 17:40:17

mbam-log-2009-12-18 (17-40-17).txt

Tipo de Verificação: Completa (C:\|D:\|)

Objetos verificados: 242572

Tempo decorrido: 50 minute(s), 36 second(s)

Processos da Memória infectados: 0

Módulos de Memória Infectados: 0

Chaves do Registro infectadas: 1

Valores do Registro infectados: 0

Ítens do Registro infectados: 0

Pastas infectadas: 0

Arquivos infectados: 6

Processos da Memória infectados:

(Nenhum ítem malicioso foi detectado)

Módulos de Memória Infectados:

(Nenhum ítem malicioso foi detectado)

Chaves do Registro infectadas:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.

Valores do Registro infectados:

(Nenhum ítem malicioso foi detectado)

Ítens do Registro infectados:

(Nenhum ítem malicioso foi detectado)

Pastas infectadas:

(Nenhum ítem malicioso foi detectado)

Arquivos infectados:

C:\Program Files\NFSU 2\Keys\rld-nu2k.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Users\Júnior\AppData\Local\Temp\a.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\Users\Júnior\AppData\Local\Temp\b.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\Users\Júnior\AppData\Local\Temp\c.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\Users\Júnior\AppData\Local\Temp\d.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\Users\Júnior\AppData\Local\Temp\sshnas.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.

--------------------------

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:41:31, on 18/12/2009

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18865)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Users\Júnior\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [LosAlamos] rundll32.exe C:\Windows\system32\sshnas.dll,NvTaskbarInit

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O8 - Extra context menu item: Baixar Link Utiizando Gerenciador Mega... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O20 - Winlogon Notify: GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--

End of file - 5796 bytes

[killer ™]

Configure seu windows para mostrar todos os arquivos ocultos

- Acesse o site http://www.virustotal.com e envie o(s) arquivo(s) abaixo para analize.

C:\Windows\system32\sshnas.dll

Informe atravez da URL( link ) o resultado.

Editado Dezembro 18, 2009 por killer ™

[Orlando Júnior]

Olá, o arquivo sshnas.dll foi removido, o avast me inofrmou sobre vírus e eu sem perceber que era um arquivo .dll pedi para apagá-lo.

Será que tem alguma maneira de fazê-lo voltar??? Ou ele não é tão essencial para o Windows??

Aguardo resposta!

[killer ™]

É um malware, eu so queria comprovar.

Poste um novo log do HJT

[Orlando Júnior]

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:26:36, on 20/12/2009

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18865)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\IELowutil.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Users\Júnior\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [LosAlamos] rundll32.exe C:\Windows\system32\sshnas.dll,NvTaskbarInit

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O8 - Extra context menu item: Baixar Link Utiizando Gerenciador Mega... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O20 - Winlogon Notify: GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--

End of file - 5603 bytes

[killer ™]

Leia atentamente toda a instrução abaixo antes de executar o programa.

Faça download do Kaspersky Removal Tool e salve em seu desktop.

• Instale o programa normalmente, seguindo todas as instruções.
• Uma pasta chamada Virus Removal Tool será criada no desktop.
• Na tela do programa clique nas opções:
  • Meu computador
  • Hidden Startup objects
  • Disk boot sectors
  • System Memory
• Clique no botão Start Scan.
• Seja paciente, o scan é demorado!
• Conforme for scaneando provavelmente abrirá algumas janelas pequenas ao lado do relógio, não clique em nada.
• Também há uma possibilidade de abrir uma janela maior contendo as seguintes opções:
  • Desinfection (quando possível)
  • Delete
  • Skip
• Quando aparecer, marque primero a opção abaixo Apply to all objects e depois clique numa das opções acima.
• Após completar tudo, clique no botão Reports, na janela que abrir nas opções acima deixe:
  • Autoscan
  • Group by result
  • All Events
• Expanda Autoscan clicando no sinal ao lado de +
• Expanda Result: Detected.
• Clique com o botão direito do mouse e escolha Select all, e depois escolha Copy.
• Atenção, ao fazer isso parece que o PC travou, mas não, aguarde uns minutos para liberar a memória.
• Abra o Bloco de Notas e cole (ctrl + v)
• Dê um nome para o arquivo e salve numa pasta de sua preferência.
• Feche o resultado clicando no botão Exit.
• Ao fazer isso será questionado se quer desinstalar a ferramenta, clique em Sim.
• Reinicie o computador quando for pedido.
• Poste o conteúdo desse arquivo em sua próxima resposta.

OBSERVAÇÃO1: Atente para as janelas durante o scan elas possuem cores diferentes dependendo do risco. Portanto,

• verde: baixo risco
• amarelo: médio risco
• vermelho: alto risco

Antes de tomar qualquer medida verifique com cuidado o caminho/nome do arquivo para ver é de seu conhecimento, caso seja clique em Skip.

OBSERVAÇÃO2: Se no resultado final do scan apenas tiver Result: OK, não precisa gerar um relatório, apenas informe deste.

OBSERVAÇÃO3: Durante o scan pode ser que o Kaspersky acuse a seguinte pasta com vírus: c:\QooBox. Caso isto aconteça escolha a opção Skip, pois a mesma pertence ao ComboFix e será removida quando o mesmo for desinstalado.

[Orlando Júnior]

Olá boa tarde, segui o procedimento acima, mas não foi encontrado nada, result vazio.

[killer ™]

Faça o download e um scan com o SUPERAntiSpyware Gratuito para usuários domésticos

• Duplo clique em SUPERAntiSpyware.exe e utilize as configurações padrão para instalação.

• Um ícone será criado em sua área de trabalho. Duplo clique neste ícone para inicializar o programa.

• Se o programa perguntar se deseja atualizá-lo, clique "Yes". Do contrário, atualize as definições antes de realizar o scan, faça isso selecionando "Check for Updates". (Se você encontrar algum problema enquanto o programa está atualizando, faça o download manualmente e descompacte os arquivos contidos aqui.)

• Em"Configuration and Preferences", clique no botão Preferences.

• Clique na aba Scanning Control.

• EmScanner Options certifique-se de que as opções seguintes estão selecionadas (deixe todas as outras fora da seleção):
  • Close browsers before scanning.
  • Scan for tracking cookies.
  • Terminate memory threats before quarantining.
• Clique no botão"Close" para sair da tela do Control Center.

• De volta à tela principal, em "Scan for Harmful Software" clique em Scan your computer.

• Do lado esquerdo, certifique-se de selecionar C:\Fixed Drive.

• Do lado direito, em "Complete Scan", escolha Perform Complete Scan.

• Clique "Next" para iniciar o scan. Por favor seja paciente enquanto o scan é feito em seu computador.

• Depois que o scan terminar, uma caixa com o resumo do scan (Scan Summary) irá abrir-se com itens potencialmente perigosos detectados. Clique "OK".

• Certifique-se de que todos os itens encontrados estejam selecionado e clique em "Next".

• Uma notificação será aberta,"Quarantine and Removal is Complete". Clique "OK" em seguida clique no botão "Finish" para retornar ao menu principal.

• Se o programa pedir para reinciar o computador, clique "Yes".

• Para rever as informações sobre a remoção após reinciar a máquina, execute o SUPERAntispyware novamente.
  • Clique em Preferences, então clique na aba Statistics/Logs.
  • Em Scanner Logs, duplo clique em SUPERAntiSpyware Scan Log.
  • Se houver muitos logs, clique no log da data mais atual e selecione View log. Um arquivo de texto irá abrir em seu editor de textos padrão.
  • Por favor copie e cole o log que contém o resultado do scan na sua próxima resposta.
• Clique Close para sair do programa.

[Orlando Júnior]

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

Generated 12/26/2009 at 09:20 PM

Application Version : 4.32.1000

Core Rules Database Version : 4411

Trace Rules Database Version: 2243

Scan type : Complete Scan

Total Scan Time : 01:08:06

Memory items scanned : 559

Memory threats detected : 0

Registry items scanned : 8092

Registry threats detected : 0

File items scanned : 94026

File threats detected : 10

Adware.Tracking Cookie

C:\Users\Júnior\AppData\Roaming\Microsoft\Windows\Cookies\júnior@bs.serving-sys[1].txt

C:\Users\Júnior\AppData\Roaming\Microsoft\Windows\Cookies\júnior@ad.adnetwork.com[1].txt

C:\Users\Júnior\AppData\Roaming\Microsoft\Windows\Cookies\júnior@sexuploader[1].txt

C:\Users\Júnior\AppData\Roaming\Microsoft\Windows\Cookies\júnior@serving-sys[2].txt

C:\Users\Júnior\AppData\Roaming\Microsoft\Windows\Cookies\júnior@questionmarket[2].txt

C:\Users\Júnior\AppData\Roaming\Microsoft\Windows\Cookies\júnior@doubleclick[2].txt

C:\Users\Júnior\AppData\Roaming\Microsoft\Windows\Cookies\júnior@atdmt[1].txt

C:\Users\Júnior\AppData\Roaming\Microsoft\Windows\Cookies\júnior@ads.ad4game[1].txt

C:\Users\Júnior\AppData\Roaming\Microsoft\Windows\Cookies\júnior@megaporn[2].txt

C:\Users\Júnior\AppData\Roaming\Microsoft\Windows\Cookies\júnior@msnportal.112.2o7[1].txt

[killer ™]

Faça o download do Gmer:

http://www.gmer.net/gmer.zip

Após o download, extraia o arquivo para uma pasta de fácil acesso, em seguida rode o programa.

No programa, clique em Scan, e espere até o final da varredura.

Ao final, clique em Copy, e em seguida abra o NOTEPAD Ou Bloco de Notas, e aperte CTRL + V, salve o arquivo com qualquer nome, em seguida poste-o na sua proxima mensagem

[Orlando Júnior]

GMER 1.0.15.15281 - http://www.gmer.net

Rootkit scan 2009-12-27 18:46:43

Windows 6.0.6002 Service Pack 2

Running: gmer.exe; Driver: C:\Users\JNIOR~1\AppData\Local\Temp\ufryipod.sys

---- Kernel code sections - GMER 1.0.15 ----

.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8DE08340, 0x3FA057, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Windows\system32\services.exe[736] kernel32.dll!FreeLibrary 75E63DB4 5 Bytes JMP 1007AC50 C:\Program Files\GbPlugin\gbieh.dll (Gbieh Module/Banco do Brasil)

.text C:\Windows\system32\services.exe[736] kernel32.dll!FreeLibraryAndExitThread 75E64642 5 Bytes JMP 1007AAF0 C:\Program Files\GbPlugin\gbieh.dll (Gbieh Module/Banco do Brasil)

.text C:\Program Files\Internet Explorer\iexplore.exe[5040] USER32.dll!CreateWindowExW 76EF1305 5 Bytes JMP 6F53D684 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5040] USER32.dll!DialogBoxParamW 76F110B0 5 Bytes JMP 6F46541D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5040] USER32.dll!DialogBoxIndirectParamW 76F12EF5 5 Bytes JMP 6F6343FF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5040] USER32.dll!DialogBoxParamA 76F28152 5 Bytes JMP 6F63439C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5040] USER32.dll!DialogBoxIndirectParamA 76F2847D 5 Bytes JMP 6F634462 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5040] USER32.dll!MessageBoxIndirectA 76F3D4D9 5 Bytes JMP 6F634331 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5040] USER32.dll!MessageBoxIndirectW 76F3D5D3 5 Bytes JMP 6F6342C6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5040] USER32.dll!MessageBoxExA 76F3D639 5 Bytes JMP 6F634264 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5040] USER32.dll!MessageBoxExW 76F3D65D 5 Bytes JMP 6F634202 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!CreateDialogParamW 76EE72A2 5 Bytes JMP 6F53DA10 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!GetAsyncKeyState 76EE863C 5 Bytes JMP 6F4590DB C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!SetWindowsHookExW 76EE87AD 5 Bytes JMP 6F5397FD C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!CallNextHookEx 76EE8E3B 5 Bytes JMP 6F52CE81 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!UnhookWindowsHookEx 76EE98DB 5 Bytes JMP 6F4A4620 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!EnableWindow 76EECD8B 5 Bytes JMP 6F53D89D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!CreateWindowExW 76EF1305 5 Bytes JMP 6F53D684 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!GetKeyState 76EF8CB1 5 Bytes JMP 6F53CE4B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!IsDialogMessageW 76F00745 5 Bytes JMP 6F46592F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!CreateDialogParamA 76F017AA 5 Bytes JMP 6F635084 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!IsDialogMessage 76F01847 5 Bytes JMP 6F634920 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!CreateDialogIndirectParamA 76F026F1 5 Bytes JMP 6F6350BB C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!CreateDialogIndirectParamW 76F09A62 5 Bytes JMP 6F6350F2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!SetKeyboardState 76F10987 5 Bytes JMP 6F634C8F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!DialogBoxParamW 76F110B0 5 Bytes JMP 6F46541D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!DialogBoxIndirectParamW 76F12EF5 5 Bytes JMP 6F6343FF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!SendInput 76F12F75 5 Bytes JMP 6F63584B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!EndDialog 76F1326E 5 Bytes JMP 6F467DD6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!SetCursorPos 76F26FB2 5 Bytes JMP 6F63589F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!DialogBoxParamA 76F28152 5 Bytes JMP 6F63439C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!DialogBoxIndirectParamA 76F2847D 5 Bytes JMP 6F634462 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!MessageBoxIndirectA 76F3D4D9 5 Bytes JMP 6F634331 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!MessageBoxIndirectW 76F3D5D3 5 Bytes JMP 6F6342C6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!MessageBoxExA 76F3D639 5 Bytes JMP 6F634264 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!MessageBoxExW 76F3D65D 5 Bytes JMP 6F634202 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] USER32.dll!keybd_event 76F3D972 5 Bytes JMP 6F635BCF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] SHELL32.dll!SHRestricted + D95 760D8988 4 Bytes [4D, 30, 89, 70]

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] SHELL32.dll!SHRestricted + D9D 760D8990 8 Bytes [57, 2F, 89, 70, 9C, 5B, 88, ...]

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] ole32.dll!OleLoadFromStream 77581E12 5 Bytes JMP 6F634780 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[5204] ole32.dll!CoCreateInstance 775B9EA6 5 Bytes JMP 6F53D6E0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [708782F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [708782F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [70881AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7088007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [7087E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [70880994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [7087EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [7087A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [70881D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [70883ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [70882999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [70883035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7087FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [7087E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [7087DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7087FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [708782F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [7087D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [7088FBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegEnumValueW] [7089051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [7088EB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] [7088F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] [7088EF31] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [7088E5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCloseKey] [7088ED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7088007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7087FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [7087E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [708782F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7087FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [7087E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [70881AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [7087EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindClose] [70883ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileA] [70882CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileA] [70882926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileW] [70883035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileW] [70882999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesA] [7087BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryA] [7088173F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesA] [7087BFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryA] [70880F0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryA] [708814E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileA] [7087ED1B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesW] [7087BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryW] [70881D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesW] [7087C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryW] [7088103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileW] [7087EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileW] [70880994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryW] [70881614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileA] [70880921] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [708782F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [7087FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [7087A073] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [7087A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileA] [7087E717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileW] [7087E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] [7087FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7087FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [70880C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [7087DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [7087D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [7087D361] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [7087EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7088007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [7087C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [7087E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [70883035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [70882999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [70881AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [7087BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [7087BFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [7087E717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [70882CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [70882926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [70883ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [708823A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [7087BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7087FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [708782F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!WinHelpW] [7087FAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!WinHelpA] [7087F973] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCloseKey] [7088ED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [7088E43D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyA] [7088EDE8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyA] [7088F9B7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [7088E9C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [7088E5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [7088EB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExW] [7089020D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] [7088F4DB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] [7088EF31] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyW] [7088FBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] [7088F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueW] [7089051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyW] [7088FF19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExA] [70890085] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueA] [70890395] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyA] [7088FDAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] [7088F677] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [7087CFA8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW] [70882999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [70880C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [7087D22A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [7087D9DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [7087DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [7087EB68] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetCurrentDirectoryW] [70881D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [7087E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [7087CAA7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7088007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [7087A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [70880994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW] [70883035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindClose] [70883ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [7087C709] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesA] [7087BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SearchPathW] [70881AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [7087CD20] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [7087D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!RemoveDirectoryW] [70881614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateDirectoryW] [7088103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [7087EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [7087C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesW] [7087BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [708809B9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameW] [7087C848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7087FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [7087E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesExW] [7087C368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7087FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetLongPathNameW] [7087C5D8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!LoadImageW] [7087F0D0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!WinHelpW] [7087FAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!PrivateExtractIconsW] [7087F5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathCreateFromUrlW] [708865DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!AssocQueryStringByKeyW] [7088620B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHCreateStreamOnFileW] [70887595] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!AssocQueryKeyW] [708860AE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!AssocQueryStringW] [7088615B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHDeleteKeyA] [708875E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathCombineW] [70886533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHOpenRegStream2W] [7088799A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsDirectoryW] [7088684F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsURLW] [70886E45] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsRootA] [70886AFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsRootW] [70886B47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathStripToRootW] [70887281] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathFindOnPathW] [70886716] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathStripPathW] [708871ED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathRemoveArgsW] [70887021] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetBoolUSValueW] [70887FBE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathSkipRootW] [70887159] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsDirectoryEmptyW] [708868E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsSystemFolderW] [70886BE2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsDirectoryA] [70886803] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathRelativePathToW] [70886F81] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathBuildRootA] [708863A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetPathW] [708880BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegSetPathW] [70888513] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetUSValueW] [70888176] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHQueryValueExW] [70887BA4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHRegGetValueW] [70888235] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsNetworkPathW] [7088697F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsUNCServerShareW] [70886DAD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsUNCServerW] [70886D15] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathUnExpandEnvStringsW] [7088731F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathMakeSystemFolderW] [70886EDD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsUNCW] [70886C7D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathIsRelativeW] [70886AAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHGetValueW] [708878EA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathBuildRootW] [708863F4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHDeleteValueW] [708876D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHSetValueW] [70888732] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHEnumKeyExW] [7088777E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHEnumValueW] [70887831] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!PathFileExistsW] [7088667B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [sHLWAPI.dll!SHDeleteKeyW] [70887636] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [7087BB38] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindClose] [70883ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindFirstFileW] [70883035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7088007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SearchPathW] [70881AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [7087A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [7087EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetShortPathNameW] [7087C848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [7087C368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [7087E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7087FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [7087BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7087FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [708782F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [708782F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHRegGetValueW] [70888235] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHRegGetValueA] [708881D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathUnExpandEnvStringsA] [708872CD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHDeleteKeyA] [708875E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHDeleteValueW] [708876D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathCreateFromUrlW] [708865DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHGetValueA] [7088788F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHSetValueA] [708886D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHGetValueW] [708878EA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHSetValueW] [70888732] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathCombineW] [70886533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [708782F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [708782F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] [708782F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [708782F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [708782F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[5204] @ C:\Windows\system32\IPHLPAPI.DLL [KERNEL32.dll!GetProcAddress] [708782F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dinâmico/Microsoft Corporation)

AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- EOF - GMER 1.0.15 ----

[killer ™]

Baixe o ComboFix e salve no desktop.

Nota: Por favor, Não utilize o ComboFix por conta própria. O uso incorreto poderá danificar o seu computador. A ferramenta apenas deve ser utilizada sob supervisão de Analistas de remoção de malware.

• Feche todas as janelas e programas e desabilite seu programa antivirus e antispyware.
• Dê um duplo-clique no ComboFix.exe
• Será solicitada a instalação do Console de Recuperação, clique em Sim para iniciar o download, siga
• normalmente as instruções do programa.
• Ao final, clique em Sim para continuar a verificação.
• Quando solicitado tecle "1" em seguida Enter para prosseguir o Fix. Vai durar uma média de 10 minutos.
• O ComboFix poderá reiniciar o PC automaticamente para completar o processo de remoção.

Quando acabar, será gerado um log, que vai estar em C:\ComboFix.txt.

Atenção:

Não clique na Janela do ComboFix, nem o feche clicando no X, enquanto estiver rodando, pois senão irá parar e seu desktop ficará em branco.

Para parar ou sair do ComboFix, tecle "2" e Enter.

Depois gere um novo log com o HijackThis e poste, juntamente com o ComboFix.txt.

[Orlando Júnior]

[killer ™]

Configure seu windows para mostrar todos os arquivos ocultos

- Acesse o site http://www.virustotal.com e envie o(s) arquivo(s) abaixo para analize.

c:\windows\system32\ieUnatt.exe

Informe atravez da URL( link ) o resultado.

[Orlando Júnior]

http://www.virustotal.com/pt/analisis/1fe2...b24b-1261342838

[killer ™]

- Vá em Iniciar > Executar > digite Combofix /u e aguarde a remoção do mesmo.

- Versões antigas do Java, têm vulnerabilidades que alguns malwares podem usar para infectar seu sistema. Verifique se o seu sistema tem a última versão instalada:

Baixe > JavaRa

Dê um duplo-clique no JavaRa.exe. Depois clique em Search For Updates. Selecione a opção Update Using jucheck.exe. Clique então no botão Search.

Se estiver atualizado, receberá um aviso de que tem a última versão. Caso contrário, aguarde a nova versão do Java ser baixada e instalada. Depois clique no botão Remove Older Versions para que as versões antigas que existirem no PC sejam desinstaladas.

- Recomendo uma manutenção no computador para exclusão dos arquivos temporários, desnecessários e entradas inválidas no registro. Faça o download do CCleaner:

• Clique em Salvar e quando terminado o download, faça a instalação;
• Abra o programa e clique em Executar Limpeza;
• Após isto, clique em Registro > Procurar erros > Corrigir erros selecionados

- Clique em Iniciar -> Configurações -> Painel de Controle -> Abra o item Sistema.

Clique na guia Restauração do Sistema -> Marque Desativar restauração do sistemas em todas as unidades -> Em seguida clique em Aplicar. Após aplicado, desmarque a caixa Desativar restauração do sistemas em todas as unidades e clique novamente em Aplicar depois Ok.

[Orlando Júnior]

Caro Killer, eu não sei o motivo, mas o comando de remover o combofix não está fazendo o que deveria.

Quando executo o comando combofix /u ele simplesmente executa o combofix fazendo uma varredura no sistema.

Por isso ainda não baixei o Javara, aguardo uma instrução de como proceder...

[killer ™]

Copie e cole o codigo abaixo no executar [ Iniciar > Executar ]

Combofix /uninstall

Clique em Ok e veja se funciona.

[Orlando Júnior]

OK, tudo pronto, Combofix desinstalado, JavaRa executado e os procedimentos do CCleaner também executados...

[MLeandroJr!]

Caso Resolvido.

Caso o autor queira a reabertura do tópico, envie uma MP com o link para um moderador da seção.